Lucene search
K

6581 matches found

CVE
CVE
added 2005/03/01 5:0 a.m.33 views

CVE-2005-0604

CVE-2005-0604 affects lnss.exe in GFI Languard Network Security Scanner 5.0 . The vulnerability is that the program stores the username and password in memory in plaintext, which could allow local administrators to obtain domain administrator credentials. This is the stated impact in the records,...

4.6CVSS6.8AI score0.00416EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2005/02/10 12:0 a.m.29 views

[VulnWatch] Patch available for high risk IBM DB2 Universal Database flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Researchers at NGSSoftware have discovered a high risk vulnerability in IBM's DB2 Universal Database Version 8.1 and earlier. IBM has just released Fixpak 8 for DB2 UDB 8.1 which addresses the security flaw...

Exploits0
Debian
Debian
added 2004/10/14 3:27 p.m.40 views

[SECURITY] [DSA 566-1] New CUPS packages fix information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 566-1 [email protected] http://www.debian.org/security/ Martin Schulze October 14th, 2004 http://www.debian.org/security/faq -...

2.1CVSS5.8AI score0.00445EPSS
Exploits0
OSV
OSV
added 2004/10/14 12:0 a.m.28 views

DSA-566-1 cupsys - unsanitised input

Bulletin has no description...

2.1CVSS6AI score0.00445EPSS
Exploits0
securityvulns
securityvulns
added 2004/08/11 12:0 a.m.56 views

Microsoft Security Bulletin MS04-026 Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436)

Microsoft Security Bulletin MS04-026 Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks 842436 Issued: August 10, 2004 Version: 1.0 Summary Who should read this document: System administrators who have servers running Microsoft® Exchange...

6.8CVSS0.1AI score0.20982EPSS
Exploits0
securityvulns
securityvulns
added 2004/02/03 12:0 a.m.82 views

Microsoft Security Bulletin MS04-004

Microsoft Security Bulletin MS04-004 Cumulative Security Update for Internet Explorer 832894 Issued: February 2, 2004 Version: 1.0 Summary Who should read this document: Customers who are using Microsoft® Internet Explorer Impact of vulnerability: Remote Code Execution Maximum Severity Rating:...

10CVSS8.3AI score0.39211EPSS
Exploits2
securityvulns
securityvulns
added 2004/01/14 12:0 a.m.67 views

Microsoft Security Bulletin MS04-002

Microsoft Security Bulletin MS04-002 Print Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation 832759 Issued: January 13, 2004 Version: 1.0 Summary Who should read this document: System administrators who have servers that are running Microsoft® Outlook® Web Access for...

6CVSS0.5AI score0.08162EPSS
Exploits0
securityvulns
securityvulns
added 2003/10/16 12:0 a.m.58 views

Microsoft Security Bulletin MS03-046

Microsoft Security Bulletin MS03-046 Print Vulnerability in Exchange Server Could Allow Arbitrary Code Execution 829436 Issued: October 15, 2003 Version Number: Version Number: 1.0 Summary Who Should Read This Document: System administrators who have servers running Microsoft® Exchange Server...

7.5CVSS0.3AI score0.76388EPSS
Exploits5
securityvulns
securityvulns
added 2003/10/16 12:0 a.m.64 views

Microsoft Security Bulletin MS03-047

Microsoft Security Bulletin MS03-047 Print Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack 828489 Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: System administrators who have servers running Microsoft® Exchange...

6.8CVSS0.3AI score0.17357EPSS
Exploits0
OSV
OSV
added 2003/04/22 4:0 a.m.3 views

DEBIAN-CVE-2002-1477

graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode...

7.5CVSS7.6AI score0.02284EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2003/04/22 12:0 a.m.8 views

PT-2003-1213 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 0.6.8 Description: The issue allows remote authenticated Cacti administrators to execute arbitrary commands. This can be achieved by injecting shell metacharacters in the title during edit mode, specifically in the...

7.5CVSS6.9AI score0.02284EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2003/03/12 12:0 a.m.26 views

MS02-001: Trusted Domain SID Remote Privilege Escalation (311401)

Trust relationships are created between Windows NT or Windows 2000 domains to allow users in one domain to access resources in other domains without requiring them to authenticate separately to each domain. When a user in a trusted domain requests access to a resource in a trusting domain, the...

10CVSS5.6AI score0.1796EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/11/09 12:0 a.m.37 views

Technical information about unpatched MS Java vulnerabilities

These are some technical details about the security vulnerabilities I've found in Microsoft's Java implementatation. They were reported to the vendor mostly during August 2002. Microsoft no longer responds to my inqueries and doesn't seem to react about these severe vulnerabilities which affect...

7.4AI score
Exploits0
NVD
NVD
added 2002/10/04 4:0 a.m.20 views

CVE-2002-1096

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code...

7.5CVSS6.1AI score0.01317EPSS
Exploits0References3
NVD
NVD
added 2002/10/04 4:0 a.m.18 views

CVE-2002-1097

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages...

7.5CVSS6.3AI score0.01133EPSS
Exploits0References3
CVE
CVE
added 2002/07/26 4:0 a.m.43 views

CVE-2002-0786

The CVE-2002-0786 entry concerns the iCon administrative web server for Critical Path inJoin Directory Server 4.0. Affected component: the inJoin Directory Server 4.0 web interface (iCon admin). Vulnerability: authenticated inJoin administrators can read arbitrary files by specifying the target f...

5CVSS6.9AI score0.03192EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2002/03/21 12:0 a.m.27 views

Privelege escalation using webmin log files

Unsafe permissions of log files allows to steal cookie of system administrators and to get web access to administration with root permissions...

4.9AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2002/03/15 12:0 a.m.55 views

Microsoft Windows 'Administrators' Group User List

Using the supplied credentials, it is possible to extract the member list of the 'Administrators' group. Members of this group have complete access to the remote system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10902; scriptversion"1.23"; scriptcvsdate"Date:...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/03/15 12:0 a.m.23 views

Microsoft Windows 'Domain Administrators' Group User List

Using the supplied credentials, it is possible to extract the member list of the 'Domain Administrators' group. Members of this group have complete access to the Windows Domain. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10908; scriptversion"1.24";...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2002/03/09 12:0 a.m.54 views

SECURITY.NNOV: Bypassing content filtering software

There are common methods allowing to bypass almost any content filtering software antiviral products, CVP firewalls, mail attachment filtering, etc. I believe multiple products are vulnerable. Contents: I. Bypassing attachment detection or invalid detection of attachment type. 1. Encoded filename...

7.2AI score
Exploits0
Rows per page
Query Builder