CWE:
 

Topic
Date
Author
High
ASUS RT-AC66U Remote Root Shell Exploit - acsd param command
28.07.2013
Jacob Holcomb/Gimppy a...
High
Adobe ColdFusion 9 / 10 Remote Root
08.05.2013
HTP
High
Cisco Security Agent Web Management Interface Bug Lets Remote Users Execute Arbitrary Code
14.04.2011
Gerry Eisenhaur
High
Sun Java Applet2ClassLoader Remote Code Execution Exploit
18.03.2011
metasploit
High
RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server
18.03.2011
EMC Product Security R...
High
FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit
11.03.2011
zx2c4
High
Citrix Access Gateway Command Execution
07.03.2011
metasploit
High
HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
15.01.2011
HP
Med.
Palm webOS Camera Application, Unauthorized WriteAccess
03.11.2010
HP
Med.
Palm webOS, Code execution vulnerability in Palm webOSservice API
03.11.2010
HP
High
Palm webOS, webOS Doc Viewer, Execution of ArbitraryCode
03.11.2010
HP
High
HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Unauthorized Access
03.11.2010
HP
High
Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)
03.11.2010
unknown
High
Firefox Interleaving document.write and appendChild Denial of Service
03.11.2010
Daniel Veditz
High
HP ProCurve Access Points, Access Controllers, andMobility Controllers, Privilege Escalation
20.10.2010
HP Software Security R...
Low
RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision&#174; versions prior to 3.7 SP
11.08.2010
EMC Product Security R...
High
Micrologix 1100 and 1400 controllers multiple vulnerabilities
18.01.2010
Eyal Udassin from C4
Low
Android Denial Of Service Issues
16.10.2009
Andrea Barisani
High
Siemens Gigaset SE361 Wlan - Remote Reboot
24.09.2009
crashbrz
Low
Exploiting Chrome and Opera\'s inbuilt ATOM/RSS reader with Script Execution and more
22.09.2009
Inferno
High
Accellion File Transfer - SPAM Engine Vulnerabilities
24.08.2009
Eric BEAULIEU
Low
Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector)
24.08.2009
quakerdoomer
High
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
22.10.2008
Federico L. Bossi Boni...
Med.
Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
17.09.2008
Jeremy Brown
Low
DiskCryptor Security Model bypass exploiting wrong BIOS API usage
05.09.2008
iViZ Security Advisori...
High
HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV
04.09.2008
HP Software Security R...
Med.
IE 5.22 on Mac Transmitting HTTP Referer from Secure Page
18.07.2008
Thor Larholm


CVEMAP Search Results

CVE
Details
Description
2018-05-17
High
CVE-2018-7218

Vendor: Citrix
Software: Application ...
 

 
The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors.

 
2018-04-18
High
CVE-2015-9216

Vendor: Qualcomm
Software: Mdm9206 firmware
 

 
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, improper handling of simultaneous interrupt in USB module during USB RESET and EP COMPLETE.

 
Medium
CVE-2015-9217

Vendor: Qualcomm
Software: Msm8909w fir...
 

 
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, certain malformed HVEC clips could cause an assertion to fail.

 
High
CVE-2016-10424

Vendor: Qualcomm
Software: Mdm9206 firmware
 

 
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 820A, SD 835, SD 845, and SD 850, upgrading LibPNG from 1.6.12 to 1.6.21 fixes multiple issues with different CWEs.

 
High
CVE-2016-10471

Vendor: Qualcomm
Software: Sd 425 firmware
 

 
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, an unsigned RTIC health report susceptible to tampering by malware executing in the context of the HLOS may be requested.

 
High
CVE-2018-2718

Vendor: Oracle
Software: Solaris
 

 
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2018-2758

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2018-2759

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2018-2761

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2018-2762

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

 

 


Copyright 2018, cxsecurity.com

 

Back to Top