Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-14 | CVE-2011-0802 | Remote Integer Overflow vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814. | 10.0 |
| 2011-06-14 | CVE-2011-0788 | Remote Java Runtime Environment vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. | 7.6 |
| 2011-06-14 | CVE-2011-0786 | Remote Java Runtime Environment vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. | 7.6 |
| 2011-06-14 | CVE-2011-2477 | Cross-Site Scripting vulnerability in Icinga Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga before 1.4.1, when escape_html_tags is disabled, allow remote attackers to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179. | 2.6 |
| 2011-06-14 | CVE-2011-2179 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action. | 4.3 |
| 2011-06-14 | CVE-2011-1943 | Information Exposure Through Log Files vulnerability in multiple products The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file. | 2.1 |
| 2011-06-14 | CVE-2011-1924 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in TOR Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list. | 5.0 |
| 2011-06-14 | CVE-2011-1864 | Remote Code Execution vulnerability in HP OpenView Storage Data Protector 6.0/6.10/6.11 Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors. | 9.3 |
| 2011-06-14 | CVE-2011-1863 | Code Injection vulnerability in HP Service Center and Service Manager HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors. | 7.5 |
| 2011-06-14 | CVE-2011-1862 | Cross-Site Scripting vulnerability in HP Service Center and Service Manager Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |