The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Sun ONE Web Server

Oracle Fusion: several vulnerabilities of July 2014
Several vulnerabilities of Oracle Fusion were announced in July 2014...
CERTFR-2014-AVI-313, cpujul2014, CVE-2013-1620, CVE-2013-1739, CVE-2013-1740, CVE-2013-1741, CVE-2013-5605, CVE-2013-5606, CVE-2013-5855, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-2479, CVE-2014-2480, CVE-2014-2481, CVE-2014-2493, CVE-2014-4201, CVE-2014-4202, CVE-2014-4210, CVE-2014-4211, CVE-2014-4212, CVE-2014-4217, CVE-2014-4222, CVE-2014-4241, CVE-2014-4242, CVE-2014-4249, CVE-2014-4251, CVE-2014-4253, CVE-2014-4254, CVE-2014-4255, CVE-2014-4256, CVE-2014-4257, CVE-2014-4267, VIGILANCE-VUL-15052
Apache Struts 1: code execution via ClassLoader
An attacker can use the "class" parameter, to manipulate the ClassLoader, in order to execute code...
1672316, 1673982, 1674339, 1675822, 2016214, 6198380, c04399728, c05324755, CERTFR-2014-AVI-382, cpuapr2017, cpujan2018, cpujan2019, cpuoct2017, cpuoct2018, CVE-2014-0114, DSA-2940-1, ESA-2014-080, FEDORA-2014-9380, HPSBGN03669, HPSBMU03090, ibm10719287, ibm10719297, ibm10719301, ibm10719303, ibm10719307, MDVSA-2014:095, RHSA-2014:0474-01, RHSA-2014:0497-01, RHSA-2014:0500-01, RHSA-2014:0511-01, RHSA-2018:2669-01, SOL15282, SUSE-SU-2014:0902-1, swg22017525, VIGILANCE-VUL-14799, VMSA-2014-0008, VMSA-2014-0008.1, VMSA-2014-0008.2, VMSA-2014-0012
Oracle Fusion: several vulnerabilities of January 2014
Several vulnerabilities of Oracle Fusion were announced in January 2014...
BID-64815, BID-64819, BID-64822, BID-64827, BID-64829, BID-64830, BID-64835, BID-64838, BID-64842, CERTA-2014-AVI-022, cpujan2014, CVE-2007-0009, CVE-2007-1858, CVE-2012-3499, CVE-2012-3544, CVE-2012-4605, CVE-2013-1620, CVE-2013-1654, CVE-2013-1862, CVE-2013-4316, CVE-2013-5785, CVE-2013-5808, CVE-2013-5869, CVE-2013-5900, CVE-2013-5901, CVE-2014-0374, CVE-2014-0383, CVE-2014-0391, CVE-2014-0400, VIGILANCE-VUL-14089
NSS: multiple vulnerabilities
An attacker can use several vulnerabilities of NSS...
BID-58796, BID-63736, BID-63737, BID-63738, CERTA-2013-AVI-642, CERTFR-2014-AVI-318, CERTFR-2017-AVI-012, CERTFR-2019-AVI-325, cpuapr2017, cpujul2014, cpuoct2016, cpuoct2017, CVE-2013-1741, CVE-2013-2566, CVE-2013-5605, CVE-2013-5606, DSA-2800-1, DSA-2994-1, DSA-3071-1, FEDORA-2013-22456, FEDORA-2013-22467, FEDORA-2013-23301, FEDORA-2013-23479, JSA10770, JSA10939, MFSA 2013-103, openSUSE-SU-2013:1730-1, openSUSE-SU-2013:1732-1, RHSA-2013:1791-01, RHSA-2013:1829-01, RHSA-2013:1840-01, RHSA-2013:1841-01, RHSA-2014:0041-01, SSA:2013-339-01, SSA:2013-339-02, SSA:2013-339-03, SUSE-SU-2013:1807-1, VIGILANCE-VUL-13789
SSL/TLS: obtaining messages encrypted by RC4
When an attacker has 2^30 RC4 encrypted messages with different keys, he can guess the clear text message...
523628, BID-58796, BSA-2015-007, c05336888, cpuapr2017, cpujan2018, cpuoct2016, cpuoct2017, CVE-2013-2566, DSA-2018-124, HPSBHF03673, SOL14638, VIGILANCE-VUL-12530
Oracle iPlanet Web Server: denial of service
An attacker can create a denial of service on Oracle iPlanet Web Server...
BID-54515, CERTA-2012-AVI-393, cpujul2012, CVE-2012-1738, VIGILANCE-VUL-11779
Oracle iPlanet Web Server: vulnerability of Administration Console
An attacker can use a vulnerability of the web administration console of Oracle iPlanet Web Server, in order to obtain information, to alter information, or to create a denial of service...
