CWE:
 

Topic
Date
Author
Med.
HP Printers Wi-Fi Direct Improper Access Control
03.02.2017
Neseso
High
Motorola Bootloader Unlocking
16.04.2013
Dan Rosenberg
Low
Multiple Sourcefire Products Static Web SSL Keys Vulnerability
18.06.2010
ZDI Disclosures
High
Consona Products - Multiple vulnerabilities
23.05.2010
wintercore
High
Intel *45 *35 chipset - txt attack
26.12.2009
Joanna Rutkowska
Med.
Adobe Photoshop Elements 8.0 Active File Monitor Local Elevation Of Privileges
02.10.2009
nine:situations:group:...
High
Medium security hole in TekRADIUS
11.07.2009
Tim Brown
High
Univeral HTTP Image/File Upload ActiveX Remote File Deletion
09.04.2009
t0pP8uZz
High
Chipmunk Blog (Auth Bypass) Add Admin Exploit
05.02.2009
x0r
Med.
bug in OpenSSH (Still in FreeBSD-STABLE)
04.08.2008
Dag-Erling Smorgrav


CVEMAP Search Results

CVE
Details
Description
2014-10-10
Medium
CVE-2014-3394

Vendor: Cisco
Software: Adaptive sec...
 

 
The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916.

 
2014-06-21
Low
CVE-2014-3052

Vendor: IBM
Software: Security acc...
 

 
The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance.

 
2013-10-23
Medium
CVE-2013-5167

Vendor: Apple
Software: Mac os x
 

 
CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers.

 
2013-08-16
Medium
CVE-2013-4128

Vendor: Redhat
Software: Jboss enterp...
 

 
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.

 
2013-05-09
High
CVE-2013-1221

Vendor: Cisco
Software: Unified cust...
 

 
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384.

 
High
CVE-2013-1222

Vendor: Cisco
Software: Unified cust...
 

 
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbitrary custom web applications via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38379.

 
2013-04-05
Low
CVE-2013-0470

Vendor: IBM
Software: Netezza perf...
 

 
HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by listing image files.

 
2013-04-02
Low
CVE-2012-4546

Vendor: Redhat
Software: Enterprise linux
 

 
The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.

 
2013-03-19
Medium
CVE-2013-0224

Vendor: Video project
Software: Video
 

 
The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file.

 
2013-03-12
Medium
CVE-2011-1164

Vendor: David king
Software: VINO
 

 
Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.

 

 


Copyright 2017, cxsecurity.com