CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

953 matches found

Debian CVE•added 2012/11/28 1:0 a.m.•31 views

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

6.8CVSS9.9AI score0.02065EPSS

Exploits1

Cvelist•added 2012/11/28 1:0 a.m.•27 views

CVE-2012-5134

9.8AI score0.02065EPSS

Exploits1References22

UbuntuCve•added 2012/11/27 12:0 a.m.•34 views

CVE-2012-5134

6.8CVSS7.7AI score0.02065EPSS

Exploits1References5

NVD•added 2012/09/19 10:57 a.m.•13 views

CVE-2012-2578

Multiple cross-site scripting XSS vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a JavaScript alert function used in conjunction with the fromCharCode method, 2 a SCRIPT element, 3 a Cascading Style Sheets CSS...

4.3CVSS5.8AI score0.00342EPSS

Exploits1References1

Prion•added 2012/09/19 10:57 a.m.•10 views

Cross site scripting

4.3CVSS6AI score0.00342EPSS

Exploits1References1Affected Software1

Cvelist•added 2012/09/19 10:0 a.m.•26 views

CVE-2012-2578

5.8AI score0.00342EPSS

Exploits1References1

Prion•added 2012/08/12 9:55 p.m.•15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted SRC attribute of an IFRAME element, 3 a crafted CONTENT attribute of an...

4.3CVSS6AI score0.00359EPSS

Exploits2References1Affected Software1

Cvelist•added 2012/08/12 9:0 p.m.•23 views

CVE-2012-2590

5.7AI score0.00359EPSS

Exploits2References1

Prion•added 2012/08/12 5:55 p.m.•15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 the Cascading Style Sheets CSS expression property in conjunction with a CSS comment within the STYLE attribute of an IMG...

4.3CVSS6AI score0.00401EPSS

Exploits1References4Affected Software1

Cvelist•added 2012/08/12 5:0 p.m.•25 views

CVE-2012-2584

5.8AI score0.00401EPSS

Exploits1References4

Tenable Nessus•added 2012/08/01 12:0 a.m.•35 views

Scientific Linux Security Update : firefox on SL5.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203 A flaw was...

10CVSS9AI score0.42703EPSS

Exploits7References12

Tenable Nessus•added 2012/08/01 12:0 a.m.•35 views

Scientific Linux Security Update : firefox on SL4.x i386/x86_64

10CVSS8.9AI score0.42703EPSS

Exploits7References12

Packet Storm•added 2012/07/31 12:0 a.m.•41 views

DataWatch Monarch Business Intelligence (BI) 5.1 Blind XPath Injection

DataWatch Monarch BI v5.1 admin section blind XPath injection Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: DataWatch Monarch BI v5.1 DataWatch's Monarch BI admin section is prone to a blind XPath...

0.2AI score

Exploits0

Tenable Nessus•added 2012/07/10 12:0 a.m.•33 views

GLSA-201207-02 : libxml2: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201207-02 libxml2: User-assisted execution of arbitrary code The 'xmlXPtrEvalXPtrPart' function in xpointer.c contains an off-by-one error. Impact : A remote attacker could entice a user or automated system to open a specially...

6.8CVSS8.7AI score0.01986EPSS

Exploits0References2

Tenable Nessus•added 2012/03/06 12:0 a.m.•24 views

GLSA-201203-04 : libxml2: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201203-04 libxml2: Denial of Service libxml2 does not properly randomize hash functions to protect against hash collision attacks. Impact : A remote attacker could entice a user or automated system to open a specially crafted XML...

5CVSS8.2AI score0.00449EPSS

Exploits0References2

NVD•added 2011/12/16 11:55 a.m.•14 views

CVE-2011-4755

Parallels Plesk Small Business Panel 10.2.0 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service parsing error or possibly have unspecified other impact via a crafted cookie, as demonstrated by cookies t...

10CVSS7.5AI score0.01918EPSS

Exploits0References2

NVD•added 2011/12/16 11:55 a.m.•11 views

CVE-2011-4727

The Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service parsing error or possibly have unspecified other impact via a crafte...

10CVSS7.5AI score0.01918EPSS

Exploits0References2

Prion•added 2011/12/16 11:55 a.m.•14 views

Design/Logic Flaw

10CVSS8.1AI score0.01918EPSS

Exploits0References2Affected Software1

Prion•added 2011/12/16 11:55 a.m.•12 views

Code injection

10CVSS8.1AI score0.01918EPSS

Exploits0References2Affected Software1

Cvelist•added 2011/12/16 11:0 a.m.•19 views

CVE-2011-4727