OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute a... oval:org.mitre.oval:def:10670 Vulnerability unix
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or ... oval:org.mitre.oval:def:10863 Vulnerability unix
PICT Image Converter Integer Overflow Vulnerability oval:org.mitre.oval:def:11967 Vulnerability windows
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain char... oval:org.mitre.oval:def:10131 Vulnerability unix
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain char... oval:org.mitre.oval:def:18050 Vulnerability windows
Pidgin 2.6.0 and prior allow to cause a denial of service via Yahoo IM. oval:org.mitre.oval:def:6167 Vulnerability windows
Pidgin 2.6.0 and prior does not follow the require TLS/SSL preference oval:org.mitre.oval:def:5757 Vulnerability windows
Pidgin before 2.6.2 allow denial of service via TOPIC message oval:org.mitre.oval:def:6435 Vulnerability windows
Pidgin before 2.6.2 allow denial of service via XHTML-IM content oval:org.mitre.oval:def:6434 Vulnerability windows
Pidgin before 2.6.2 allow denial of service via handwritten (aka Ink) message oval:org.mitre.oval:def:6338 Vulnerability windows
Pidgin before 2.6.2 allow denial of service via SLP invite message oval:org.mitre.oval:def:6322 Vulnerability windows
Pidgin before 2.5.9 allow denial of service via SLP (aka MSNSLP) messages oval:org.mitre.oval:def:6320 Vulnerability windows
PINE Buffer Overflow oval:org.mitre.oval:def:499 Vulnerability unix
pkgadd(1M) May Set Incorrect Permissions if The pkgmap(4) File Contains a "?" in The "Mode" Field oval:org.mitre.oval:def:2010 Vulnerability unix
Plug and Play (PnP) Configuration Manager Vulnerability oval:org.mitre.oval:def:15229 Vulnerability windows
Plug and Play User Data Validation Vulnerability (WinXP,SP2) oval:org.mitre.oval:def:1519 Vulnerability windows
Plug and Play User Data Validation Vulnerability (WinXP,SP1) oval:org.mitre.oval:def:1328 Vulnerability windows
Plug and Play User Data Validation Vulnerability (Windows 2000) oval:org.mitre.oval:def:1244 Vulnerability windows
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10... oval:org.mitre.oval:def:15527 Vulnerability windows
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converti... oval:org.mitre.oval:def:10135 Vulnerability unix
Pointer Dereference Vulnerability oval:org.mitre.oval:def:6285 Vulnerability windows
Pointer handling vulnerability in Microsoft Publisher - MS13-042 oval:org.mitre.oval:def:16765 Vulnerability windows
Pointer leakage vulnerability in Internet Explorer oval:org.mitre.oval:def:11606 Vulnerability windows
Pointer Reference Memory Corruption Vulnerability oval:org.mitre.oval:def:6007 Vulnerability windows
Poisoned Cup of Code Execution Vulnerability oval:org.mitre.oval:def:13032 Vulnerability windows
Popup blocker bypass in Opera before 10.60 via a javascript: URL and a "fake click." oval:org.mitre.oval:def:11157 Vulnerability windows
Port-Class Driver Double Fetch Vulnerability (CVE-2013-3907) - MS13-101 oval:org.mitre.oval:def:21033 Vulnerability windows
Portable Network Graphics Library Offset Calculation Vulnerability oval:org.mitre.oval:def:3657 Vulnerability unix
Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remo... oval:org.mitre.oval:def:10083 Vulnerability unix
Post Encoding Information Disclosure Vulnerability oval:org.mitre.oval:def:7840 Vulnerability windows

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html