OVALdb logo

Professional OVAL Repository

Search Conditions:  Version: 30

Page 1 of 27 (1051 items)Prev1234567252627Next
Open filter row popup menu
Open filter row popup menu
Open filter row popup menu
oval:org.mitre.oval:def:3630Microsoft Windows NT is installedinventory
oval:org.mitre.oval:def:90630Microsoft Agent Security Prompt Spoofing Vulnerability (Server 2003)vulnerability
oval:org.mitre.oval:def:487330Microsoft Windows Vista (32-bit) Service Pack 1 is installedinventory
oval:org.mitre.oval:def:628130Microsoft Internet Explorer 7 printing DoS attack vulnerabilityvulnerability
oval:org.mitre.oval:def:611330Apple iTunes Filetype Remote Off-By-One Stack Buffer Overflow Vulnerabilityvulnerability
oval:org.mitre.oval:def:551930Microsoft Internet Explorer 6 and Internet Explorer 7 KEYGEN element vulnerabilityvulnerability
oval:org.mitre.oval:def:498730Microsoft .NET Framework v1.0 Security Bypassvulnerability
oval:org.mitre.oval:def:24630Network News Transfer Protocol Buffer Overflowvulnerability
oval:org.mitre.oval:def:167030CAPICOM.Certificates Vulnerabilityvulnerability
oval:org.mitre.oval:def:1187030Microsoft Forefront Unified Access Gateway 2010 Update 2inventory
oval:org.mitre.oval:def:1274930Active Directory Certificate Services Vulnerabilityvulnerability
oval:org.mitre.oval:def:1256630Microsoft Windows Human Interface Device (HID) driver is prone to security bypass vulnerability.vulnerability
oval:org.mitre.oval:def:1179130Python is installedinventory
oval:org.mitre.oval:def:1157430DEPRECATED: Microsoft Internet Explorer CSS Tags Remote Code Execution Vulnerabilityvulnerability
oval:org.mitre.oval:def:178430VML Buffer Overrun Vulnerabilityvulnerability
oval:org.mitre.oval:def:1577930XSS Vulnerability - MS12-061vulnerability
oval:org.mitre.oval:def:746830Help.aspx XSS Vulnerabilityvulnerability
oval:org.mitre.oval:def:724130Sharepoint Help Page Denial of Service Vulnerabilityvulnerability
oval:ru.altx-soft.win:def:1718430Уязвимость, связанная с использованием Internet Explorer после освобождения (CVE-2013-1303)vulnerability
oval:ru.altx-soft.win:def:1720030Уязвимость Internet Explorer, связанная с использованием removeChild после освобождения (CVE-2013-0094)vulnerability
oval:ru.altx-soft.win:def:1720130Уязвимость Internet Explorer, связанная с использованием onBeforeCopy после освобождения (CVE-2013-0093)vulnerability
oval:ru.altx-soft.win:def:1720230Уязвимость Internet Explorer, связанная с использованием GetMarkupPtr после освобождения (CVE-2013-0092)vulnerability
oval:ru.altx-soft.win:def:1720530Уязвимость Internet Explorer, связанная с использованием CMarkupBehaviorContext после освобождения (CVE-2013-0089)vulnerability
oval:ru.altx-soft.win:def:1720630Уязвимость Internet Explorer, связанная с использованием saveHistory после освобождения (CVE-2013-0088)vulnerability
oval:ru.altx-soft.win:def:1720730Уязвимость Internet Explorer, связанная с использованием OnResize после освобождения (CVE-2013-0087)vulnerability
oval:org.mitre.oval:def:999930Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.vulnerability
oval:org.mitre.oval:def:999630Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.vulnerability
oval:org.mitre.oval:def:999430Mozilla Thunderbird before and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that triggers access to an incorrect object type.vulnerability
oval:org.mitre.oval:def:999030The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.vulnerability
oval:org.mitre.oval:def:998430The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.vulnerability
oval:org.mitre.oval:def:998230Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."vulnerability
oval:org.mitre.oval:def:998130Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.vulnerability
oval:org.mitre.oval:def:997930Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.vulnerability
oval:org.mitre.oval:def:997330src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.vulnerability
oval:org.mitre.oval:def:997230Mozilla Firefox before and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser.vulnerability
oval:org.mitre.oval:def:996730Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.vulnerability
oval:org.mitre.oval:def:996430Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.vulnerability
oval:org.mitre.oval:def:996330Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.vulnerability
oval:org.mitre.oval:def:995930Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.vulnerability
oval:org.mitre.oval:def:995830Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.vulnerability
Page 1 of 27 (1051 items)Prev1234567252627Next

company ALTEX-SOFT 2008-2021, © AO ALTEX-SOFT , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.