Lucene search
K

63 matches found

nessus
nessus
added 2016/03/04 12:0 a.m.14 views

Fedora 23 : glibc-2.22-6.fc23 (2015-7174c4d68d)

This update re-adds large file support to the openat function, removes support for the LDPOINTERGUARD environment variable which could be used to weaken security protections in ATSECURE/SUID binaries, and adds function pointer obfuscation to the TLS destructor list. Note that Tenable Network...

5.5AI score
Exploits0References3
nvd
nvd
added 2015/09/28 8:59 p.m.17 views

CVE-2015-1781

Buffer overflow in the gethostbynamer and other unspecified NSS functions in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer...

6.8CVSS8.8AI score0.05012EPSS
Exploits0References14
debiancve
debiancve
added 2015/09/28 8:0 p.m.39 views

CVE-2015-1781

Buffer overflow in the gethostbynamer and other unspecified NSS functions in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer...

6.8CVSS9.1AI score0.05012EPSS
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

Michael Kohn Ringtone Tools 2.22 EMelody File Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12010/info Ringtone Tools is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

PHP ICalender 2.22 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18721/info PHP iCalender is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Kshop 2.22 'kshop_search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30576/info Kshop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of ...

7.1AI score
Exploits0
nessus
nessus
added 2014/06/13 12:0 a.m.27 views

openSUSE Security Update : seamonkey (openSUSE-SU-2013:1644-1)

update to SeaMonkey 2.22 bnc847708 - rebased patches - requires NSS 3.15.2 or higher - MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards - MFSA 2013-94/CVE-2013-5593 bmo868327 Spoofing addressbar through SELECT element - MFSA 2013-95/CVE-2013-5604...

10CVSS7.6AI score0.06493EPSS
Exploits0References27
openvas
openvas
added 2013/11/07 12:0 a.m.22 views

Mozilla SeaMonkey Multiple Vulnerabilities-01 (Nov 2013) - Windows

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey";...

10CVSS7.6AI score0.06493EPSS
Exploits0References14
prion
prion
added 2012/09/05 11:55 p.m.18 views

Integer overflow

Multiple integer overflows in the 1 objallocalloc function in objalloc.c and 2 objallocalloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service crash via vectors related to the "addition of CHUNKHEADERSIZE to the length,"...

5CVSS7.1AI score0.03602EPSS
Exploits0References8Affected Software3
debiancve
debiancve
added 2012/09/05 11:0 p.m.64 views

CVE-2012-3509

Multiple integer overflows in the 1 objallocalloc function in objalloc.c and 2 objallocalloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service crash via vectors related to the "addition of CHUNKHEADERSIZE to the length,"...

5CVSS9.2AI score0.03602EPSS
Exploits0
ubuntucve
ubuntucve
added 2012/09/05 12:0 a.m.21 views

CVE-2012-3509

Multiple integer overflows in the 1 objallocalloc function in objalloc.c and 2 objallocalloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service crash via vectors related to the "addition of CHUNKHEADERSIZE to the length,"...

5CVSS7.2AI score0.03602EPSS
Exploits0References3
nessus
nessus
added 2011/08/08 12:0 a.m.15 views

Fedora 15 : libcap-2.22-1.fc15 (2011-9844)

Update to libcap-2.22, includes fixes for http://cwe.mitre.org/data/definitions/243.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

5.4AI score
Exploits0References3
cvelist
cvelist
added 2009/10/16 5:0 p.m.18 views

CVE-2009-3704

ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, allows remote attackers to cause a denial of service crash via a SIP INVITE request with an empty Call-Info header...

6.7AI score0.08143EPSS
Exploits1References3
exploitdb
exploitdb
added 2009/10/14 12:0 a.m.35 views

ZoIPer 2.22 - Call-Info Remote Denial of Service

!/usr/bin/python ZoIPer v2.22 Call-Info Remote Denial Of Service. Remote Crash P.O.C. Author: Tomer Bitton Gr33nG0bL1n Tested on Windows XP SP2 , SP3 , Ubuntu 8.10 Vendor Notified on: 21/09/2009 Vendor Fix: Fixed in version 2.24 Library 5324 Bad Chars: \x20 , \x09 import sys import socket import ...

7.4AI score
Exploits0
zdt
zdt
added 2008/12/29 12:0 a.m.17 views

eDContainer v2.22 (lg) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================= eDContainer v2.22 lg Local File Inclusion Vulnerability ========================================================= eDContainer v2.22 lg Local File Inclusion Vulnerability Script :...

7.1AI score
Exploits0
openvas
openvas
added 2008/09/24 12:0 a.m.22 views

Gentoo Security Advisory GLSA 200809-01 (yelp)

The remote host is missing updates announced in advisory GLSA 200809-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.7AI score0.19395EPSS
Exploits1
exploitdb
exploitdb
added 2008/09/22 12:0 a.m.41 views

WSN Links 2.22/2.23 - 'vote.php' SQL Injection

WSN Links 2.23 AND 2.22 vote.php - SQL Injection Vulnerability http://scripts.webmastersite.net/wsnlinks/ ---------------------------------------------------------- Bug founded by d3v1l Date: 21.09.2008 [email protected] ----------------------------------------------------------- Greetz tO:-...

7.4AI score
Exploits0
gentoo
gentoo
added 2008/09/04 12:0 a.m.29 views

yelp: User-assisted execution of arbitrary code

Background yelp is the default help browser for GNOME. Description Aaron Grattafiori reported a format string vulnerability in the windowerror function in yelp-window.c. Impact A remote attacker can entice a user to open specially crafted "man:" or "ghelp:" URIs in yelp, or an application using...

10CVSS7.3AI score0.19395EPSS
Exploits1
exploitpack
exploitpack
added 2008/08/06 12:0 a.m.12 views

Kshop 2.22 - kshop_search.php Cross-Site Scripting

Kshop 2.22 - kshopsearch.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30576/info Kshop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

6.8AI score
Exploits0
prion
prion
added 2007/08/27 9:17 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in enterbug.cgi in Bugzilla 2.17.1 through 2.20.4, 2.22.x before 2.22.3, and 3.x before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the buildid field in the "guided form."...

4.3CVSS5.9AI score0.01364EPSS
Exploits1References11Affected Software1
Rows per page
Query Builder