| Page(s) : 1 ... 202 203 204 205 206 207 208 209 210 211 [212] 213 214 215 216 217 218 219 220 221 222 ... | Result(s) : 8823 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.5 | 2014-11-24 | CVE-2014-8349 | cve | Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise Edition (EE) 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML v... |
| 2.1 | 2014-11-24 | CVE-2014-7835 | cve | webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated us... |
| 3.5 | 2014-11-24 | CVE-2014-7830 | cve | Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before ... |
| 1.9 | 2014-11-19 | CVE-2014-8595 | cve | arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of serv... |
| 3.5 | 2014-11-19 | CVE-2014-7828 | cve | FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an... |
| 2.1 | 2014-11-18 | CVE-2014-4817 | cve | The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace fi... |
| 2.1 | 2014-11-18 | CVE-2014-7824 | cve | D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connectio... |
| 2.1 | 2014-11-18 | CVE-2014-4463 | cve | Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave ... |
| 2.1 | 2014-11-18 | CVE-2014-4460 | cve | CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for ... |
| 2.1 | 2014-11-18 | CVE-2014-4455 | cve | dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended co... |
| 2.1 | 2014-11-17 | CVE-2014-6110 | cve | IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions, which allows remote attackers to access sessions by leveraging an unattended work... |
| 2.1 | 2014-11-17 | CVE-2014-0059 | cve | JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obt... |
| 3.5 | 2014-11-16 | CVE-2014-0228 | cve | Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows re... |
| 2.1 | 2014-11-15 | CVE-2014-3209 | cve | The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file. |
| 3.3 | 2014-11-15 | CVE-2014-2667 | cve | Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to by... |
| 3.5 | 2014-11-13 | CVE-2014-7246 | cve | The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0 through 11.0.2, when deployed on a multi-server network, allows remote authentica... |
| 2.1 | 2014-11-13 | CVE-2014-8476 | cve | The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from ... |
| 2.1 | 2014-11-13 | CVE-2014-3602 | cve | Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp. |
| 3.5 | 2014-11-12 | CVE-2014-8734 | cve | The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module setti... |
| 2.1 | 2014-11-10 | CVE-2014-3645 | cve | arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial o... |
| Page(s) : 1 ... 202 203 204 205 206 207 208 209 210 211 [212] 213 214 215 216 217 218 219 220 221 222 ... | Result(s) : 8823 |
