Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 1 - 10 of 52322 in total

ELSA-2014-0907 Important: Oracle Linux 6 java-1.6.0-openjdk security and bug fix update Vulnerability

  • Severity: 4
  • Published: July 20, 2014

Oracle Linux Security Advisory ELSA-2014-0907 https://rhn.redhat.com/errata/RHSA-2014-0907.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-devel-1....

USN-2293-1: CUPS vulnerability Vulnerability

  • Severity: 4
  • Published: July 20, 2014

Francisco Alonso discovered that the CUPS web interface incorrectlyvalidated permissions on rss files. A local attacker could possibly usethis issue to bypass file permissions and read arbitrary files, possiblyleading to a privilege escalation. The problem can be corrected by updating your system to the following package version: To upd...

DSA-2983-1 drupal7 -- security update Vulnerability

  • Severity: 4
  • Published: July 19, 2014

Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting. More information can be found at

Apache HTTPD: mod_deflate denial of service (CVE-2014-0118) Vulnerability

  • Severity: 4
  • Published: July 17, 2014

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_deflate. Review your web server configuration for validation. A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could caus...

Apache HTTPD: mod_cgid denial of service (CVE-2014-0231) Vulnerability

  • Severity: 4
  • Published: July 17, 2014

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_cgid. Review your web server configuration for validation. A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to han...

Apache HTTPD: mod_cache crash (CVE-2013-4352) Vulnerability

  • Severity: 4
  • Published: July 17, 2014

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_cache. Review your web server configuration for validation. A NULL pointer dereference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. (Note that this vulnerabilit...

Apache HTTPD: WinNT MPM denial of service (CVE-2014-3523) Vulnerability

  • Severity: 4
  • Published: July 17, 2014

A flaw was found in the WinNT MPM in httpd versions 2.4.1 to 2.4.9, when using the default AcceptFilter for that platform. A remote attacker could send carefully crafted requests that would leak memory and eventually lead to a denial of service against the server.

DSA-2981-1 polarssl -- security update Vulnerability

  • Severity: 4
  • Published: July 17, 2014

A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its ...

Apache HTTPD: mod_status buffer overflow (CVE-2014-0226) Vulnerability

  • Severity: 4
  • Published: July 17, 2014

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_status. Review your web server configuration for validation. A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted req...