BID-53133, CERTA-2012-AVI-220, cpuapr2012, CVE-2012-0516, VIGILANCE-VUL-11551
Multiple: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
1506603, 2638420, 2659883, BID-51186, BID-51194, BID-51195, BID-51196, BID-51197, BID-51199, BID-51235, BID-51441, CERTA-2011-AVI-727, CERTA-2011-AVI-728, cpujul2018, CVE-2011-3414, CVE-2011-4461, CVE-2011-4462, CVE-2011-4885, CVE-2011-5034, CVE-2011-5035, CVE-2011-5036, CVE-2011-5037, CVE-2012-0039, CVE-2012-0193, CVE-2012-0839, DSA-2783-1, DSA-2783-2, FEDORA-2012-0730, FEDORA-2012-0752, MS11-100, n.runs-SA-2011.004, NTAP-20190307-0004, oCERT-2011-003, openSUSE-SU-2012:0262-1, PM53930, RHSA-2012:1604-01, RHSA-2012:1605-01, RHSA-2012:1606-01, RHSA-2013:1455-01, RHSA-2013:1456-01, sk66350, VIGILANCE-VUL-11254, VU#903934
SSL, TLS: obtaining HTTPS Cookies, BEAST
An attacker, who can control HTTPS connections of victim's web browser and which has a sufficient bandwidth, can use several SSL sessions in order to compute HTTP headers, such as cookies...
2588513, 2643584, 2655992, AST-2016-001, BID-49778, BID-54304, c03122753, CERTA-2012-AVI-381, CERTFR-2016-AVI-046, CERTFR-2019-AVI-311, CVE-2004-2770-REJECT, CVE-2011-3389, CVE-2012-1870, DSA-2368-1, DSA-2398-1, DSA-2398-2, FEDORA-2012-5916, FEDORA-2012-5924, FEDORA-2012-9135, FEDORA-2014-13764, FEDORA-2014-13777, HPSBUX02730, javacpuoct2011, MDVSA-2012:058, MDVSA-2012:096, MDVSA-2012:096-1, MDVSA-2012:097, MS12-006, MS12-049, openSUSE-SU-2012:0030-1, openSUSE-SU-2012:0063-1, openSUSE-SU-2012:0199-1, openSUSE-SU-2012:0229-1, openSUSE-SU-2012:0667-1, openSUSE-SU-2020:0086-1, RHSA-2012:0034-01, RHSA-2013:1455-01, RHSA-2013:1456-01, sk74100, sk86440, SOL13400, SSA-556833, SSRT100710, SUSE-SU-2012:0114-1, SUSE-SU-2012:0114-2, SUSE-SU-2012:0122-1, SUSE-SU-2012:0122-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, swg21568229, VIGILANCE-VUL-11014, VU#864643
Java JRE: denial of service via a real
An attacker can use a special double floating point number, in order to create an infinite loop in Java programs...
1468291, BID-46091, c02729756, c02738573, c02746026, c02752210, c02775276, c02826781, c02906075, c03090723, c03316985, CERTA-2002-AVI-271, CERTA-2012-AVI-286, cpuapr2011, CVE-2010-4476, DSA-2161-1, DSA-2161-2, FEDORA-2011-1231, FEDORA-2011-1263, HPSBMU02690, HPSBTU02684, HPSBUX02633, HPSBUX02641, HPSBUX02642, HPSBUX02645, HPSBUX02685, HPSBUX02725, HPSBUX02777, IZ94331, javacpufeb2011, MDVSA-2011:054, openSUSE-SU-2011:0126-1, PM32175, PM32177, PM32184, PM32192, PM32194, RHSA-2011:0210-01, RHSA-2011:0211-01, RHSA-2011:0212-01, RHSA-2011:0213-01, RHSA-2011:0214-01, RHSA-2011:0282-01, RHSA-2011:0290-01, RHSA-2011:0291-01, RHSA-2011:0292-01, RHSA-2011:0299-01, RHSA-2011:0333-01, RHSA-2011:0334-01, RHSA-2011:0336-01, RHSA-2011:0348-01, RHSA-2011:0349-01, RHSA-2011:0880-01, SSRT100387, SSRT100390, SSRT100412, SSRT100415, SSRT100505, SSRT100569, SSRT100627, SSRT100854, SUSE-SA:2011:010, SUSE-SA:2011:014, SUSE-SR:2011:008, SUSE-SU-2011:0823-1, swg21469266, swg24030066, swg24030067, VIGILANCE-VUL-10321
Our database contains other pages. You can request a free trial to read them.