Page(s) : [1] 2 | Result(s) : 23 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
4.9 | 2015-08-31 | CVE-2014-9728 | cve | The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read an... |
4.9 | 2015-08-31 | CVE-2014-9729 | cve | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a de... |
4.9 | 2015-08-31 | CVE-2014-9730 | cve | The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of serv... |
4.9 | 2015-08-31 | CVE-2015-1333 | cve | Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via m... |
4.9 | 2015-08-31 | CVE-2015-3212 | cve | Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system cal... |
6.9 | 2015-08-31 | CVE-2015-3214 | cve | The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS us... |
4.9 | 2015-08-31 | CVE-2015-4700 | cve | The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a pac... |
5 | 2015-08-31 | CVE-2015-5366 | cve | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial... |
4.6 | 2015-08-31 | CVE-2015-5706 | cve | Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly h... |
5.8 | 2015-08-31 | CVE-2015-5717 | cve | The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv... |
5.8 | 2015-08-31 | CVE-2015-0943 | cve | Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encr... |
6.5 | 2015-08-31 | CVE-2015-6742 | cve | Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded password for the ANCO account, which allows remote authenticated users to bypass intended access restrictions b... |
6.5 | 2015-08-31 | CVE-2015-6743 | cve | Basware Banking (Maksuliikenne) 8.90.07.X uses a hardcoded password for an unspecified account, which allows remote authenticated users to bypass intended access restrictions by... |
4.3 | 2015-08-31 | CVE-2015-6744 | cve | Basware Banking (Maksuliikenne) before 8.90.07.X relies on the client to enforce (1) login verification, (2) audit trail creation, and (3) account locking, which allows remote a... |
4.6 | 2015-08-31 | CVE-2015-6745 | cve | Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from ... |
5 | 2015-08-31 | CVE-2015-6747 | cve | Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent access to private keys, which allows remote attackers to spoof communications with banks via unspecified vect... |
6.8 | 2015-08-31 | CVE-2014-2330 | cve | Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for reque... |
5.5 | 2015-08-31 | CVE-2014-2332 | cve | Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct O... |
4.3 | 2015-08-31 | CVE-2014-2570 | cve | Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter. |
4.3 | 2015-08-31 | CVE-2014-3148 | cve | Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a ... |
Page(s) : [1] 2 | Result(s) : 23 |