Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Low
Apache Tomcat Local bypass of security manger file permissions
12.02.2011
Tomcat security team
High
Ghostscript 8.64 executes random code at startup
22.07.2010
ne01026
Low
Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing Vulnerability
23.12.2008
irk4z
High
Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit
20.07.2008
RMx - Liz0zim
High
Unauthorized reading confirmation from Outlook
07.07.2008
Augusto Paes de Barros
CVEMAP Search Results
CVE
Details
Description
2014-06-14
Medium
CVE-2014-0186
Vendor:
Redhat
Software:
Enterprise linux
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression.
2014-04-27
Medium
CVE-2011-3603
Vendor:
Litech
Software:
Router adver...
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
2014-02-17
Medium
CVE-2014-0627
Vendor:
EMC
Software:
Rsa bsafe ssl-j
The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state.
Medium
CVE-2014-0626
Vendor:
EMC
Software:
Rsa bsafe ssl-j
The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated.
Medium
CVE-2014-0625
Vendor:
EMC
Software:
Rsa bsafe ssl-j
The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered.
2014-02-06
High
CVE-2013-6486
Vendor:
Pidgin
Software:
Pidgin
gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.
2014-01-27
Low
CVE-2014-1604
Vendor:
Python
Software:
RPLY
The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file with a predictable name.
2014-01-17
Low
CVE-2014-1208
Vendor:
Vmware
Software:
Fusion
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port.
2013-12-24
Low
CVE-2012-6617
Vendor:
Ffmpeg
Software:
Ffmpeg
The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.
2013-12-14
Low
CVE-2013-4520
Vendor:
Xmlsoft
Software:
Libxslt
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.
Copyright
2024
, cxsecurity.com
Back to Top
