OVAL Definitions - Source: Mitre

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to... oval:org.mitre.oval:def:9948 Vulnerability unix
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or pos... oval:org.mitre.oval:def:14555 Vulnerability windows
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implem... oval:org.mitre.oval:def:10972 Vulnerability unix
The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified... oval:org.mitre.oval:def:14299 Vulnerability windows
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL... oval:org.mitre.oval:def:10940 Vulnerability unix
The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when... oval:org.mitre.oval:def:11143 Vulnerability unix
The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by runni... oval:org.mitre.oval:def:9390 Vulnerability unix
The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer befo... oval:org.mitre.oval:def:11358 Vulnerability unix
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest ope... oval:org.mitre.oval:def:10486 Vulnerability unix
The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local ... oval:org.mitre.oval:def:10615 Vulnerability unix
The vwr_read function in wiretap/vwr.c in Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate ... oval:org.mitre.oval:def:16886 Vulnerability windows
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state val... oval:org.mitre.oval:def:9868 Vulnerability unix
The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlo... oval:org.mitre.oval:def:9655 Vulnerability unix
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (cra... oval:org.mitre.oval:def:10269 Vulnerability unix
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize th... oval:org.mitre.oval:def:11185 Vulnerability unix
The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service ... oval:org.mitre.oval:def:16042 Vulnerability windows
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (... oval:org.mitre.oval:def:16354 Vulnerability windows
The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird... oval:org.mitre.oval:def:17000 Vulnerability windows
The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assis... oval:org.mitre.oval:def:16542 Vulnerability windows
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and Se... oval:org.mitre.oval:def:24017 Vulnerability windows
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly h... oval:org.mitre.oval:def:9153 Vulnerability unix
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allo... oval:org.mitre.oval:def:13930 Vulnerability windows
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, ... oval:org.mitre.oval:def:11166 Vulnerability unix
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Po... oval:org.mitre.oval:def:14398 Vulnerability windows
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execu... oval:org.mitre.oval:def:23759 Vulnerability windows
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, an... oval:org.mitre.oval:def:24209 Vulnerability windows
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chro... oval:org.mitre.oval:def:18401 Vulnerability windows
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows ... oval:org.mitre.oval:def:13912 Vulnerability windows
The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrar... oval:org.mitre.oval:def:14207 Vulnerability windows
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows r... oval:org.mitre.oval:def:14302 Vulnerability windows

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html