OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows... oval:org.mitre.oval:def:11864 Vulnerability unix
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to... oval:org.mitre.oval:def:10876 Vulnerability unix
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 al... oval:org.mitre.oval:def:9918 Vulnerability unix
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the defau... oval:org.mitre.oval:def:10086 Vulnerability unix
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbi... oval:org.mitre.oval:def:17046 Vulnerability windows
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi... oval:org.mitre.oval:def:16946 Vulnerability windows
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi... oval:org.mitre.oval:def:16939 Vulnerability windows
The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ES... oval:org.mitre.oval:def:16861 Vulnerability windows
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi... oval:org.mitre.oval:def:16718 Vulnerability windows
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might a... oval:org.mitre.oval:def:11215 Vulnerability unix
The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask ... oval:org.mitre.oval:def:9953 Vulnerability unix
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of ... oval:org.mitre.oval:def:16469 Vulnerability windows
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers ... oval:org.mitre.oval:def:15813 Vulnerability windows
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff fil... oval:org.mitre.oval:def:9462 Vulnerability unix
The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows rem... oval:org.mitre.oval:def:18359 Vulnerability windows
The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cau... oval:org.mitre.oval:def:10291 Vulnerability unix
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial ... oval:org.mitre.oval:def:10388 Vulnerability unix
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent pr... oval:org.mitre.oval:def:11187 Vulnerability unix
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey befor... oval:org.mitre.oval:def:16619 Vulnerability windows
The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise ... oval:org.mitre.oval:def:9367 Vulnerability unix
The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow l... oval:org.mitre.oval:def:11690 Vulnerability unix
The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to ... oval:org.mitre.oval:def:11155 Vulnerability unix
The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current wor... oval:org.mitre.oval:def:9382 Vulnerability unix
The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of ... oval:org.mitre.oval:def:10941 Vulnerability unix
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows loca... oval:org.mitre.oval:def:11597 Vulnerability unix
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not... oval:org.mitre.oval:def:10738 Vulnerability unix
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thu... oval:org.mitre.oval:def:17056 Vulnerability windows
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Th... oval:org.mitre.oval:def:17005 Vulnerability windows
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XS... oval:org.mitre.oval:def:24164 Vulnerability windows
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a d... oval:org.mitre.oval:def:14089 Vulnerability windows

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html