OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack... oval:org.mitre.oval:def:9913 Vulnerability unix
** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if re... oval:org.mitre.oval:def:11670 Vulnerability unix
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CV... oval:org.mitre.oval:def:8888 Vulnerability unix
.NET Framework Unmanaged Objects Vulnerability oval:org.mitre.oval:def:13972 Vulnerability windows
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow lo... oval:org.mitre.oval:def:9330 Vulnerability unix
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, a... oval:org.mitre.oval:def:11384 Vulnerability unix
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows att... oval:org.mitre.oval:def:11245 Vulnerability unix
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat ... oval:org.mitre.oval:def:9862 Vulnerability unix
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL... oval:org.mitre.oval:def:9738 Vulnerability unix
A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrapp... oval:org.mitre.oval:def:10638 Vulnerability unix
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which a... oval:org.mitre.oval:def:9556 Vulnerability unix
A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remo... oval:org.mitre.oval:def:11167 Vulnerability unix
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, wh... oval:org.mitre.oval:def:10555 Vulnerability unix
A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local user... oval:org.mitre.oval:def:8687 Vulnerability unix
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remot... oval:org.mitre.oval:def:10366 Vulnerability unix
A denial of service caused via an animated PNG image in Opera before 10.61. oval:org.mitre.oval:def:11933 Vulnerability windows
A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attack... oval:org.mitre.oval:def:16864 Vulnerability windows
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one pa... oval:org.mitre.oval:def:10633 Vulnerability unix
A regression error in Mozilla Firefox 2.x before and 1.x before, and SeaMonkey 1.1 before 1.1.1 and 1.0... oval:org.mitre.oval:def:9749 Vulnerability unix
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows lo... oval:org.mitre.oval:def:9456 Vulnerability unix
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linu... oval:org.mitre.oval:def:11410 Vulnerability unix
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly exec... oval:org.mitre.oval:def:11202 Vulnerability unix
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of... oval:org.mitre.oval:def:10764 Vulnerability unix
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.... oval:org.mitre.oval:def:9202 Vulnerability unix
Access ActiveX Control Vulnerability oval:org.mitre.oval:def:11907 Vulnerability windows
ACCWIZ.dll Uninitialized Variable Vulnerability oval:org.mitre.oval:def:11756 Vulnerability windows
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connec... oval:org.mitre.oval:def:9955 Vulnerability unix
Address Corruption Vulnerability in Hyper-V (CVE-2013-3898) - MS13-092 oval:org.mitre.oval:def:18851 Vulnerability windows
Adobe Flash Player before on Windows, Mac OS X, Linux, and Solaris and before on Android, and Adob... oval:org.mitre.oval:def:16030 Vulnerability macos
Adobe Flash Player Invalid Pointer Vulnerability oval:org.mitre.oval:def:16261 Vulnerability macos
Total number of results : 4265
Page : 1 (This Page) 2 3 4 5 6 7 8 9 10 11 12 21 31 41 51 61 71 81 91 101 111 121 131 141

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html