Lucene search
+L

3939 matches found

Prion
Prion
added 2010/03/05 4:30 p.m.29 views

Design/Logic Flaw

The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...

5CVSS6.9AI score0.20787EPSS
Exploits1References44Affected Software1
NVD
NVD
added 2010/03/05 4:30 p.m.24 views

CVE-2010-0408

The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...

5CVSS6.4AI score0.20787EPSS
Exploits1References44
Cvelist
Cvelist
added 2010/03/05 4:0 p.m.41 views

CVE-2010-0408

The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...

9AI score0.20787EPSS
Exploits1References44
Prion
Prion
added 2010/02/24 6:30 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request...

2.6CVSS6AI score0.01017EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2010/02/01 12:0 a.m.42 views

HP OpenView Data Protector Application Recovery Manager Buffer Overflow (CVE-2009-3844)

HP OpenView Storage Data Protector is a backup solution tailored for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and device servers are...

10CVSS7.5AI score0.74063EPSS
Exploits10
NVD
NVD
added 2010/01/14 7:30 p.m.21 views

CVE-2010-0312

The doextendedOp function in ibmslapd in IBM Tivoli Directory Server TDS 6.2 on Linux allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted SecureWay 3.2 Event Registration Request aka a 1.3.18.0.2.12.1 request...

5CVSS6.4AI score0.01694EPSS
Exploits1References2
Prion
Prion
added 2010/01/12 5:30 p.m.21 views

Design/Logic Flaw

Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service Management Console shutdown via a crafted request. NOTE: some of the...

5CVSS7AI score0.0144EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2009/12/31 6:30 p.m.1 views

DEBIAN-CVE-2009-4498

The nodeprocesscommand function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request...

6.8CVSS7.7AI score0.31915EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2009/12/31 6:30 p.m.22 views

CVE-2009-4498

The nodeprocesscommand function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request...

6.8CVSS6.1AI score0.31915EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2009/12/31 6:30 p.m.31 views

CVE-2009-4500

The processtrap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service crash via a crafted request with data that lacks an expected : colon separator, which triggers a NULL pointer dereference...

5CVSS5.9AI score0.02286EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2009/12/31 6:0 p.m.48 views

CVE-2009-4498

The nodeprocesscommand function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request...

6.8CVSS8.6AI score0.31915EPSS
Exploits4
Cvelist
Cvelist
added 2009/12/31 6:0 p.m.29 views

CVE-2009-4498

The nodeprocesscommand function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request...

7.3AI score0.31915EPSS
Exploits4References5
Cvelist
Cvelist
added 2009/12/31 6:0 p.m.33 views

CVE-2009-4499

SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...

8AI score0.02392EPSS
Exploits0References4
Cvelist
Cvelist
added 2009/12/31 6:0 p.m.29 views

CVE-2009-4500

The processtrap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service crash via a crafted request with data that lacks an expected : colon separator, which triggers a NULL pointer dereference...

6.4AI score0.02286EPSS
Exploits0References4
NVD
NVD
added 2009/12/29 8:41 p.m.21 views

CVE-2009-4448

inc/functionstime.php in MyBB aka MyBulletinBoard 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service CPU consumption via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors...

5CVSS6.7AI score0.01707EPSS
Exploits1References7
Prion
Prion
added 2009/12/29 8:41 p.m.11 views

Design/Logic Flaw

inc/functionstime.php in MyBB aka MyBulletinBoard 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service CPU consumption via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors...

5CVSS7.1AI score0.01707EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2009/12/29 8:15 p.m.18 views

CVE-2009-4448

inc/functionstime.php in MyBB aka MyBulletinBoard 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service CPU consumption via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors...

6.7AI score0.01707EPSS
Exploits1References7
Cvelist
Cvelist
added 2009/12/02 6:0 p.m.22 views

CVE-2009-4170

WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to obtain sensitive information via a crafted request to wp-cumulus.php, probably without parameters, which reveals the installation path in an error message...

6.2AI score0.06392EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2009/10/29 12:0 a.m.31 views

SAP MaxDB Remote Arbitrary Commands Execution (CVE-2008-0244)

SAP MaxDB is an open source relational database management system RDBMS developed and supported by SAP AG. MaxDB is targeted for large SAP environments such as mySAP Business Suite and other applications that require enterprise level database functionality. MaxDB is available for the most promine...

10CVSS7.5AI score0.80311EPSS
Exploits8
seebug.org
seebug.org
added 2009/10/27 12:0 a.m.49 views

WordPress Trackback脚本拒绝服务漏洞

CVE ID: CVE-2009-3622 WordPress是一款免费的论坛Blog系统。 WordPress的wp-trackback.php脚本允许用户向mbconvertencoding函数提交多个源字符编码。如果远程攻击者在提交的HTTP请求中包含有超长的标题参数和由多个逗号分隔的UTF-8子字符串所组成的字符集参数,就可以占用大量CPU资源。 WordPress 2.8.5 厂商补丁: WordPress --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.3CVSS6.4AI score0.05827EPSS
Exploits2
Rows per page
Query Builder