Lucene search
+L

520 matches found

Tenable Nessus
Tenable Nessus
added 2013/09/23 12:0 a.m.11 views

Fedora 20 : moodle-2.5.2-1.fc20 (2013-16410)

Moodle upstream has released upstream 2.3.9, 2.4.6, and 2.5.2 versions : http://docs.moodle.org/dev/Moodle2.3.9releasenotes http://docs.moodle.org/dev/Moodle2.4.6releasenotes http://docs.moodle.org/dev/Moodle2.5.2releasenotes These releases contain unspecified security fixes, the nature of which...

5.5AI score
Exploits0References6
Prion
Prion
added 2013/09/16 1:2 p.m.26 views

Sql injection

Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string...

7.5CVSS8.1AI score0.01206EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2013/09/16 12:0 a.m.48 views

Moodle CMS 2.5.0-1 Cross Site Scripting

============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail ============================================= VULNERABILITY ---------------------- Moodle CMS version 2.5.0...

7.5CVSS6.6AI score0.02098EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2013/07/06 12:0 a.m.6 views

PT-2013-3553 · Mongodb · Mongo-Python-Driver +1

Name of the Vulnerable Software and Affected Versions: mongo-python-driver versions prior to 2.5.2 Description: The issue allows context-dependent attackers to cause a denial of service, resulting in a NULL pointer dereference and crash. This is related to the decoding of an "invalid DBRef" in th...

6.9CVSS7.8AI score0.02633EPSS
Exploits2References26
Cvelist
Cvelist
added 2013/03/29 7:0 p.m.30 views

CVE-2013-0659

The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185...

7.6AI score0.0592EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2012/08/17 12:0 a.m.31 views

Inferno vBShout 2.5.2 - SQL Injection

==================================================================== Inferno vBShout SQLI 0day settings'scommands'; if $this-vbulletin-db-affectedrows vbulletin-db-queryfirst"select from " . TABLEPREFIX . "infernoshoutusers where suser='$this-vbulletin-userinfo'userid''" $this-vbulletin-db-query"...

7AI score
Exploits0
NVD
NVD
added 2012/08/06 4:55 p.m.17 views

CVE-2012-3866

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for lastrunreport.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file...

2.1CVSS5.5AI score0.00481EPSS
Exploits1References7
OSV
OSV
added 2012/08/06 4:55 p.m.5 views

DEBIAN-CVE-2012-3864

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request...

4CVSS6.8AI score0.01914EPSS
Exploits1References1
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.48 views

CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache CXF 2.4.5 and 2.5.1 Description: CXF does not validate a WS-Security UsernameToken receiv...

7.5CVSS0.1AI score0.0354EPSS
Exploits0
Prion
Prion
added 2011/01/14 6:0 p.m.16 views

Design/Logic Flaw

A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attackers to create PNG files in unintended directories...

5CVSS6.7AI score0.10901EPSS
Exploits2References8Affected Software1
Debian CVE
Debian CVE
added 2011/01/14 5:0 p.m.60 views

CVE-2010-4695

Removed by vendor...

5CVSS6.6AI score0.02445EPSS
Exploits1
Exploit DB
Exploit DB
added 2010/01/18 12:0 a.m.41 views

FreePBX 2.5.1 - SQL Injection

Advisory Name: SQL injection in FreePBX 2.5.1 Internal Cybsec Advisory Id: 2010-0103 Vulnerability Class: SQL injection Release Date: 15/01/2010 Affected Applications: Confirmed in FreePBX 2.5.1. Other versions may also be affected. Affected Platforms: Any running FreePBX 2.5.1 Local / Remote:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/12/15 12:0 a.m.67 views

Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Flock 2.5.2 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 11.12.2009 CVE: CVE-2009-0689 CWE: CWE-119 Risk: High Remote: Yes Affected Software: - -...

6.8CVSS0.6AI score0.28167EPSS
Exploits43
Packet Storm
Packet Storm
added 2009/12/14 12:0 a.m.19 views

gif2png 2.5.2 Buffer Overflow

DESCRIPTION: "The gif2png program converts files from the obsolescent Graphic Interchange Format to Portable Network Graphics . The conversion preserves all graphic information, including transparency, perfectly. The gif2png program can even recover data from corrupted GIFs." homepage:...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/12 12:0 a.m.28 views

gif2png 2.5.2 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/41801/info gif2png is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of th...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.28 views

Mandriva Security Advisory MDVSA-2009:212-1 (python)

The remote host is missing an update to python announced via advisory MDVSA-2009:212-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

5CVSS7.3AI score0.3038EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2009/11/26 12:0 a.m.26 views

phpMyFAQ GET Variable Cross-Site-Scripting Vulnerability

This host is installed with phpMyFAQ and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodphpmyfaqgetxssvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ phpMyFAQ GET Variable Cross-Site-Scripting Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

4.3CVSS6.2AI score0.01022EPSS
Exploits0References3
exploitpack
exploitpack
added 2009/11/24 12:0 a.m.44 views

Python 2.5.2 Imageop Module - imageop.crop() Buffer Overflow

Python 2.5.2 Imageop Module - imageop.crop Buffer Overflow Python's 'imageop' module is prone to a buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of...

7.5CVSS0.5AI score0.21024EPSS
Exploits6
seebug.org
seebug.org
added 2009/11/24 12:0 a.m.38 views

Python < 2.5.2 Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability

No description provided by source. Python's 'imageop' module is prone to a buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of the underlying system...

7.5CVSS0.21024EPSS
Exploits6
0day.today
0day.today
added 2009/11/24 12:0 a.m.53 views

Python < 2.5.2 Imageop Module 'imageop.crop()' BOF Vulnerability

Exploit for unknown platform in category dos / poc ============================================================================ Python 2.5.2 Imageop Module 'imageop.crop' Buffer Overflow Vulnerability ============================================================================ Title: Python 2.5.2...

7AI score0.21024EPSS
Exploits6
Rows per page
Query Builder