CWE:
 

Tytuł
Data
Autor
High
ASUS RT-AC66U Remote Root Shell Exploit - acsd param command
28.07.2013
Jacob Holcomb/Gimppy a...
High
Adobe ColdFusion 9 / 10 Remote Root
08.05.2013
HTP
High
Cisco Security Agent Web Management Interface Bug Lets Remote Users Execute Arbitrary Code
14.04.2011
Gerry Eisenhaur
High
Sun Java Applet2ClassLoader Remote Code Execution Exploit
18.03.2011
metasploit
High
RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server
18.03.2011
EMC Product Security R...
High
FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit
11.03.2011
zx2c4
High
Citrix Access Gateway Command Execution
07.03.2011
metasploit
High
HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
15.01.2011
HP
Med.
Palm webOS Camera Application, Unauthorized WriteAccess
03.11.2010
HP
Med.
Palm webOS, Code execution vulnerability in Palm webOSservice API
03.11.2010
HP
High
Palm webOS, webOS Doc Viewer, Execution of ArbitraryCode
03.11.2010
HP
High
HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Unauthorized Access
03.11.2010
HP
High
Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)
03.11.2010
unknown
High
Firefox Interleaving document.write and appendChild Denial of Service
03.11.2010
Daniel Veditz
High
HP ProCurve Access Points, Access Controllers, andMobility Controllers, Privilege Escalation
20.10.2010
HP Software Security R...
Low
RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision&#174; versions prior to 3.7 SP
11.08.2010
EMC Product Security R...
High
Micrologix 1100 and 1400 controllers multiple vulnerabilities
18.01.2010
Eyal Udassin from C4
Low
Android Denial Of Service Issues
16.10.2009
Andrea Barisani
High
Siemens Gigaset SE361 Wlan - Remote Reboot
24.09.2009
crashbrz
Low
Exploiting Chrome and Opera\'s inbuilt ATOM/RSS reader with Script Execution and more
22.09.2009
Inferno
High
Accellion File Transfer - SPAM Engine Vulnerabilities
24.08.2009
Eric BEAULIEU
Low
Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector)
24.08.2009
quakerdoomer
High
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
22.10.2008
Federico L. Bossi Boni...
Med.
Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
17.09.2008
Jeremy Brown
Low
DiskCryptor Security Model bypass exploiting wrong BIOS API usage
05.09.2008
iViZ Security Advisori...
High
HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV
04.09.2008
HP Software Security R...
Med.
IE 5.22 on Mac Transmitting HTTP Referer from Secure Page
18.07.2008
Thor Larholm


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-05-12
Medium
CVE-2022-29885

Vendor: Apache
Software: Tomcat
 

 
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.

 
Medium
CVE-2021-33077

Updating...
 

 
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

 
Low
CVE-2021-33074

Updating...
 

 
Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

 
Low
CVE-2021-0155

Updating...
 

 
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

 
2022-05-11
Low
CVE-2021-26348

Updating...
 

 
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.

 
Low
CVE-2021-26342

Updating...
 

 
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

 
Medium
CVE-2022-23743

Vendor: Checkpoint
Software: Zonealarm
 

 
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process.

 
2022-05-10
Medium
CVE-2021-46771

Updating...
 

 
Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.

 
Medium
CVE-2021-26408

Updating...
 

 
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.

 
Medium
CVE-2021-26332

Updating...
 

 
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top