Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file...
7.8AI Score
0.039EPSS
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap...
6.1AI Score
0.004EPSS
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked...
7.6AI Score
0.054EPSS
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown...
6.3AI Score
0.004EPSS
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file...
7.5AI Score
0.039EPSS
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3...
6AI Score
0.02EPSS
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown...
6.3AI Score
0.004EPSS
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP...
6.5AI Score
0.004EPSS
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown...
6.1AI Score
0.004EPSS
[SECURITY] Fedora 8 Update: chmsee-1.0.0-1.26.fc8
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
[SECURITY] Fedora 7 Update: chmsee-1.0.0-1.25.fc7
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
Unfixed XSS vulnerability at www.bestwebbuys.com
Security researcher Fugitif, has submitted on 28/10/2007 a cross-site-scripting (XSS) vulnerability affecting www.bestwebbuys.com, which at the time of submission ranked 27889 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/11/2007. It is...
-0.1AI Score
Analysis of Ronin article system V2. 3-vulnerability warning-the black bar safety net
| Author: ice of origin Description: articles have been published in hackers manual 0 7 year 1 1 period, reproduced please specify the source of! Own just to learn ASP, Hey, no one taught, really cool! It does not, see for yourself a few books, and non-security on each issue analysis of ASP...
-0.6AI Score
SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin...
8.8AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq...
5.7AI Score
0.001EPSS
SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin...
8.4AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq...
6AI Score
0.001EPSS
7.4AI Score
EPSS
AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow
AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer...
0.7AI Score
-0.3AI Score
[waraxe-2007-SA#058] - Critical Sql Injection in NukeSentinel 2.5.12
[waraxe-2007-SA#058] - Critical Sql Injection in NukeSentinel 2.5.12 Author: Janek Vind "waraxe" Date: 27. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-58.html Target software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Developer:....
-0.4AI Score
[waraxe-2007-SA#055] - Sql Injection in SiteX CMS 0.7.3 Beta
[waraxe-2007-SA#055] - Sql Injection in SiteX CMS 0.7.3 Beta Author: Janek Vind "waraxe" Date: 27. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-55.html Target software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://sitex.bjsintay.com/ SiteX.....
-0.1AI Score
[waraxe-2007-SA#057] - Unauthorized File Upload in SiteX CMS
[waraxe-2007-SA#057] - Unauthorized File Upload in SiteX CMS Author: Janek Vind "waraxe" Date: 27. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-57.html Target software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://sitex.bjsintay.com/ SiteX.....
-0.5AI Score
Unfixed XSS vulnerability at www.chukei.co.jp
Security researcher kusomiso.com, has submitted on 27/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.chukei.co.jp, which at the time of submission ranked 213353 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2007. It is.....
-0.1AI Score
-0.2AI Score
[waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval
[waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval Author: Janek Vind "waraxe" Date: 19. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-52.html Target software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~...
-0.7AI Score
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry....
6.6AI Score
0.164EPSS
1.5AI Score
2.9AI Score
Endless loop on MMS and SSL parsing, off-by-one on iSeries and DHCP/BOOTP...
2.6AI Score
0.028EPSS
Unfixed XSS vulnerability at herbarium.usu.edu
Security researcher By Encore, has submitted on 08/09/2007 a cross-site-scripting (XSS) vulnerability affecting herbarium.usu.edu, which at the time of submission ranked 27880 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/09/2007. It is...
AI Score
Unfixed XSS vulnerability at herbarium.usu.edu
Security researcher By Encore, has submitted on 08/09/2007 a cross-site-scripting (XSS) vulnerability affecting herbarium.usu.edu, which at the time of submission ranked 27880 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/09/2007. It is...
AI Score
[SECURITY] Fedora 7 Update: chmsee-1.0.0-0.20.beta2.fc7
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
Parse edikid's blog the CSS“encryption”technology-vulnerability warning-the black bar safety net
From I released Baidu CSS import vulnerability the beginning, people constantly ask me about the http://hi. baidu. com/edikid this space, and now there may be hundreds of people! I once said that CSS content is, in principle, can not be encrypted-the reason is that it needs to be browser...
-0.2AI Score
Quagga是一款基于TCP/IP路由软件套件。 Quagga's bgpd存在一个越界内存读取问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 攻击者发送一个特殊构建的,畸形的多协议可到达/不可到达NLRI属性的UPDATE消息,可触发Quagga's bgpd发生assert()而放弃,导致拒绝服务攻击。 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu....
7AI Score
-0.1AI Score
-0.2AI Score
Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. Bugs ...
6.7AI Score
0.227EPSS
squirrelmail CSRF vulnerability
I. BACKGROUND SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is.....
0.2AI Score
0.02EPSS
SA password-cracking-vulnerability warning-the black bar safety net
0)off of your existing database service. 1)Create a new instance, is to reinstall a sql server, hereinafter referred to as the new 2 put your old database instance, hereinafter referred to as the old the master. mdf , master. ldf copy to a folder 3) in the new, by attach the db the way to put...
0.1AI Score
SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment...
8.6AI Score
0.007EPSS
SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment...
7.9AI Score
0.007EPSS
2.6AI Score
0.025EPSS
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an...
6.1AI Score
0.025EPSS
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an...
6.4AI Score
0.025EPSS
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an...
6.2AI Score
0.025EPSS
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an...
6.6AI Score
0.025EPSS
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an...
6.3AI Score
0.025EPSS
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an...
5.5AI Score
0.025EPSS
MAMBO & Joomla NFN Address Book v0.4 (nfnaddressbook.php) Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/8191/com_nfn_addressbook.zip About : The NFN Address Book manages lists of contacts that can be split into groups and allows for hiding of private...
-0.6AI Score