| Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... | Result(s) : 36263 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 6.8 | 2014-04-17 | CVE-2014-0036 | cve | The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecifie... |
| 6.5 | 2014-04-17 | CVE-2013-2143 | cve | The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to... |
| 4.3 | 2014-04-17 | DSA-2908 | Debian | openssl security update |
| 6.8 | 2014-04-17 | RHSA-2014:0415 | RedHat | libyaml security update |
| 5 | 2014-04-17 | MDVSA-2014:079 | Mandriva | Updated json-c packages fix security vulnerabilities: Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which i... |
| 4.7 | 2014-04-16 | CVE-2014-0645 | cve | EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it ea... |
| 6.4 | 2014-04-16 | CVE-2014-2338 | cve | IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the ... |
| 4 | 2014-04-16 | CVE-2014-1453 | cve | The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authent... |
| 4.3 | 2014-04-16 | CVE-2011-4193 | cve | Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote at... |
| 4.6 | 2014-04-16 | CVE-2011-4089 | cve | The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute ... |
| 6.3 | 2014-04-16 | CVE-2011-0460 | cve | The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map. |
| 5 | 2014-04-15 | CVE-2014-2873 | cve | PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server informat... |
| 5 | 2014-04-15 | CVE-2014-2872 | cve | PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to obtain potentially sensitive information from a directory listing via unspecified vectors. |
| 5 | 2014-04-15 | CVE-2014-2871 | cve | PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote attackers to obtain sensitive infor... |
| 5 | 2014-04-15 | CVE-2014-2870 | cve | The default configuration of PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 uses cleartext for storage of credentials in a database, which makes it easier for context-de... |
| 5 | 2014-04-15 | CVE-2014-2869 | cve | PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to obtain sensitive information via requests to unspecified URIs, as demonstrated by pathname, SQL... |
| 6.5 | 2014-04-15 | CVE-2014-2862 | cve | PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not check authorization in unspecified situations, which allows remote authenticated users to perform actions via unk... |
| 4.3 | 2014-04-15 | CVE-2014-2861 | cve | Incomplete blacklist vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted ... |
| 4.3 | 2014-04-15 | CVE-2014-2860 | cve | Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a... |
| 5 | 2014-04-15 | CVE-2014-2858 | cve | Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via u... |
| Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... | Result(s) : 36263 |
