Browse

OVAL Objects OVAL Sources By Release Dates

OVAL Definitions

Windows Compliance Inventory Patches Vulnerabilities Unix/Linux Compliance Inventory Patches Vulnerabilities Red Hat Advisories Suse Linux Advisories IOS PixOS

OVAL Classes

Compliance Inventory Miscellaneous Patch Vulnerability

Other

Feedback About & Contact

OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack... oval:org.mitre.oval:def:9913 Vulnerability unix
** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if re... oval:org.mitre.oval:def:11670 Vulnerability unix
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CV... oval:org.mitre.oval:def:8888 Vulnerability unix
.NET Framework Unmanaged Objects Vulnerability oval:org.mitre.oval:def:13972 Vulnerability windows
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow lo... oval:org.mitre.oval:def:9330 Vulnerability unix
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, a... oval:org.mitre.oval:def:11384 Vulnerability unix
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows att... oval:org.mitre.oval:def:11245 Vulnerability unix
A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local user... oval:org.mitre.oval:def:8687 Vulnerability unix
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, wh... oval:org.mitre.oval:def:10555 Vulnerability unix
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat ... oval:org.mitre.oval:def:9862 Vulnerability unix
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL... oval:org.mitre.oval:def:9738 Vulnerability unix
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remot... oval:org.mitre.oval:def:10366 Vulnerability unix
A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remo... oval:org.mitre.oval:def:11167 Vulnerability unix
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which a... oval:org.mitre.oval:def:9556 Vulnerability unix
A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrapp... oval:org.mitre.oval:def:10638 Vulnerability unix
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linu... oval:org.mitre.oval:def:11410 Vulnerability unix
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one pa... oval:org.mitre.oval:def:10633 Vulnerability unix
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0... oval:org.mitre.oval:def:9749 Vulnerability unix
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows lo... oval:org.mitre.oval:def:9456 Vulnerability unix
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly exec... oval:org.mitre.oval:def:11202 Vulnerability unix
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of... oval:org.mitre.oval:def:10764 Vulnerability unix
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.... oval:org.mitre.oval:def:9202 Vulnerability unix
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connec... oval:org.mitre.oval:def:9955 Vulnerability unix
Adobe Flash Player allowScriptAccess protection bypass vulnerability oval:org.mitre.oval:def:709 Vulnerability windows
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote atta... oval:org.mitre.oval:def:9332 Vulnerability unix
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitra... oval:org.mitre.oval:def:15670 Vulnerability windows
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbi... oval:org.mitre.oval:def:16169 Vulnerability windows
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbi... oval:org.mitre.oval:def:15749 Vulnerability windows
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitra... oval:org.mitre.oval:def:16452 Vulnerability windows
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitra... oval:org.mitre.oval:def:16305 Vulnerability windows
Total number of results : 2399
Page : 1 (This Page) 2 3 4 5 6 7 8 9 10 11 12 21 31 41 51 61 71

OVAL Definitions By Referenced Objects

Windows

Linux

Unix

Solaris

AIX:

Other:

HP UX:

ESX:

IOS:

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html