EUVD-2003-1521

Malware in sbrugna...

CVE-2020-24032

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set=OS command injection via shell metacharacters in a timezone...

CLSA-2024-1730917116 Update of ca-certificates

update to CKBI 2.70 from NSS 3.106 - updated certificates: - Certificate "GLOBALTRUST 2020" - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Baltimore CyberTrust...

CVE-2022-34746

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...

PT-2022-14090 · WordPress · Pagebar

Name of the Vulnerable Software and Affected Versions: Pagebar WordPress plugin versions prior to 2.70 Description: The issue concerns the lack of a CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. Additionally, due to the lac...

Pagebar < 2.70 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation in some of them, it could also lead to Stored XSS issues ' input type="text" name="postaftloop...

Security update for tor (important)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2021:0926-1 Rating: important References: 1179331 1181244 1187322 1187323 1187324 1187325 Cross-References: CVE-2021-34548 CVE-2021-34549 CVE-2021-34550 Affected Products: openSUSE Leap 15.2 An update that solves three...

Command injection

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone...

PT-2020-15623 · Xorux · Stor2Rrd +1

Name of the Vulnerable Software and Affected Versions: XoruX LPAR2RRD and STOR2RRD version 2.70 Description: The issue allows for command injection via shell metacharacters in a timezone, using the tz.pl script with the cmd=set&tz=OS command. This can potentially lead to unauthorized execution of...

CVE-2017-9942

A vulnerability was discovered in Siemens SiPass integrated All versions before V2.70 that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems...

Design/Logic Flaw

Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

JVN#02175694: AttacheCase may insecurely load executable files

AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...

CVE-2007-5717

Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager ELOM on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor SP via unspecified vectors, a different vulnerability than CVE-2007-5170...

CVE-2006-2180

The provided documents confirm CVE-2006-2180: a buffer overflow in Golden FTP Server Pro 2.70 allowing a remote attacker to crash the application or run arbitrary code through a long argument to the NLST or APPE commands (as demonstrated by the Infigo FTPStress Fuzzer). The issue is exploitable o...

Golden FTP Server <= 2.60 LS Command Traversal Information Disclosure

The version of Golden FTP Server installed on the remote host is prone to multiple information disclosure vulnerabilities. Specifically, an authenticated attacker can list the contents of the application directory, which provides a list of valid users, and learn the absolute path of any shared...

CVE-1999-1031

CVE-1999-1031 affects counter.exe version 2.70, where a remote attacker can cause a denial of service (hang) by sending a long argument. Documents confirm the vulnerability and impact as described; no remediation or patch details are provided in the supplied sources. There is no explicit exploita...

CVE-1999-1030

CVE-1999-1030 involves the CGI program counter.exe (v2.70). A remote attacker can trigger a denial of service (hang) by sending an HTTP request that ends with a newline (%0A), which creates a malformed entry in the counter log and leads to an access violation. The available connected documents co...

CVE-1999-1031

counter.exe 2.70 allows a remote attacker to cause a denial of service hang via a long argument...

counter.exe.2.70.dos.txt

Date: Wed, 19 May 1999 02:00:11 +0100 From: Mnemonix To: [email protected] Subject: Denial of Service in Counter.exe version 2.70 A denial of service exists in counter.exe version 2.70, a fairly popular webhit counter used on the Win32 platform with web servers such as IIS and...