Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Low
Apache Tomcat Local bypass of security manger file permissions
12.02.2011
Tomcat security team
High
Ghostscript 8.64 executes random code at startup
22.07.2010
ne01026
Low
Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing Vulnerability
23.12.2008
irk4z
High
Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit
20.07.2008
RMx - Liz0zim
High
Unauthorized reading confirmation from Outlook
07.07.2008
Augusto Paes de Barros
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2014-06-14
Medium
CVE-2014-0186
Vendor:
Redhat
Software:
Enterprise linux
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression.
2014-04-27
Medium
CVE-2011-3603
Vendor:
Litech
Software:
Router adver...
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
2014-02-17
Medium
CVE-2014-0627
Vendor:
EMC
Software:
Rsa bsafe ssl-j
The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state.
Medium
CVE-2014-0626
Vendor:
EMC
Software:
Rsa bsafe ssl-j
The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated.
Medium
CVE-2014-0625
Vendor:
EMC
Software:
Rsa bsafe ssl-j
The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered.
2014-02-06
High
CVE-2013-6486
Vendor:
Pidgin
Software:
Pidgin
gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.
2014-01-27
Low
CVE-2014-1604
Vendor:
Python
Software:
RPLY
The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file with a predictable name.
2014-01-17
Low
CVE-2014-1208
Vendor:
Vmware
Software:
Fusion
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port.
2013-12-24
Low
CVE-2012-6617
Vendor:
Ffmpeg
Software:
Ffmpeg
The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.
2013-12-14
Low
CVE-2013-4520
Vendor:
Xmlsoft
Software:
Libxslt
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.
Copyright
2024
, cxsecurity.com
Back to Top