| Page(s) : 1 ... 176 177 178 179 180 181 182 183 184 185 [186] 187 188 189 190 191 192 193 194 195 196 ... | Result(s) : 8823 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.6 | 2015-10-01 | CVE-2015-7311 | cve | libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only... |
| 3.6 | 2015-09-28 | CVE-2015-6927 | cve | vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs cont... |
| 3.5 | 2015-09-28 | CVE-2015-7386 | cve | Multiple cross-site scripting (XSS) vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated us... |
| 3.5 | 2015-09-25 | CVE-2015-4541 | cve | Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecifie... |
| 3.5 | 2015-09-25 | CVE-2015-4540 | cve | Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users... |
| 2.6 | 2015-09-24 | CVE-2015-4508 | cve | Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site. |
| 2.6 | 2015-09-21 | CVE-2015-7304 | cve | Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HT... |
| 2.1 | 2015-09-18 | CVE-2015-7238 | cve | The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows loc... |
| 3.3 | 2015-09-18 | CVE-2015-5910 | cve | IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network. |
| 2.6 | 2015-09-18 | CVE-2015-5907 | cve | WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an inv... |
| 2.1 | 2015-09-18 | CVE-2015-5898 | cve | CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information... |
| 2.1 | 2015-09-18 | CVE-2015-5892 | cve | Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by ... |
| 3.3 | 2015-09-18 | CVE-2015-5869 | cve | The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit valu... |
| 2.1 | 2015-09-18 | CVE-2015-5863 | cve | IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via... |
| 2.1 | 2015-09-18 | CVE-2015-5861 | cve | SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors. |
| 2.1 | 2015-09-18 | CVE-2015-5851 | cve | The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext mul... |
| 2.1 | 2015-09-18 | CVE-2015-5850 | cve | AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup. |
| 2.1 | 2015-09-18 | CVE-2015-5842 | cve | XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via un... |
| 2.1 | 2015-09-18 | CVE-2015-5832 | cve | The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate att... |
| 2.6 | 2015-09-17 | CVE-2015-7232 | cve | Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows... |
| Page(s) : 1 ... 176 177 178 179 180 181 182 183 184 185 [186] 187 188 189 190 191 192 193 194 195 196 ... | Result(s) : 8823 |
