desktop server vulnerabilities and exploits

(subscribe to this query)

5

CVSSv2

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote malicious users to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

Apache Http Server Redhat Enterprise Linux Desktop 3.0 Redhat Enterprise Linux Desktop 4.0 Redhat Enterprise Linux Server 4.0 Redhat Enterprise Linux Workstation 4.0 Redhat Enterprise Linux Workstation 3.0 Redhat Enterprise Linux Server 3.0 Debian Debian Linux 3.1

7.2

CVSSv2

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local malicious users to execute code as the user running supportconfig (usually root).

Suse Linux Enterprise Server 12 Suse Linux Enterprise Desktop 12 Suse Suse Linux Enterprise Server 12

9.3

CVSSv2

The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11.2 C2; Unicenter r11.1 through r11.2 C2; and Desktop and Server Management r11.1...

Computer Associates Desktop And Server Management R11.1 Computer Associates Desktop And Server Management R11.2 Computer Associates Unicenter Asset Management R11.1 Computer Associates Unicenter Asset Management R11.2 Computer Associates Unicenter Desktop Management Bundle R11.2c1 Computer Associates Unicenter Desktop Management Bundle R11.2c2 Computer Associates Unicenter Software Delivery R11.2 Computer Associates Unicenter Software Delivery R11.2a Computer Associates Desktop And Server Management R11.2a Computer Associates Unicenter Software Delivery R11.2c1 Computer Associates Desktop And Server Management R11.2c1 Computer Associates Desktop And Server Management R11.2c2 Computer Associates Unicenter Asset Management R11.2a Computer Associates Unicenter Asset Management R11.2c1 Computer Associates Unicenter Remote Control R11.1 Computer Associates Unicenter Remote Control R11.2 Computer Associates Unicenter Software Delivery R11.2c2 Computer Associates Arcserve Backup Laptops And Desktops R11.5 Computer Associates Desktop Management Suite R11.2c1 Computer Associates Desktop Management Suite R11.2c2 Computer Associates Unicenter Desktop Management Bundle R11.2 Computer Associates Unicenter Desktop Management Bundle R11.2a

3.5

CVSSv2

The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a legitimate user to inject scripts. If ...

7.5

CVSSv2

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6...

Iss Blackice Agent Server 3.6eca Iss Realsecure Guard 3.6ecb Iss Realsecure Network 7.0 Iss Realsecure Sentry 3.6ecf Iss Realsecure Desktop 3.6eca Iss Realsecure Desktop 3.6ecf Iss Realsecure Desktop 7.0ebg Iss Realsecure Desktop 7.0epk Iss Blackice Pc Protection 3.6cbd Iss Blackice Server Protection 3.6cbz Iss Realsecure Server Sensor 7.0 Iss Proventia A Series Xpu 20.15 Iss Proventia G Series Xpu 22.3 Iss Proventia M Series Xpu 1.30

10

CVSSv2

Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent. The DoS can be triggered by sending a specially crafted network packet.

Ivanti Desktop\\&server Management Ivanti Service Manager Heat Remote Control 7.4

4.3

CVSSv2

vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack

Redhat Enterprise Virtualization 3.0 Redhat Vdsclient -Redhat Virtual Desktop Server Manager -

6.9

CVSSv2

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel prior to 2.6.36.2 allow local users to cause a denial of service (he...

Linux Linux Kernel Suse Linux Enterprise Server 10 Suse Linux Enterprise Desktop 11 Suse Linux Enterprise Server 11 Suse Linux Enterprise Server 9 Opensuse Opensuse 11.2 Suse Linux Enterprise Desktop 10 Suse Linux Enterprise Software Development Kit 10

5

CVSSv2

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54.

Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Workstation 6.0 Redhat Enterprise Linux Workstation 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Desktop 6.0 Redhat Enterprise Linux Server 6.0 Mozilla Firefox

9.3

CVSSv2

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome prior to 5.0.375.70 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table.

Google Chrome Opensuse Opensuse 11.2 Opensuse Opensuse 11.3 Suse Suse Linux Enterprise Desktop 10 Suse Suse Linux Enterprise Desktop 11 Suse Suse Linux Enterprise Server 10 Suse Suse Linux Enterprise Server 11

Get Started

« PREV 1 2 3 4 5 6 7 8 9 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook