OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
Critical Patch Update April 2015 oval:org.mitre.oval:def:28881 Vulnerability unix
Critical Patch Update April 2015 oval:org.mitre.oval:def:28772 Vulnerability unix
Critical Patch Update April 2015 oval:org.mitre.oval:def:28901 Vulnerability unix
Critical Patch Update July 2015 oval:org.mitre.oval:def:29504 Vulnerability unix
Critical Patch Update July 2015 oval:org.mitre.oval:def:29486 Vulnerability unix
Critical Patch Update July 2015 oval:org.mitre.oval:def:29456 Vulnerability unix
Critical Patch Update July 2015 oval:org.mitre.oval:def:29314 Vulnerability unix
Critical Patch Update July 2015 oval:org.mitre.oval:def:29223 Vulnerability unix
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the err... oval:org.mitre.oval:def:9756 Vulnerability unix
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) chara... oval:org.mitre.oval:def:9317 Vulnerability unix
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands vi... oval:org.mitre.oval:def:11470 Vulnerability unix
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, ... oval:org.mitre.oval:def:11405 Vulnerability unix
CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the use... oval:org.mitre.oval:def:11154 Vulnerability unix
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attac... oval:org.mitre.oval:def:10951 Vulnerability unix
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attacker... oval:org.mitre.oval:def:10839 Vulnerability unix
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arb... oval:org.mitre.oval:def:10332 Vulnerability unix
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey befor... oval:org.mitre.oval:def:10195 Vulnerability unix
CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.... oval:org.mitre.oval:def:14401 Vulnerability windows
CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 throug... oval:org.mitre.oval:def:14909 Vulnerability windows
CRMF requests allow for code execution and XSS attacks oval:org.mitre.oval:def:18773 Vulnerability windows
crontab allows local users to gain privileges by launching an editor. oval:org.mitre.oval:def:5612 Vulnerability unix
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by ... oval:org.mitre.oval:def:11104 Vulnerability unix
Cross-Domain Information Disclosure Vulnerability (CVE-2010-0255) oval:org.mitre.oval:def:7145 Vulnerability windows
Cross-Domain Information Disclosure Vulnerability oval:org.mitre.oval:def:6278 Vulnerability windows
Cross-Domain Information Disclosure Vulnerability oval:org.mitre.oval:def:6928 Vulnerability windows
Cross-Domain Information Disclosure Vulnerability oval:org.mitre.oval:def:12055 Vulnerability windows
Cross-Domain Information Disclosure Vulnerability oval:org.mitre.oval:def:11447 Vulnerability windows
Cross-Domain Information Disclosure Vulnerability in Internet Explorer oval:org.mitre.oval:def:13299 Vulnerability windows
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the... oval:org.mitre.oval:def:9796 Vulnerability unix
Cross-site data leakage issue in Google Chrome version less than or equal to 4.1.249.1064 oval:org.mitre.oval:def:11757 Vulnerability windows

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html