Lucene search
K

102 matches found

OpenVAS
OpenVAS
added 2011/07/27 12:0 a.m.24 views

Fedora Update for squirrelmail FEDORA-2011-9309

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.5AI score0.02348EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/07/25 12:0 a.m.36 views

Fedora 14 : squirrelmail-1.4.22-2.fc14 (2011-9309)

fixes : - CVE-2011-2023 : Messages containing style tags with malicious script attributes were being displayed without being sanitized - CVE-2010-4555 : An attacker could use one of several small bugs in SquirrelMail to inject malicious script into various pages or alter the contents of user...

4.3CVSS5.5AI score0.02348EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2011/07/25 12:0 a.m.22 views

Fedora 15 : squirrelmail-1.4.22-2.fc15 (2011-9311)

fixes : - CVE-2011-2023 : Messages containing style tags with malicious script attributes were being displayed without being sanitized - CVE-2010-4555 : An attacker could use one of several small bugs in SquirrelMail to inject malicious script into various pages or alter the contents of user...

4.3CVSS5.5AI score0.02348EPSS
Exploits1References7
CVE
CVE
added 2011/07/14 11:0 p.m.71 views

CVE-2010-4555

SquirrelMail (PHP webmail) versions up to 1.4.21 and earlier are affected by multiple XSS vulnerabilities (CVE-2010-4555, among others) via vectors including dropdown lists, the SquirrelSpell > character, and errors on the Index Order page. Open-source advisories and Nessus/OpenVAS feeds indic...

4.3CVSS6AI score0.02348EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2010/01/04 9:0 p.m.20 views

CVE-2009-4555

Multiple cross-site request forgery CSRF vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that 1 modify a .htaccess file via an unspecified request to protected/manager.cgi or 2 change th...

7.5AI score0.00574EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.22 views

Mandriva Security Advisory MDVSA-2009:254-1 (graphviz)

The remote host is missing an update to graphviz announced via advisory MDVSA-2009:254-1. OpenVAS Vulnerability Test $Id: mdksa20092541.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:254-1 graphviz Authors: Thomas Reinke Copyright: Copyright c 2009...

8.5CVSS0.6AI score0.05061EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/10/02 12:0 a.m.17 views

Mandriva Linux Security Advisory : graphviz (MDVSA-2009:254-1)

A vulnerability was discovered and corrected in graphviz : Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitra...

8.5CVSS6.4AI score0.05061EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2008/11/19 12:0 a.m.12 views

Gentoo Security Advisory GLSA 200811-04 (graphviz)

The remote host is missing updates announced in advisory GLSA 200811-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.7AI score0.05061EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/11/19 12:0 a.m.17 views

Gentoo Security Advisory GLSA 200811-04 (graphviz)

The remote host is missing updates announced in advisory GLSA 200811-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

8.5CVSS0.8AI score0.05061EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/10/28 12:0 a.m.31 views

SuSE 10 Security Update : graphviz (ZYPP Patch Number 5688)

This update of graphviz fixes a buffer overflow that occurs while parsing a DOT file. CVE-2008-4555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid34506;...

8.5CVSS5.7AI score0.05061EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/10/17 12:0 a.m.19 views

openSUSE 10 Security Update : graphviz (graphviz-5690)

This update of graphviz fixes a buffer overflow that occurs while parsing a DOT file. CVE-2008-4555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update graphviz-5690. The text description of this...

8.5CVSS5.7AI score0.05061EPSS
Exploits1References1
CVE
CVE
added 2008/10/14 8:0 p.m.52 views

CVE-2008-4555

CVE-2008-4555 is a real vulnerability in Graphviz 2.20.2 (and possibly earlier) involving a stack-based buffer overflow in the push_subg function (parser.y, lib/graph/parser.c). A DOT file with a large number of Agraph_t elements can allow user‑assisted remote attackers to cause memory corruption...

8.5CVSS7.8AI score0.05061EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2008/10/14 8:0 p.m.19 views

CVE-2008-4555

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

7.8AI score0.05061EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2008/10/14 8:0 p.m.19 views

CVE-2008-4555

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

8.5CVSS7.7AI score0.05061EPSS
Exploits1
CVE
CVE
added 2007/08/28 12:0 a.m.46 views

CVE-2007-4555

CVE-2007-4555 describes a cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP's administration interface. The issue occurs when arguments to a valid command are not properly sanitized and are displayed by the view log option, enabling an attacker to inject arbitrary web script or HTML. Th...

4.3CVSS5.7AI score0.01631EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/09/06 12:0 a.m.41 views

CVE-2006-4555

Summary (CVE-2006-4555) A buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control can allow a remote attacker to execute arbitrary code by enticing a user to view a crafted HTML document that references the control’s CLSID. The vulnerability affects the CR64Loader ActiveX control use...

7.5CVSS7.8AI score0.04345EPSS
Exploits0References6Affected Software1
CERT
CERT
added 2006/09/01 12:0 a.m.20 views

Retro64 / Miniclip CR64Loader ActiveX control buffer overflow

Overview The Retro64 / Miniclip CR64Loader ActiveX control contains a buffer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The CR64Loader Object is an ActiveX control developed by Retro64. The web sites...

7.5CVSS7.4AI score0.04345EPSS
Exploits0References2
CVE
CVE
added 2005/12/28 11:0 a.m.37 views

CVE-2005-4555

CVE-2005-4555 is a cross-site scripting (XSS) vulnerability affecting DEV web management system versions 1.5 and earlier. The issue resides in add.php where an attacker can inject arbitrary script via four language array parameters: ENTER_ARTICLE_TITLE, SPECIFY_ZONE, ENTER_ARTICLE_HEADER, and ENT...

4.3CVSS6AI score0.01973EPSS
Exploits1References7Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.16 views

CVE-2018-4555

CVE-2018-4555 is rejected/not used; this entry has no active vulnerability details.

6.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.0 views

MS:9C911043-7F70-4555-B0D5-724AD163877B

...

7AI score
Exploits0
Rows per page
Query Builder