はてなブックマーク

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Cont

Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. CERT-VN:VU#930724 URL:https://www.kb.cert.org/vuls/id/930724 CISCO:20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021 URL:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user cl

Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. BID:101274 URL:http://www.securityfocus.com/bid/101274 CERT-VN:VU#228519 URL:http://www.kb.cert.org/vuls/id/228519 CISCO:20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II URL:https://tools.cisco.com/security/ce

TOTAL CVE Records: 240830 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway. NOTICE: Support for the legacy CVE download formats will end on June 30, 2024. New CVE List download format is available now.

TOTAL CVE Records: 240830 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway. NOTICE: Support for the legacy CVE download formats ended on June 30, 2024. New CVE List download format is available now on CVE.ORG.

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving mul

Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. APPLE:APPLE-SA-2012-09-19-2 URL:http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html CERT-VN:VU#520827 URL:http://www.kb.cert.org/vuls/id/520827 CERT-VN:VU#673343 URL:http://www.kb.cert.org/vuls/id/673343 CONFIRM:http://support.ap

TOTAL CVE Records: 183760 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG is underway and will last up to one year. (details) NOTICE: Changes coming to CVE Record Format JSON and CVE List Content Downloads in 2022. The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

TOTAL CVE Records: 199100 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway. NOTICE: Changes are coming to CVE List Content Downloads in 2023. The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. MISC:1021653 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1 (Obsolete source) MISC:1021752 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1 (Obsolete source) MISC:1023148 URL:http://securitytracker.co

Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. CERT:TA09-251A URL:http://www.us-cert.gov/cas/techalerts/TA09-251A.html CISCO:20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities URL:http://www.cisco.com/en/US/products/products_security_response09186a

TOTAL CVE Records: 225772 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway. NOTICE: Legacy CVE download formats deprecation is now underway and will end on June 30, 2024. New CVE List download format is available now.

TOTAL CVE Records: 240830 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway. NOTICE: Support for the legacy CVE download formats ended on June 30, 2024. New CVE List download format is available now on CVE.ORG. The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

TOTAL CVE Records: 225772 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway. NOTICE: Legacy CVE download formats deprecation is now underway and will end on June 30, 2024. New CVE List download format is available now. The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.