查看最近更新的CVE列表 (90883)

CVE-2016-1515(发布:2017-01-06 16:59:00)NMS
CVSSN/A

[原文]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8789. Reason: This candidate is a reservation duplicate of CVE-2015-8789. Notes: All CVE users should reference CVE-2015-8789 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE-2016-2183(发布:2016-08-31 20:59:00)NMPS
CVSS5.0

[原文]The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.

CVE-2016-2842(发布:2016-03-03 15:59:04)NMPS
CVSS10.0

[原文]The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-0799.

CVE-2015-5119(发布:2015-07-08 10:59:05)NMPS
CVSS10.0

[原文]Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

CVE-2015-5123(发布:2015-07-14 06:59:01)NMCPS
CVSS10.0

[CNNVD]Adobe Flash Player ActionScript 3 释放后重用漏洞--Adobe Flash Player是美国奥多比(Adobe)公司的一款跨平台、基于浏览器的多媒体播放器产品。该产品支持跨屏幕和浏览器查看应用程序、内容和视频。ActionScript 3(AS3)是Adobe为其Flash产品开发的一种面向对象的编程语言。 Adobe Flas...

CVE-2015-6420(发布:2015-12-15 00:59:07)NMPS
CVSS7.5

[原文]Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

首页上一页12345678下一页尾页 第3页 / 共15148页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站