Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 1 - 10 of 69092 in total

FreeBSD: codeigniter -- multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: October 30, 2015

The CodeIgniter changelog reports: Fixed an XSS attack vector in Security Library method xss_clean(). Changed Config Library method base_url() to fallback to ``$_SERVER['SERVER_ADDR']`` in order to avoid Host header injections. Changed CAPTCHA Helper to try to use the operating system's PRNG first....

Debian: DSA-3383 (CVE-2015-5734) (Multiple Advisories): wordpress -- security update Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3383:

Several vulnerabilities were discovered in Wordpress, a web blogging

tool. The Common Vulnerabilities and Exposures project identifie...

Amazon Linux AMI: Security patch for ntp (ALAS-2015-607) (multiple CVEs) Vulnerability

  • Severity: 4
  • Published: October 28, 2015

It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with the server. (CVE-2015-7704 )

It was...

Ubuntu: USN-2788-1 (CVE-2015-7696): unzip vulnerabilities Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-2788-1:

Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into ...

Debian: DSA-3383 (CVE-2015-5731) (Multiple Advisories): wordpress -- security update Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3383:

Several vulnerabilities were discovered in Wordpress, a web blogging

tool. The Common Vulnerabilities and Exposures project identifie...

RHSA-2015:1955: Red Hat Enterprise Linux 6.5 Extended Update Support One-Month Notice Vulnerability

  • Severity: 4
  • Published: October 28, 2015

In accordance with the Red Hat Enterprise Linux Errata Support Policy,Extended Update Support for Red Hat Enterprise Linux 6.5 will be retired asof November 30, 2015, and support will no longer be provided. Accordingly,Red Hat will no longer provide updated packages, including Critical impactsecurity patches or urgent priority bug fixes,...

Debian: DSA-3383 (CVE-2015-2213) (Multiple Advisories): wordpress -- security update Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3383:

Several vulnerabilities were discovered in Wordpress, a web blogging

tool. The Common Vulnerabilities and Exposures project identifie...

Debian: DSA-3386 (CVE-2015-7697): unzip -- security update Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-2788-1:

Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into ...

Debian: DSA-3383 (CVE-2015-7989) (Multiple Advisories): wordpress -- security update Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3383:

Several vulnerabilities were discovered in Wordpress, a web blogging

tool. The Common Vulnerabilities and Exposures project identifie...

Debian: DSA-3383 (CVE-2015-5714) (Multiple Advisories): wordpress -- security update Vulnerability

  • Severity: 4
  • Published: October 28, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-3383:

Several vulnerabilities were discovered in Wordpress, a web blogging

tool. The Common Vulnerabilities and Exposures project identifie...