Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security-framework vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2017-18588
An issue exists in the security-framework crate prior to 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates.
Security-framework Project Security-framework
NA
CVE-2023-42261
Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authent...
Opensecurity Mobile Security Framework 3.7.8
Opensecurity Mobile Security Framework
NA
CVE-2022-41547
Mobile Security Framework (MobSF) v0.9.2 and below exists to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows malicious users to read arbitrary files via a crafted HTTP request.
Opensecurity Mobile Security Framework
445
VMScore
CVE-2006-4407
The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote malicious users to decrypt traffic.
Apple Mac Os X 10.3.4
Apple Mac Os X 10.3.5
Apple Mac Os X 10.3
Apple Mac Os X 10.3.1
Apple Mac Os X 10.3.8
Apple Mac Os X 10.3.6
Apple Mac Os X 10.3.7
Apple Mac Os X 10.3.2
Apple Mac Os X 10.3.3
445
VMScore
CVE-2006-4409
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 up to and including 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.8
668
VMScore
CVE-2006-4410
The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x prior to 10.4.7, does not properly search certificate revocation lists (CRL), which allows remote malicious users to access systems by using revoked certificates.
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.6
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4.5
668
VMScore
CVE-2012-0662
Integer overflow in the Security Framework in Apple Mac OS X prior to 10.7.4 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.0
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.5
Apple Mac Os X 10.5
Apple Mac Os X 10.5.8
Apple Mac Os X 10.4.10
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4
Apple Mac Os X 10.4.7
Apple Mac Os X 10.3
Apple Mac Os X 10.3.0
Apple Mac Os X 10.3.7
Apple Mac Os X 10.2.5
Apple Mac Os X 10.2.6
Apple Mac Os X 10.2.7
Apple Mac Os X 10.1.1
Apple Mac Os X 10.1.4
Apple Mac Os X 10.7.2
Apple Mac Os X 10.6.8
Apple Mac Os X 10.6.3
Apple Mac Os X 10.6.1
935
VMScore
CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote malicious users to load unsafe classes and execute...
Hp Java Sdk-rte 1.3
Sun Jdk 1.3.1 02
Sun Jdk 1.3.1 03
Sun Jdk 1.3.1 06
Sun Jdk 1.4.0 02
Sun Jdk 1.4.0 03
Sun Jdk 1.4.1
Sun Jdk 1.4.1 03
Sun Jdk 1.4.2 03
Sun Jdk 1.4
Sun Jre 1.3.0
Sun Jre 1.3.1
Sun Jre 1.3.1 02
Sun Jre 1.3.1 05
Sun Jre 1.3.1 06
Sun Jre 1.3.1 09
Sun Jre 1.4.0 03
Sun Jre 1.4.1
Sun Jre 1.4.1 07
Sun Jre 1.4.2
Conectiva Linux 10.0
Sun Jdk 1.3.1 05
1 EDB exploit
481
VMScore
CVE-2016-3563
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-5604.
Oracle Enterprise Manager Base Platform 12.1.0.5
295
VMScore
CVE-2016-5604
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563.
Oracle Enterprise Manager Base Platform 12.1.0.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »