OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to d... oval:org.mitre.oval:def:10828 Vulnerability unix
nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection e... oval:org.mitre.oval:def:10539 Vulnerability unix
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey ... oval:org.mitre.oval:def:9642 Vulnerability unix
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7... oval:org.mitre.oval:def:11704 Vulnerability unix
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote at... oval:org.mitre.oval:def:9241 Vulnerability unix
NT4.0 Remote Registry Access Authentication Vulnerability oval:org.mitre.oval:def:1021 Vulnerability windows
NT4.0 SNMP Denial of Service oval:org.mitre.oval:def:952 Vulnerability windows
NtCreateTransactionManager type confusion vulnerability - CVE-2015-1643 (MS15-038) oval:org.mitre.oval:def:28831 Vulnerability windows
NTLM Authentication BO in Squid Web Proxy Cache oval:org.mitre.oval:def:980 Vulnerability unix
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_Verify... oval:org.mitre.oval:def:10035 Vulnerability unix
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability oval:org.mitre.oval:def:7076 Vulnerability unix
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and ba... oval:org.mitre.oval:def:11225 Vulnerability unix
Null Byte Information Disclosure Vulnerability oval:org.mitre.oval:def:14870 Vulnerability windows
Null Byte Information Disclosure Vulnerability (CVE-2012-1873) oval:org.mitre.oval:def:15026 Vulnerability windows
NULL byte injection vulnerability in PHP before 5.3.4 oval:org.mitre.oval:def:12569 Vulnerability windows
Null Cipher buffer overflow oval:org.mitre.oval:def:19731 Vulnerability windows
NULL pointer crash oval:org.mitre.oval:def:16888 Vulnerability unix
NULL pointer dereference vulnerability in Wireshark via crafted packet oval:org.mitre.oval:def:25534 Vulnerability windows
Null pointer vulnerability in Microsoft Silverlight - CVE-2013-3178, MS13-052 (Mac OS) oval:org.mitre.oval:def:16892 Vulnerability macos
Null pointer vulnerability in Microsoft Silverlight - MS13-052 oval:org.mitre.oval:def:17389 Vulnerability windows
Null Session Cookie Crash oval:org.mitre.oval:def:12799 Vulnerability windows
Null Truncation in X.509 Common Name Vulnerability oval:org.mitre.oval:def:5842 Vulnerability windows
Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates oval:org.mitre.oval:def:15225 Vulnerability windows
Object Management Memory Corruption Vulnerability oval:org.mitre.oval:def:12228 Vulnerability windows
Object Packager Dialogue Spoofing Vulnerability oval:org.mitre.oval:def:496 Vulnerability windows
Object Packager Insecure Executable Launching Vulnerability oval:org.mitre.oval:def:14393 Vulnerability windows
Object Parsing Vulnerability oval:org.mitre.oval:def:5494 Vulnerability windows
Object Record Corruption Vulnerability oval:org.mitre.oval:def:5564 Vulnerability windows
Object Spoofing using XBL <implements> Vulnerability oval:org.mitre.oval:def:1272 Vulnerability windows
Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows ... oval:org.mitre.oval:def:9583 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html