| Page(s) : 1 ... 286 287 288 289 290 291 292 293 294 295 [296] 297 298 299 300 301 302 303 304 305 306 ... | Result(s) : 8831 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.3 | 2011-10-17 | CVE-2011-4060 | cve | The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from... |
| 2.1 | 2011-10-14 | CVE-2011-3435 | cve | Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors. |
| 2.1 | 2011-10-14 | CVE-2011-3431 | cve | The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sen... |
| 2.1 | 2011-10-14 | CVE-2011-3429 | cve | The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain... |
| 2.6 | 2011-10-14 | CVE-2011-3427 | cve | The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easi... |
| 2.1 | 2011-10-14 | CVE-2011-3257 | cve | The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass inte... |
| 2.6 | 2011-10-14 | CVE-2011-3253 | cve | CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive infor... |
| 2.1 | 2011-10-14 | CVE-2011-3245 | cve | The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attack... |
| 2.6 | 2011-10-14 | CVE-2011-3224 | cve | The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execu... |
| 2.6 | 2011-10-14 | CVE-2011-3218 | cve | The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-midd... |
| 2.1 | 2011-10-14 | CVE-2011-3216 | cve | The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete fi... |
| 2.1 | 2011-10-14 | CVE-2011-3215 | cve | The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended acces... |
| 2.1 | 2011-10-14 | CVE-2011-3212 | cve | CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate... |
| 2.6 | 2011-10-07 | CVE-2010-4883 | cve | Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter. |
| 2.1 | 2011-10-06 | CVE-2011-2190 | cve | The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determ... |
| 2.1 | 2011-10-04 | CVE-2011-3982 | cve | The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (sys... |
| 2.1 | 2011-10-04 | CVE-2011-1159 | cve | acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to caus... |
| 2.1 | 2011-10-04 | CVE-2000-1247 | cve | The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC pass... |
| 3.5 | 2011-10-04 | CVE-2011-3978 | cve | Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php in LightNEasy 3.2.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) com... |
| 2.6 | 2011-10-03 | CVE-2011-3975 | cve | A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLogge... |
| Page(s) : 1 ... 286 287 288 289 290 291 292 293 294 295 [296] 297 298 299 300 301 302 303 304 305 306 ... | Result(s) : 8831 |
