CWE:
 

Topic
Date
Author
High
ASUS RT-AC66U Remote Root Shell Exploit - acsd param command
28.07.2013
Jacob Holcomb/Gimppy a...
High
Adobe ColdFusion 9 / 10 Remote Root
08.05.2013
HTP
High
Cisco Security Agent Web Management Interface Bug Lets Remote Users Execute Arbitrary Code
14.04.2011
Gerry Eisenhaur
High
Sun Java Applet2ClassLoader Remote Code Execution Exploit
18.03.2011
metasploit
High
RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server
18.03.2011
EMC Product Security R...
High
FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit
11.03.2011
zx2c4
High
Citrix Access Gateway Command Execution
07.03.2011
metasploit
High
HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
15.01.2011
HP
Med.
Palm webOS Camera Application, Unauthorized WriteAccess
03.11.2010
HP
Med.
Palm webOS, Code execution vulnerability in Palm webOSservice API
03.11.2010
HP
High
Palm webOS, webOS Doc Viewer, Execution of ArbitraryCode
03.11.2010
HP
High
HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Unauthorized Access
03.11.2010
HP
High
Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)
03.11.2010
unknown
High
Firefox Interleaving document.write and appendChild Denial of Service
03.11.2010
Daniel Veditz
High
HP ProCurve Access Points, Access Controllers, andMobility Controllers, Privilege Escalation
20.10.2010
HP Software Security R...
Low
RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision&#174; versions prior to 3.7 SP
11.08.2010
EMC Product Security R...
High
Micrologix 1100 and 1400 controllers multiple vulnerabilities
18.01.2010
Eyal Udassin from C4
Low
Android Denial Of Service Issues
16.10.2009
Andrea Barisani
High
Siemens Gigaset SE361 Wlan - Remote Reboot
24.09.2009
crashbrz
Low
Exploiting Chrome and Opera\'s inbuilt ATOM/RSS reader with Script Execution and more
22.09.2009
Inferno
High
Accellion File Transfer - SPAM Engine Vulnerabilities
24.08.2009
Eric BEAULIEU
Low
Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector)
24.08.2009
quakerdoomer
High
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
22.10.2008
Federico L. Bossi Boni...
Med.
Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
17.09.2008
Jeremy Brown
Low
DiskCryptor Security Model bypass exploiting wrong BIOS API usage
05.09.2008
iViZ Security Advisori...
High
HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV
04.09.2008
HP Software Security R...
Med.
IE 5.22 on Mac Transmitting HTTP Referer from Secure Page
18.07.2008
Thor Larholm


CVEMAP Search Results

CVE
Details
Description
2017-11-12
High
CVE-2017-13815

Vendor: Apple
Software: Mac os x
 

 
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

 
Medium
CVE-2017-13832

Vendor: Apple
Software: Mac os x
 

 
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.

 
High
CVE-2017-13846

Vendor: Apple
Software: Mac os x
 

 
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

 
2017-11-10
Medium
CVE-2017-16521

Updating...
 

 
In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used.

 
2017-10-31
Medium
CVE-2017-15535

Vendor: IBM
Software: Infosphere b...
 

 
MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory.

 
2017-10-26
Medium
CVE-2012-1622

Vendor: Apache
Software: Ofbiz
 

 
Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors.

 
2017-10-19
Medium
CVE-2017-10155

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2017-10227

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

 
Medium
CVE-2017-10276

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2017-10279

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

 

 


Copyright 2017, cxsecurity.com

 

Back to Top