Linux Distros Unpatched Vulnerability : CVE-2021-33896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators. CVE-2021-33896 Note that...

phonenumber: panic on parsing crafted phonenumber inputs

Impact The phonenumber parsing code may panic due to a reachable assert! guard on the phonenumber string. In a typical deployment of rust-phonenumber, this may get triggered by feeding a maliciously crafted phonenumber, e.g. over the network, specifically strings of the form...

Directory traversal

Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...

CVE-2021-33896

Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal only for creation of new files via URI-encoded path separators...

Ubuntu usb-creator 0.2.x - Local Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits Source: http://www.openwall.com/lists/oss-security/2015/04/22/12 Bug report: https://bugs.launchpad.net/ubuntu/vivid/+source/usb-creator/+bug/1447396 Ubuntu Precise 12.04LTS test.c void attributeconstructor init void chown"/tmp/test", 0, 0;...

Ubuntu usb-creator 0.2.x Local Privilege Escalation

Source: http://www.openwall.com/lists/oss-security/2015/04/22/12 Bug report: https://bugs.launchpad.net/ubuntu/vivid/+source/usb-creator/+bug/1447396 Ubuntu Precise 12.04LTS test.c void attributeconstructor init void chown"/tmp/test", 0, 0; chmod"/tmp/test", 04755; ^D $ gcc -shared -fPIC -o...

CVE-2013-7401

The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method...

CVE-2013-7401

The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method...

CVE-2013-7402

Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service crash via a crafted ICAP request...

CVE-2012-4505

Heap-based buffer overflow in the pxpacreload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504...

Tor Denial Of Service Vulnerability - July09 (Linux)

This host is installed with Tor and is prone to Denial Of Service vulnerability. OpenVAS Vulnerability Test $Id: gbtordosvulnjul09lin.nasl 4892 2016-12-30 15:39:07Z teissa $ Tor Denial Of Service Vulnerability - July09 Linux Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Tor 'relay.c' DNS Spoofing Vulnerability - July09 (Linux)

This host is installed with Tor and is prone to DNS Spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbtordnsspoofingvulnjul09lin.nasl 4892 2016-12-30 15:39:07Z teissa $ Tor 'relay.c' DNS Spoofing Vulnerability - July09 Linux Authors: Sharath S Copyright: Copyright c 2009 Greenbone Network...

Tor Denial Of Service Vulnerability - July09 (Windows)

This host is installed with Tor and is prone to Denial Of Service vulnerability. OpenVAS Vulnerability Test $Id: gbtordosvulnjul09win.nasl 4892 2016-12-30 15:39:07Z teissa $ Tor Denial Of Service Vulnerability - July09 Windows Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks GmbH...

CVE-2009-2426

The connectionedgeprocessrelaycellnotopen function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. NOTE: some o...

Command injection

The connectionedgeprocessrelaycellnotopen function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. NOTE: some o...

Blog Mod <= 0.2.x SQL Injection

==================== Discovered by: Qex Date: 28 April 2006 ==================== /weblogposting.php?mode=quote&r=SQL&w=1...

Sql injection

SQL injection vulnerability in weblogposting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter...

CVE-2006-2127

CVE-2006-2127 affects Blog Mod 0.2.x; a SQL injection in weblog_posting.php allows remote attackers to execute arbitrary SQL via the r parameter, with a base risk score of 6.4 (Medium). No explicit remediation or exploit details are provided in the connected documents.

CVE-2006-2127

SQL injection vulnerability in weblogposting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter...

CVE-2002-1279

CVE-2002-1279 is a local privilege escalation in Masqmail. Multiple buffer overflows in Masqmail’s conf.c affect Masqmail 0.1.x (before 0.1.17) and 0.2.x (before 0.2.15). Exploitation via specific entries in the configuration file (-C) can grant elevated rights to local users. Debian advisories c...