| Page(s) : 1 ... 366 367 368 369 370 371 372 373 374 375 [376] 377 378 379 380 381 382 383 384 385 386 ... | Result(s) : 9857 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 2.6 | 2008-01-31 | VU#888209 | VU-CERT | Liferay Portal Forgot Password User-Agent HTTP header XSS |
| 2.1 | 2008-01-24 | CVE-2008-0441 | cve | IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external authentication, which triggers writing the password to SM_server.log; and (2) a... |
| 2.6 | 2008-01-24 | CVE-2008-0456 | cve | CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 an... |
| 2.6 | 2008-01-17 | CVE-2008-0334 | cve | Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PR... |
| 3.6 | 2008-01-15 | CVE-2008-0001 | cve | VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might a... |
| 2.6 | 2008-01-15 | CVE-2008-0266 | cve | Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administ... |
| 2.6 | 2008-01-15 | CVE-2008-0274 | cve | Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML... |
| 2.1 | 2008-01-15 | CVE-2008-0216 | cve | The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the... |
| 2.1 | 2008-01-10 | CVE-2007-6680 | cve | Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, relat... |
| 3.5 | 2008-01-09 | CVE-2007-5403 | cve | Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Sur... |
| 3.6 | 2008-01-09 | GLSA-200801-03 | Gentoo | Claws Mail: Insecure temporary file creation |
| 3.5 | 2008-01-08 | CVE-2007-6421 | cve | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web ... |
| 2.1 | 2007-12-31 | CVE-2007-6595 | cve | ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii... |
| 3.5 | 2007-12-20 | CVE-2007-6505 | cve | Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root... |
| 3.6 | 2007-12-19 | CVE-2007-5851 | cve | iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. |
| 3.3 | 2007-12-19 | CVE-2007-6441 | cve | The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some... |
| 2.1 | 2007-12-18 | CVE-2007-6434 | cve | Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk fu... |
| 3.5 | 2007-12-18 | SUN-103172 | Sun | Sun Alert 103172 Solaris 9 sshd(1M) Patches May Cause Incorrect Audit Data to be Logged |
| 2.1 | 2007-12-17 | CVE-2007-6389 | cve | The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V. |
| 2.1 | 2007-12-17 | CVE-2007-6418 | cve | The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by... |
| Page(s) : 1 ... 366 367 368 369 370 371 372 373 374 375 [376] 377 378 379 380 381 382 383 384 385 386 ... | Result(s) : 9857 |
