Browse

OVAL Objects OVAL Sources By Release Dates

OVAL Definitions

Windows Compliance Inventory Patches Vulnerabilities Unix/Linux Compliance Inventory Patches Vulnerabilities Red Hat Advisories Suse Linux Advisories IOS PixOS

OVAL Classes

Compliance Inventory Miscellaneous Patch Vulnerability

Other

Feedback About & Contact

OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack... oval:org.mitre.oval:def:9913 Vulnerability unix
** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if re... oval:org.mitre.oval:def:11670 Vulnerability unix
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CV... oval:org.mitre.oval:def:8888 Vulnerability unix
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow lo... oval:org.mitre.oval:def:9330 Vulnerability unix
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, a... oval:org.mitre.oval:def:11384 Vulnerability unix
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows att... oval:org.mitre.oval:def:11245 Vulnerability unix
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, wh... oval:org.mitre.oval:def:10555 Vulnerability unix
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which a... oval:org.mitre.oval:def:9556 Vulnerability unix
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat ... oval:org.mitre.oval:def:9862 Vulnerability unix
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remot... oval:org.mitre.oval:def:10366 Vulnerability unix
A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local user... oval:org.mitre.oval:def:8687 Vulnerability unix
A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrapp... oval:org.mitre.oval:def:10638 Vulnerability unix
A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remo... oval:org.mitre.oval:def:11167 Vulnerability unix
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL... oval:org.mitre.oval:def:9738 Vulnerability unix
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one pa... oval:org.mitre.oval:def:10633 Vulnerability unix
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linu... oval:org.mitre.oval:def:11410 Vulnerability unix
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0... oval:org.mitre.oval:def:9749 Vulnerability unix
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows lo... oval:org.mitre.oval:def:9456 Vulnerability unix
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly exec... oval:org.mitre.oval:def:11202 Vulnerability unix
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of... oval:org.mitre.oval:def:10764 Vulnerability unix
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.... oval:org.mitre.oval:def:9202 Vulnerability unix
Access ActiveX Control Vulnerability oval:org.mitre.oval:def:11907 Vulnerability windows
Access violation in URL error handling oval:org.mitre.oval:def:12315 Vulnerability windows
ACCWIZ.dll Uninitialized Variable Vulnerability oval:org.mitre.oval:def:11756 Vulnerability windows
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connec... oval:org.mitre.oval:def:9955 Vulnerability unix
ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows... oval:org.mitre.oval:def:11874 Vulnerability unix
Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attack... oval:org.mitre.oval:def:10042 Vulnerability unix
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP... oval:org.mitre.oval:def:9546 Vulnerability unix
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the int... oval:org.mitre.oval:def:11069 Vulnerability unix
Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code vi... oval:org.mitre.oval:def:10160 Vulnerability windows
Total number of results : 2406
Page : 1 (This Page) 2 3 4 5 6 7 8 9 10 11 12 21 31 41 51 61 71 81

OVAL Definitions By Referenced Objects

Windows

Linux

Unix

Solaris

AIX:

Other:

HP UX:

ESX:

IOS:

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html