Lucene search
K

96 matches found

CVE
CVE
added 2009/10/22 6:0 p.m.61 views

CVE-2009-1990

CVE-2009-1990 affects Oracle Application Server BI Enterprise Edition (Business Intelligence Enterprise Edition component) in Oracle Application Server 10.1.3.4.1. The Oracle CPU/Oracle Application Server risk matrix lists this as a local vulnerability with confidentiality impact Partial and no e...

1.7CVSS7.7AI score0.0039EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.23 views

Gentoo Security Advisory GLSA 200605-08 (php)

The remote host is missing updates announced in advisory GLSA 200605-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.7AI score0.20514EPSS
Exploits4References4
Circl
Circl
added 2008/04/20 12:0 a.m.13 views

CVE-2008-1990

creationtimestamp| type| source ---|---|--- 2008-04-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5478...

7.5CVSS5.8AI score0.01189EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.46 views

openSUSE 10 Security Update : php5 (php5-1590)

This update fixes the following security issues: - invalid charactes in session names were not blocked - a bug in zendhashdel allowed attackers to prevent unsetting of some variables - bugs in the substrcompare and wordwrap function could crash php CVE-2006-1991, CVE-2006-1990 - a memory leak in...

6.4CVSS8.1AI score0.08308EPSS
Exploits3References2
CVE
CVE
added 2007/04/12 10:0 a.m.48 views

CVE-2007-1990

The provided connected documents confirm a PHP remote file inclusion vulnerability in Sam Crew MyBlog (games.php) affecting versions 1.0–1.6. The flaw allows an attacker to retrieve arbitrary PHP code execution by supplying a crafted URL parameter (scoreid in CVE-2007-1968/2007-1990 entries; also...

7.5CVSS7.2AI score0.01194EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2006/07/12 6:6 p.m.41 views

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

9.3CVSS7.4AI score0.08308EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2006/05/27 12:0 a.m.40 views

Mandrake Linux Security Advisory : php (MDKSA-2006:091)

An integer overflow in the wordwrap function could allow attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, triggering a heap-based buffer overflow CVE-2006-1990. The substrcompare function in PHP 5.x and 4.4.2 could allow attackers to cause ...

6.4CVSS8.9AI score0.08308EPSS
Exploits3References2
Cent OS
Cent OS
added 2006/05/24 1:13 a.m.97 views

php security update

CentOS Errata and Security Advisory CESA-2006:0501-02 Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

7.5CVSS7.4AI score0.12122EPSS
Exploits6References8
RedHat Linux
RedHat Linux
added 2006/05/23 8:9 p.m.60 views

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...

7.5CVSS7.4AI score0.12122EPSS
Exploits6References6
CVE
CVE
added 2006/04/24 11:0 p.m.82 views

CVE-2006-1990

CVE-2006-1990 affects PHP 4.4.2 and 5.1.2 and is caused by an integer overflow in the wordwrap function in string.c, leading to a heap-based buffer overflow in memcpy. This vulnerability could allow context-dependent attackers to execute arbitrary code. Connected documents reference PHP4/PHP5 adv...

5CVSS7.6AI score0.08308EPSS
Exploits2References37Affected Software1
CVE
CVE
added 2005/08/10 4:0 a.m.74 views

CVE-2005-1990

CVE-2005-1990 affects Internet Explorer 5.0, 5.5, and 6.0. The vulnerability arises from improper instantiation of certain COM objects as ActiveX controls, causing a buffer/memory corruption in the host process and potentially enabling command execution or a crash. Affected components include a s...

5.1CVSS7.6AI score0.48513EPSS
Exploits4References12Affected Software2
Tenable Nessus
Tenable Nessus
added 2005/08/09 12:0 a.m.50 views

MS05-038: Cumulative Security Update for Internet Explorer (896727)

The remote host contains a version of the Internet Explorer that is vulnerable to multiple security flaws JPEG Rendering, Web Folder, COM Object that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web pag...

7.5CVSS6.2AI score0.48513EPSS
Exploits4References4
CVE
CVE
added 2005/07/14 4:0 a.m.44 views

CVE-2002-1990

Vulnerability summary: CVE-2002-1990 affects Resin 2.0.5 through 2.1.2. The issue allows remote attackers to reveal physical path information by requesting the example Java class HelloServlet, enabling partial information disclosure. The available sources (NVD/Red Hat/CVE listings) confirm the af...

5CVSS6.6AI score0.02154EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2005/05/10 4:0 a.m.46 views

CVE-2004-1990

Aldo's Web Server (aweb) 1.5 is affected by an information-disclosure vulnerability. Remote attackers can cause the server to reveal the full path and the user running the aweb process via an arbitrary character in a malformed request. Root cause is associated with handling of malformed requests ...

5CVSS7.1AI score0.02538EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2004/03/03 5:0 a.m.10 views

CVE-2004-1990

Aldo's Web Server aweb 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request...

5CVSS6.7AI score0.02538EPSS
Exploits1References6
NVD
NVD
added 2002/12/31 5:0 a.m.17 views

CVE-2002-1990

Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet...

5CVSS6.2AI score0.02154EPSS
Exploits0References3
Rows per page
Query Builder