Books & Papers Security Vulnerabilities
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a...
7.1AI Score
0.002EPSS
Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a...
8.3AI Score
0.004EPSS
Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a...
7.9AI Score
0.004EPSS
Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a...
7.9AI Score
0.004EPSS
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a...
7.1AI Score
0.002EPSS
oops -- format string vulnerability
A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary...
6.9AI Score
0.002EPSS
Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD...
7.7AI Score
0.047EPSS
The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of...
8.9AI Score
0.013EPSS
Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain...
9.2AI Score
0.001EPSS
The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of...
8.9AI Score
0.013EPSS
Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to...
7.7AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to...
7.7AI Score
0.002EPSS
Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain...
9.2AI Score
0.001EPSS
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary...
8.9AI Score
0.019EPSS
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4)...
9AI Score
0.006EPSS
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4)...
9AI Score
0.006EPSS
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql...
9.4AI Score
0.004EPSS
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary...
8.9AI Score
0.019EPSS
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql...
9.4AI Score
0.004EPSS
Multiple web browsers vulnerable to spoofing via Internationalized Domain Name support
Overview Multiple web browsers are vulnerable to spoofing attacks through the use of Internationalized Domain Names. Other applications such as email programs may also be vulnerable. Description The Domain Name System The Domain Name System (DNS) provides name, address, and other information about....
-0.2AI Score
0.02EPSS
-0.4AI Score
MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library Injection
MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library...
0.3AI Score
7.4AI Score
EPSS
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic...
5.6CVSS
5.4AI Score
0.001EPSS
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic...
5.1AI Score
0.001EPSS
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic...
5.6CVSS
5.2AI Score
0.001EPSS
-0.3AI Score
0.005EPSS
WinAmp playlist handling may allow a remote buffer overflow and arbitrary code execution
Overview WinAmp contains a flaw which may allow a remote system compromise if a maliciously crafted playlist is loaded. Description Nullsoft's WinAmp is a multimedia system for Microsoft Windows. WinAmp allows users to create and use "playlists" to play their multimedia files in a customized...
0.9AI Score
0.883EPSS
[Full-Disclosure] Advisory: Multiple Vulnerabilities in BibORB
= Advisory: Multiple Vulnerabilities in BibORB = Multiple vulnerabilities were found in BibORB which result in SQL injection, XSS, directory traversal and arbitrary file upload. == Details == Product: BibORB Affected Version: 1.3.2, probably all lower versions Immune Version: 1.3.2 Security...
AI Score
0.005EPSS
Advisory: Cross Site Scripting Vulnerability in Openconf Conference Management Software A group of students at our lab called RedTeam found a cross site scripting vulnerability in openconf which results in possible session takeover. Details Product: openconf Affected Version: 1.04, probably also...
0.5AI Score
0.004EPSS
-= Unl0ck Team Security Advisory =- ____ ___ __ _______ __ ___________ | | \____ | | \ _ \ ____ | | __ \__ / _____ _____ | | / \| | / /\ \ / \| |/ / | | / __ \\ \ / ...
0.2AI Score
7.4AI Score
EPSS
Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
No description provided by...
7.1AI Score
Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow (PoC)
Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow...
0.8AI Score
Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
Exploit for unknown platform in category dos /...
7AI Score
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist...
8.1AI Score
0.883EPSS
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist...
8.1AI Score
0.883EPSS
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library (1)
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library...
0.1AI Score
7.4AI Score
6.8AI Score
-= Unl0ck Team Security Advisory =-
-= Unl0ck Team Security Advisory =- ____ ___ __ _______ __ ___________ | | \____ | | \ _ \ ____ | | __ \__ / _____ _____ | | / \| | / /\ \ / \| |/ / | | / __ \\ \ / ...
1.2AI Score
In-game buffer-overflow in the Gamespy cd-key validation SDK
Luigi Auriemma Application: Gamespy cd-key validation SDK http://www.gamespy.net Versions: before 20 November 2004 Games: due to the implementation of this SDK is hard to test and list all the vulnerable games, however the following is the...
-0.2AI Score
Bypass personal firewall application protection . Again.
Bypass personal firewall application protection . Again. (c)oded by offtopic ([email protected]) 2004 Special thank to 3APA3A for links to the debuggers for Windows. <quote src= http://www.security.nnov.ru/advisories/bypassing.asp?l=EN > Personal firewall usually restricts access to network...
1.9AI Score
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist...
8.1AI Score
0.883EPSS
SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly 7.x, allows remote attackers to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Search module or (2) the admin variable in the Web_Links...
7.4AI Score
0.003EPSS
SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly 7.x, allows remote attackers to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Search module or (2) the admin variable in the Web_Links...
7.5AI Score
0.003EPSS
security hole (http response splitting) in phpwebsite
ADVISORY Author: Maestro (me!) Date: 11-NOV-04 Vendor: Appalachian State University (http://phpwebsite.appstate.edu/) Product: phpWebSite 0.9.3-4 Product description (from vendor website): phpWebSite provides a complete web site content management system. Web-based administration allows for easy...
-0.5AI Score
-0.4AI Score
-0.3AI Score
HTTP Response Splitting in Serendipity 0.7-beta4
SECURITY ADVISORY: HTTP Response Splitting in Serendipity 0.7-beta4 AUTHOR: Chaotic Evil (chaoticevil $$$at$$$ spyring $$$dot$$$ com) DATE: October 21st, 2004 PRODUCT: Serendipity 0.7-beta4 [October 14th, 2004 (Recommended release, most stable)] - www.s9y.org FROM THE VENDOR WEBSITE: Serendipity...
-0.3AI Score