Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack...
5.7AI Score
0.004EPSS
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required (because of interdependencies) by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only...
1.2AI Score
Joomla Component mosDirectory 2.3.2 (catid) SQL Injection Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
Microsoft Internet Explorer cloneNode()和nodeValue()远程内存破坏漏洞
Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理"cloneNode"和"nodeValue"函数存在内存破坏问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 由于不正确使用"cloneNode"和"nodeValue" JavaScript函数,在重复的调用其中某个函数过程中使用特定构建的元素,可导致内存破坏,可能以应用程序进程权限执行任意指令。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 -.....
7AI Score
Unfixed XSS vulnerability at www.mp3sugar.com
Security researcher takethis, has submitted on 06/03/2007 a cross-site-scripting (XSS) vulnerability affecting www.mp3sugar.com, which at the time of submission ranked 4752 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2007. It is...
-0.1AI Score
6.8AI Score
0.018EPSS
Deserialization of untrusted data
usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via...
7.2AI Score
0.021EPSS
usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via...
6.7AI Score
0.018EPSS
6.6AI Score
0.0004EPSS
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1).....
7.8AI Score
0.0004EPSS
6.8AI Score
0.002EPSS
GLSA-200611-10 : WordPress: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200611-10 (WordPress: Multiple vulnerabilities) 'random' discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. 'adapter' found out that user-edit.php fails...
-0.1AI Score
[ GLSA 200611-10 ] WordPress: Multiple vulnerabilities
Gentoo Linux Security Advisory GLSA 200611-10 http://security.gentoo.org/ Severity: Normal Title: WordPress: Multiple vulnerabilities Date: November 17, 2006 Bugs: #153303 ID: 200611-10 Synopsis Flaws in...
0.5AI Score
6.9AI Score
0.066EPSS
7.4AI Score
6.8AI Score
0.006EPSS
e107 email.php Arbitrary Mail Relay
The version of e107 installed on the remote host contains a script, 'email.php' that allows an unauthenticated user to send email messages to arbitrary users and to control, to a large degree, the content of those messages. This issue can be exploited to send spam or other types of abuse through...
-0.9AI Score
Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing...
6.8AI Score
0.003EPSS
6.8AI Score
0.003EPSS
Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing...
6.5AI Score
0.003EPSS
[SA18845] GnuPG "gpgv" Signature Verification Security Issue
TITLE: GnuPG "gpgv" Signature Verification Security Issue SECUNIA ADVISORY ID: SA18845 VERIFY ADVISORY: http://secunia.com/advisories/18845/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote SOFTWARE: GnuPG / gpg 1.4.x http://secunia.com/product/8087/ GnuPG / gpg 1.0.x...
0.2AI Score
The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does not properly overwrite data in files, which allows attackers to recover the...
6.5AI Score
0.001EPSS
6.9AI Score
0.008EPSS
Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.7AI Score
[SA16489] Emefa Guestbook Script Insertion Vulnerability
Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ TITLE: Emefa Guestbook Script Insertion Vulnerability SECUNIA ADVISORY ID: SA16489 VERIFY ADVISORY:...
0.5AI Score
6.9AI Score
0.01EPSS
Parlano MindAlign 5.0 and later versions allows remote attackers to list valid users via unknown vectors, aka the "User Enumeration"...
6.8AI Score
0.01EPSS
ngIRCd < 0.8.3 Log_Resolver() Remote Format String Overflow
The remote host is running a version of the ngIRCd service that may be vulnerable to a buffer overflow in the way the server handles user-supplied data which is passed to...
3.3AI Score
6.9AI Score
0.025EPSS
6.9AI Score
0.001EPSS
Multiple Vulnerabilities in Name Service Daemon (nsd) on IRIX
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : Multiple Vulnerabilities in Name Service Daemon (nsd) Number : 20030701-01-P Date : July 16, 2003 Reference: CVE CAN-2003-0176, CAN-2003-0177, CAN-2003-0572, CAN-2003-0573 Reference: SGI BUGS 844401,...
-0.1AI Score
SRT2003-06-12-1212 - FakeBO syslog() format string issue.
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection...
-0.1AI Score
3.4AI Score
6.8AI Score
0.006EPSS
SNMP Request Cisco Router Information Disclosure
It is possible to determine the model of the remote CISCO system by sending SNMP requests with the OID 1.3.6.1.4.1.9.1. An attacker may use this information to gain more knowledge about the remote...
7.1AI Score
1.4AI Score
Endymion SakeMail and MailMan File Disclosure Vulnerability
Product: SakeMail - Webmailsystem (http://www.endymion.com) Problem Description: due to missing input-validation it is possible to read xml/other files with sakemails permissions read THIS (javanullbyte.html) for additional infos on nullbytes and java-classes! Example: a HTTP-request to:...
0.8AI Score
-0.2AI Score
Update for Windows Server 2003 (KB2633952)
Install this update to resolve issues caused by revised daylight saving time and time zone laws in several countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2012. After you install this item, you may have to restart your...
2.1AI Score
Security Update for Microsoft Outlook 2010 (KB4022205) 64-Bit Edition
A security vulnerability exists in Microsoft Outlook 2010 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that...
3.2AI Score
2019-01 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4480975)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
6.7AI Score
Internet Explorer 8 for Windows Server 2003 x64 Edition
Internet Explorer 8 is the latest version of the familiar Web browser that you are most comfortable using. Internet Explorer 8 helps you get everything that you want from the Web faster, easier, and more privately and securely than ever. After you install this item, you may have to restart your...
3.1AI Score
Security Update for Windows XP (KB944338)
A security issue has been identified in VBScript and Jscript that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart...
2AI Score
Update for WEPOS and POSReady 2009 (KB3148851)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
2AI Score
Security Update for Outlook Express 5.5 for Windows 2000 (KB973354)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your...
2.9AI Score
Security Update for Windows Server 2003 (KB3039066)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
1.7AI Score
2023-11 Servicing Stack Update for Windows Server 2012 R2 for x64-based Systems (KB5032308)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
Security Update for Microsoft Excel 2010 (KB3017810) 64-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that...
3.3AI Score
Security Update for Windows Embedded 8 Standard for x64-based Systems (KB3161949)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
1.4AI Score
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
1.7AI Score