Lucene search
K

5316 matches found

Oracle linux
Oracle linux
added 2011/07/31 12:0 a.m.37 views

rgmanager security, bug fix, and enhancement update

2.0.52-21 - rgmanager: Fix bad passing of SFLFAILURE up fixbadpassingofsflfailureup.patch Resolves: rhbz711521 2.0.52-20 - resource-agents: Improve LDLIBRARYPATH handling by SAP resourceagentsimproveldlibrarypathhandlingbysap.patch Resolves: rhbz710637 2.0.52-19 - Fix changelog format - rgmanager...

6.9CVSS0.2AI score0.00417EPSS
Exploits1
Atlassian
Atlassian
added 2011/07/27 11:58 p.m.35 views

Password History Count does not work for ATLASSIAN-SECURITY directories

Testing this locally on Crowd 227, I set the password history count to 1, then tried resetting my password through the interface and through 'Forgot Password' e-mail link, but was able to consistent use old passwords. I also expired the password, forcing a password change, but that also let me...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/07/27 11:58 p.m.22 views

Password History Count does not work for ATLASSIAN-SECURITY directories

Testing this locally on Crowd 227, I set the password history count to 1, then tried resetting my password through the interface and through 'Forgot Password' e-mail link, but was able to consistent use old passwords. I also expired the password, forcing a password change, but that also let me...

0.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/07/15 5:14 a.m.4 views

kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()

Multiple integer overflows in the 1 agpallocatememory and 2 agpcreateusermemory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service system crash or possibly have unspecified other...

6.9CVSS7.3AI score0.00422EPSS
Exploits2References4
Drupal
Drupal
added 2011/06/22 12:0 a.m.11 views

SA-CONTRIB-2011-025 - Juitter & Download Count - Cross Site Scripting (XSS)

Two modules are being unsupported due to cross site scripting issues. The Juitter module enables you to use Juitter, a jQuery plugin, to put live Twitter search results on your site. The Juitter module contains a cross site scripting XSS vulnerability that can be exploited when setting up the...

5.8AI score
Exploits0References10
RedHat Linux
RedHat Linux
added 2011/06/21 11:44 p.m.4 views

kernel: fs/partitions: Validate map_count in Mac partition tables

Buffer overflow in the macpartition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service panic or possibly have unspecified other impact via a malformed Mac OS partition table...

4.9CVSS6.2AI score0.00534EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/06/21 11:44 p.m.5 views

kernel: fs/partitions: Corrupted OSF partition table infoleak

The osfpartition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing...

2.1CVSS7.1AI score0.00414EPSS
Exploits2References4
Zero Day Initiative
Zero Day Initiative
added 2011/06/08 12:0 a.m.43 views

Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way java handles color...

9CVSS5.6AI score0.06277EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/05/31 1:48 p.m.4 views

Gimp: Heap-based buffer overflow in Paint Shop Pro (PSP) plug-in

Heap-based buffer overflow in the readchanneldata function in file-psp.c in the Paint Shop Pro PSP plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a PSPCOMPRLE aka RLE compression image file that begins a long run...

7.5CVSS6.5AI score0.16273EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/05/19 11:46 a.m.3 views

kernel: fs/partitions: Corrupted OSF partition table infoleak

The osfpartition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing...

2.1CVSS7.1AI score0.00414EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2011/05/19 11:46 a.m.4 views

kernel: fs/partitions: Validate map_count in Mac partition tables

Buffer overflow in the macpartition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service panic or possibly have unspecified other impact via a malformed Mac OS partition table...

4.9CVSS6.2AI score0.00534EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/04/12 6:15 p.m.8 views

kernel: fs/partitions: Validate map_count in Mac partition tables

Buffer overflow in the macpartition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service panic or possibly have unspecified other impact via a malformed Mac OS partition table...

4.9CVSS6.2AI score0.00534EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2011/03/06 12:0 a.m.48 views

EggAvatar for vBulletin 3.8.x - SQL Injection

!/usr/bin/env perl use LWP::UserAgent; sub banner print "\n"; print " DSecurity \n"; print "\n"; print " Email:dsecurity.vnatgmail.com \n"; print "\n"; if@ARGVnew; $ua-agent"DSecurity"; $ua-cookiejar; sub login@ my $username=shift; my $password=shift; my $req = HTTP::Request-newPOST =...

7AI score
Exploits0
Prion
Prion
added 2011/02/10 6:0 p.m.27 views

Memory corruption

The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a...

9.3CVSS7.6AI score0.4954EPSS
Exploits0References10Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2011/02/08 12:0 a.m.38 views

Adobe Reader u3d Parent Node Count Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader on Mac OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the U3D componen...

9CVSS3.7AI score0.40134EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/01/13 10:33 a.m.3 views

kernel: drivers/serial/serial_core.c: reading uninitialized stack memory

The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...

1.9CVSS6.1AI score0.00387EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/01/11 7:44 p.m.5 views

kernel: heap contents leak from ETHTOOL_GRXCLSRLALL

The ethtoolgetrxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOLGRXCLSRLALL ethtool command with a large info.rulecnt value, a different...

2.1CVSS5.8AI score0.00407EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/01/11 7:44 p.m.5 views

kernel: drivers/serial/serial_core.c: reading uninitialized stack memory

The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...

1.9CVSS6.1AI score0.00387EPSS
Exploits1References4
Cvelist
Cvelist
added 2010/12/30 8:0 p.m.20 views

CVE-2010-4628

member.php in MyBB aka MyBulletinBoard before 1.4.12 makes a certain superfluous call to the SQL COUNT function, which allows remote attackers to cause a denial of service resource consumption by making requests to member.php that trigger scans of the entire users table...

7.1AI score0.01653EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2010/12/10 12:0 a.m.7 views

PT-2010-5124 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue is related to the ethtool get rxnfc function in the Linux kernel, which does not properly initialize a block of heap memory. This can be exploited by local users to obtain potential...

7.9CVSS5.5AI score0.02939EPSS
Exploits31References96
Rows per page
Query Builder