Lucene search
+L

96 matches found

Tenable Nessus
Tenable Nessus
added 2013/11/18 12:0 a.m.35 views

Fedora 19 : gnutls-3.1.16-1.fc19 (2013-20628)

Minor security update from upstream. New minor upstream release fixing a security issue. Adds ECC NIST Suite B curves support ECDH, ECDSA Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

5CVSS5.3AI score0.01978EPSS
Exploits1References5
CVE
CVE
added 2012/11/02 3:0 p.m.44 views

CVE-2012-4487

The CVE concerns Drupal’s Subuser module, prior to version 6.x-1.8. The vulnerability arises from insufficient checking of the "switch subuser" permission, enabling remote authenticated parent users to change their role by switching to a subuser they created. Practical impact is a potential privi...

4CVSS6.5AI score0.01086EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/03/01 1:0 a.m.52 views

CVE-2011-4487

CVE-2011-4487 affects Cisco Unified Communications Manager (CUCM) and Cisco BE6000/BE5000/BE3000 with various 6.x–8.x releases. The issue is a SQL injection in the SCCP registration handling, allowing remote, unauthenticated attackers to execute arbitrary SQL commands against the CUCM database, p...

6.8CVSS8.5AI score0.01035EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2010/12/07 8:0 p.m.74 views

CVE-2010-4487

CVE-2010-4487 describes an incomplete blacklist vulnerability in Google Chrome up to version 8.0.552.215 on Linux and macOS, allowing remote attackers to cause an unspecified impact via a "dangerous file" . The primary description provides no details on exploit vectors or specifics of the impact....

7.5CVSS6.4AI score0.0111EPSS
Exploits0References4Affected Software1
Nginx
Nginx
added 2010/01/13 8:0 p.m.217 views

An error log data are not sanitized

An error log data are not sanitized Severity: none CVE-2009-4487 Not vulnerable: none Vulnerable: all...

6.8CVSS6.3AI score0.27008EPSS
Exploits2
Cvelist
Cvelist
added 2010/01/13 8:0 p.m.46 views

CVE-2009-4487

nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

7.6AI score0.27008EPSS
Exploits2References3
CVE
CVE
added 2008/10/08 1:0 a.m.47 views

CVE-2008-4487

CVE-2008-4487 describes an SQL injection in Atarone CMS 1.2.0, specifically in ap-save.php. The vulnerability allows remote attackers to execute arbitrary SQL commands through the parameters: site_name, email, theme_chosen, hp, c_meta, id, and c_js. The entry notes that provenance is unknown and ...

6.8CVSS8.1AI score0.00988EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/04/27 12:0 a.m.8 views

Malicious Website - Embedded Javascript Detection

Binary data 4487.prm...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2007/08/22 11:0 p.m.25 views

CVE-2007-4487

Cross-site scripting XSS vulnerability in D22-Shoutbox for Invision Power Board IPB or IP.Board allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.0106EPSS
Exploits0References5
CVE
CVE
added 2007/08/22 11:0 p.m.53 views

CVE-2007-4487

Technical details about CVE-2007-4487 are not publicly available in the provided documents; monitor for updates. The data here only reiterates a generic XSS vulnerability in D22-Shoutbox for IPB.

4.3CVSS5.7AI score0.0106EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/08/31 10:0 p.m.24 views

CVE-2006-4487

DUware DUpoll 3.0 and 3.1 stores private/Dupoll.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords...

6.3AI score0.01621EPSS
Exploits1References6
CVE
CVE
added 2006/08/31 10:0 p.m.47 views

CVE-2006-4487

CVE-2006-4487 affects DUware DUpoll 3.0 and 3.1, where a file under the web document root named _private/Dupoll.mdb is stored with insufficient access control. This allows remote attackers to access sensitive information, specifically user credentials such as usernames and passwords. The provided...

5CVSS6.6AI score0.01621EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/12/22 11:0 a.m.46 views

CVE-2005-4487

RAMSite R|1 CMS 1.0 and earlier is affected by a cross-site scripting (XSS) vulnerability. The issue arises in the searchfield parameter, allowing remote attackers to inject arbitrary web script or HTML. Impact is user-facing script execution, with potential credential or session-related implicat...

4.3CVSS6AI score0.01177EPSS
Exploits0References4Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.23 views

CVE-2018-4487

CVE-2018-4487 entry is rejected/not used; does not represent an active vulnerability.

6.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.0 views

MS:0C10888C-F391-4487-9C5A-34A95C6B90F1

...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.2 views

MS:77F551F7-76A8-4487-AC78-1954FF6D05E6

...

7AI score
Exploits0
Rows per page
Query Builder