Advisories
Vulnerability Database
PoC
Viruses
Research Lab

CERT Coordination Center

10 February

CVE-2012-0834

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and ea ...

CVE-2012-0452

Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, ...

CVE-2012-0840

tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash v ...

CVE-2012-0831

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive dur ...

CVE-2011-4534

ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denia ...

CVE-2011-4533

zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a den ...

CVE-2011-4039

Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Repor ...

CVE-2011-4038

Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 an ...

CVE-2012-1046

Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remot ...

08 February

CVE-2011-3972

The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to ...

Óâåäîìëåíèÿ 1 - 28 of 73
First | Prev. | 1 2 3 4 | Next | Last 

Adobe Reader browser plug-in cross domain violation

An attacker may be able to obtain sensitive data from a user that visits a web site hosting a PDF document.

08 january, 2007

Apple QuickTime and iTunes RTSP buffer overflow

A vulnerability exists in the way Apple QuickTime handles specially crafted Real Time Streaming Protocol (RTSP) URL strings.

08 january, 2007

Mozilla Updates for Multiple Vulnerabilities

Several vulnerabilities have been reported in the Mozilla web browser and derived products.

11 november, 2006

Oracle Updates for Multiple Vulnerabilities

Oracle has released patch to address numerous vulnerabilities in different Oracle products.

20 october, 2006

Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability

The Microsoft Windows WebViewFolderIcon ActiveX control contains an integer overflow vulnerability that could allow a remote attacker to execute arbitrary code.

28 september, 2006

Microsoft Internet Explorer VML Buffer Overflow (Update)

Microsoft Internet Explorer (IE) fails to properly handle Vector Markup Language (VML) tags.

27 september, 2006

Symantec Scan Engine fails to properly perform

10 may, 2006

PAM-MySQL 0.6.2 and 0.7pre3 fix double free vulnerability

10 february, 2006

Oracle Products Contain Multiple Vulnerabilities

19 january, 2006

VMware NAT Service vulnerable to buffer overflow via FTP PORT/EPRT commands

06 january, 2006

US-CERT Technical Cyber Security Alert TA05-312A -- Microsoft Windows Image Processing Vulnerabilities

09 november, 2005

US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities

20 october, 2005

US-CERT Technical Cyber Security Alert TA05-291A -- Snort Back Orifice Preprocessor Buffer Overflow

19 october, 2005

DFN-CERT Advisory -- Vulnerability in Enigmail

13 september, 2005

TA05-229A Apple Mac Products are Affected by Multiple Vulnerabilities

19 august, 2005

TA05-221A: Microsoft Windows and Internet Explorer Vulnerabilities

09 august, 2005

TA05-193A Microsoft Windows, Internet Explorer, and Word Vulnerabilities

12 july, 2005

TA05-189A Targeted Trojan Email Attacks

08 july, 2005

TA05-180A VERITAS Backup Exec Software is actively being exploited

29 june, 2005

TA05-165A: Microsoft Windows and Internet Explorer Vulnerabilities

14 june, 2005

TA05-136A:Apple Mac OS X is affected by multiple vulnerabilities

16 may, 2005

TA05-117A Oracle Products Contain Multiple Vulnerabilities

27 april, 2005

TA05-102A: Multiple Vulnerabilities in Microsoft Windows Components

12 april, 2005

Multiple Vulnerabilities in Microsoft Windows Components

12 february, 2005

TA05-026A: Multiple Denial-of-Service Vulnerabilities in Cisco IOS

27 january, 2005

TA05-012A: Multiple Vulnerabilities in Microsoft Windows Icon and Cursor Processing

13 january, 2005

US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP

21 april, 2004

CA-2003-27: Ìíîæåñòâåííûå óÿçâèìîñòè â Microsoft Windows è Exchange

17 october, 2003

Óâåäîìëåíèÿ 1 - 28 of 73
First | Prev. | 1 2 3 4 | Next | Last

Search
National Vulnerability Database

CVE-2012-0834

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php.

10 february, 2012

CVE-2012-0452

Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trig ...

10 february, 2012

CVE-2012-0840

tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CP ...

10 february, 2012

CVE-2012-0831

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to m ...

10 february, 2012

CVE-2011-4534

ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Numb ...

10 february, 2012

CVE-2011-4533

zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted packet to TCP port 50777, aka Reference Number 25240.

10 february, 2012

CVE-2011-4039

Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access vi ...

10 february, 2012

CVE-2011-4038

Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via uns ...

10 february, 2012

CVE-2012-1046

Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0696.

10 february, 2012

CVE-2011-3972

The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

08 february, 2012

ÐîÑ

MS12-004 midiOutPlayNextPolyEvent Heap Overflow Exploit

Target: Microsoft Windows Media
Impact: Code execution

ActFax Server FTP RETR Remote Buffer Overflow Exploit

Target: ActFax Server 4.27 Build 0223 and previous versions
Impact: Arbitrary commands execution

ActFax Server (LPD/LPR) Remote Buffer Overflow Exploit

Target: ActFax Server 4.27 Build 0223 and previous versions
Impact: Arbitrary commands execution

AdvertismentAbout ProjectContact UsCopyrightExportRSSMy SettingsMap