CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2002-0374

Malware in sbrugna...

2.1CVSS6.4AI score0.00217EPSS

Exploits0References6

OSV•added 2021/06/07 10:15 p.m.•9 views

CVE-2021-32670

Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation...

6.1CVSS6AI score

Exploits0References5

CVE•added 2021/06/07 9:20 p.m.•91 views

CVE-2021-32670

Datasette contains a reflected cross-site scripting vulnerability in the ?_trace=1 debugging feature due to inadequate HTML escaping. Affected versions include 0.56.1 and 0.57; patches are available in those releases. Workarounds include rejecting requests with ?_trace= or &_trace= in the query s...

7.2CVSS6.1AI score0.00594EPSS

Exploits0References5Affected Software1

Prion•added 2019/11/25 2:15 p.m.•19 views

Race condition

libuser 0.56 and 0.57 has a TOCTOU time-of-check time-of-use race condition when copying and removing directory trees...

3.3CVSS6.9AI score0.00119EPSS

Exploits0References5Affected Software3

CNVD•added 2017/11/13 12:0 a.m.•3 views

Home Assistant Cross-Site Scripting Vulnerability

Home Assistant is an open source platform for automated management of home network devices. A cross-site scripting vulnerability exists in versions of Home Assistant prior to 0.57. A remote attacker can exploit this vulnerability to inject JavaScript code via specially crafted Markdown text...

6.1CVSS6.4AI score0.00305EPSS

Exploits0References1

OSV•added 2017/11/10 11:29 p.m.•12 views

CVE-2017-16782

In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS...

6.1CVSS6.8AI score

Exploits0References1

RedHat Linux•added 2011/01/20 4:29 p.m.•4 views

libuser creates LDAP users with a default password

libuser before 0.57 uses a cleartext password value of 1 !! or 2 x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values...

6.4CVSS5.9AI score0.0227EPSS

Exploits1References4

securityvulns•added 2005/02/21 12:0 a.m.•24 views

[SA14333] PuTTY Two Integer Overflow Vulnerabilities

TITLE: PuTTY Two Integer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA14333 VERIFY ADVISORY: http://secunia.com/advisories/14333/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: PuTTY 0.x http://secunia.com/product/1137/ DESCRIPTION: Two vulnerabilities have be...

1.1AI score

Exploits0

Cvelist•added 2003/04/02 5:0 a.m.•13 views

CVE-2002-0377

Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files...

6.1AI score0.00217EPSS

Exploits0References5

CVE•added 2003/04/02 5:0 a.m.•51 views

CVE-2002-0377

CVE-2002-0377 affects Gaim 0.57, where sensitive data is written to world-readable and group-writable files in /tmp, enabling local users to read authentication information and access MSN web email accounts of other users. The underlying issue is insecure file permissions leading to information d...

2.1CVSS6.1AI score0.00217EPSS

Exploits0References5Affected Software1

NVD•added 2002/05/29 4:0 a.m.•10 views

CVE-2002-0377

2.1CVSS6.1AI score0.00217EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by