| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2014-2949 | 6.5 | SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2015-12-04 16:16:00 | 2014-06-18 16:55:00 |
| CVE-2012-3819 | 5.0 | Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP WebServer for ActiveX and other products, allows remote attackers to cause a denial of service (daemon crash) via a long request. | 2015-12-04 16:16:00 | 2012-10-04 11:11:00 |
| CVE-2015-0859 | 7.5 | The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokeping_cgi, which allows remote attackers to execute arbitra | 2015-12-04 15:15:00 | 2015-12-03 20:59:00 |
| CVE-2014-3323 | 4.0 | Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262. | 2015-12-03 18:45:00 | 2014-07-18 00:55:00 |
| CVE-2014-3307 | 6.8 | The DHCP client implementation in Universal Small Cell firmware on Cisco Small Cell products allows remote attackers to execute arbitrary commands via crafted DHCP messages, aka Bug ID CSCup47513. | 2015-12-03 18:38:00 | 2014-07-02 10:35:00 |
| CVE-2014-3298 | 4.0 | Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976. | 2015-12-03 18:38:00 | 2014-07-02 10:35:00 |
| CVE-2014-3297 | 4.0 | Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the content of MyServices action URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-serv | 2015-12-03 18:37:00 | 2014-07-02 10:35:00 |
| CVE-2015-5859 | 4.3 | The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by | 2015-11-30 19:50:00 | 2015-11-22 03:59:00 |
| CVE-2015-1453 | 5.0 | The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Sha | 2015-11-30 19:49:00 | 2015-02-02 16:59:00 |
| CVE-2015-1112 | 5.0 | Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and other platforms, does not properly delete browsing-history data from the history.plist file, which allows attackers to obtain sensitive information by re | 2015-11-30 19:48:00 | 2015-04-10 14:59:00 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/27382
Zapisa po stranici: