CVE-2012-0490

This is an entry in the Common Vulnerability Index under number CVE-2012-0490. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-0490

Description: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.

Continue Reading …

CVE-2014-5914

This is an entry in the Common Vulnerability Index under number CVE-2014-5914. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2014-5914

Description: The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Continue Reading …

CVE-2011-1559

This is an entry in the Common Vulnerability Index under number CVE-2011-1559. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2011-1559

Description: Unspecified vulnerability in the IBM Web Interface for Content Management (aka WEBi) 1.0.4 before FP3 has unknown impact and attack vectors.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2011-4344

This is an entry in the Common Vulnerability Index under number CVE-2011-4344. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2011-4344

Description: Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.

Continue Reading …

CVE-2016-3330

This is an entry in the Common Vulnerability Index under number CVE-2016-3330. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2016-3330

Description: Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Microsoft Edge Memory Corruption Vulnerability,”

Continue Reading …

CVE-2015-4089

This is an entry in the Common Vulnerability Index under number CVE-2015-4089. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-4089

Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest Cache plugin before 0.8.3.5 for WordPress allow remote attackers to hijack the authentication of unspecified victims for requests that call the (1) saveOption,

Continue Reading …

CVE-2015-7691

This is an entry in the Common Vulnerability Index under number CVE-2015-7691. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-7691

Description: The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations.

Continue Reading …

CVE-2014-9832

This is an entry in the Common Vulnerability Index under number CVE-2014-9832. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2014-9832

Description: Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2014-0020

This is an entry in the Common Vulnerability Index under number CVE-2014-0020. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2014-0020

Description: The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.

Continue Reading …