Lucene search
+L

3939 matches found

Prion
Prion
added 2008/08/13 12:42 p.m.22 views

Cross site request forgery (csrf)

Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of functio...

9CVSS7.6AI score0.28018EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2008/08/12 11:0 p.m.26 views

CVE-2008-2926

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System HIPS r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service system crash or possibly gain privileges via a crafted request...

6.6AI score0.00424EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2008/06/11 7:49 p.m.3 views

X.org Record and Security extensions memory corruption

The 1 SProcRecordCreateContext and 2 SProcRecordRegisterClients functions in the Record extension and the 3 SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with...

9CVSS7.7AI score0.02699EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/06/11 7:23 p.m.4 views

X.org Record and Security extensions memory corruption

The 1 SProcRecordCreateContext and 2 SProcRecordRegisterClients functions in the Record extension and the 3 SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with...

9CVSS7.7AI score0.02699EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/06/11 6:43 p.m.4 views

X.org Render extension ProcRenderCreateCursor() crash

Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service daemon crash via unspecified request fields that are used to calculate a glyph buffer size, which triggers a...

6.8CVSS7.5AI score0.01641EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.4 views

Fuktommy.com httpd.pl included in its HTML preprocessor vulnerable in allowing an attacker to view arbitrary CGI source code

Overview Fuktommy.com httpd.pl included in its HTML preprocessor contains a vulnerability which may allow an attacker to view arbitrary CGI source code. Fuktommy.com httpd.pl included in its HTML preprocessor is an open source web server. It contains a vulnerability which may allow an attacker to...

5CVSS6.7AI score
Exploits0References2
NVD
NVD
added 2008/04/14 4:5 p.m.32 views

CVE-2008-0962

Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface...

9CVSS7.6AI score0.04126EPSS
Exploits1References7
Cvelist
Cvelist
added 2008/04/08 6:0 p.m.25 views

CVE-2008-1701

Novell NetWare 6.5 allows attackers to cause a denial of service ABEND via a crafted Macintosh iPrint client request...

6.5AI score0.01454EPSS
Exploits0References6
Prion
Prion
added 2008/02/22 9:44 p.m.11 views

Authentication flaw

BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers...

6.4CVSS7.6AI score0.02163EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/02/22 9:0 p.m.18 views

CVE-2008-0895

BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers...

7AI score0.02163EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/02/14 12:0 a.m.122 views

3Proxy HTTP Proxy Crafted Transparent Request Remote Overflow

The remote host is running 3proxy, an application proxy supporting many protocols Telnet, FTP, WWW, and more. A stack overflow vulnerability has been detected in 3proxy prior to 0.5.3h and 0.6b-devel before 20070413. By sending a long host header in HTTP GET request, a remote attacker could...

10CVSS6.1AI score0.15308EPSS
Exploits0References3
NVD
NVD
added 2008/02/12 1:0 a.m.12 views

CVE-2008-0680

SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to cause a denial of service daemon crash via a crafted SNMP SET request...

7.8CVSS6.5AI score0.07437EPSS
Exploits0References5
NVD
NVD
added 2008/02/05 2:0 a.m.13 views

CVE-2008-0573

IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRVIOCTL IOCTL request...

7.2CVSS6.6AI score0.00837EPSS
Exploits1References5
Cvelist
Cvelist
added 2008/02/05 1:0 a.m.21 views

CVE-2008-0573

IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRVIOCTL IOCTL request...

6.6AI score0.00837EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2008/02/01 12:0 a.m.22 views

GLSA-200801-22 : PeerCast: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200801-22 PeerCast: Buffer overflow Luigi Auriemma reported a heap-based buffer overflow within the 'handshakeHTTP' function when processing HTTP requests. Impact : A remote attacker could send a specially crafted request to the...

10CVSS6.4AI score0.16796EPSS
Exploits1References2
Saint
Saint
added 2007/12/24 12:0 a.m.57 views

Samba lsa_io_trans_names buffer overflow

Added: 12/24/2007 CVE: CVE-2007-2446 BID: 24195 OSVDB: 34699 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in the LSA RPC interface allows a remote attacker to execute...

10CVSS9.2AI score0.77806EPSS
Exploits23
Cvelist
Cvelist
added 2007/11/30 12:0 a.m.23 views

CVE-2007-6174

PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information...

6.5AI score0.01476EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/11/09 12:0 a.m.36 views

GLSA-200711-13 : 3proxy: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200711-13 3proxy: Denial of Service 3proxy contains a double free vulnerability in the ftpprchild function, which frees param-hostname and calls the parsehostname function, which in turn attempts to free param-hostname again. Impa...

5CVSS5.6AI score0.02079EPSS
Exploits1References2
Prion
Prion
added 2007/07/10 10:30 p.m.24 views

Code injection

The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 and SP2, Server 2003 x64 Edition and SP2, and Server 2003 for Itanium-based Systems SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted LDAP request with an unspecified numbe...

10CVSS7.7AI score0.3917EPSS
Exploits0References11
NVD
NVD
added 2007/06/26 10:30 p.m.25 views

CVE-2007-2798

Stack-based buffer overflow in the renameprincipal2svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal...

9CVSS7.4AI score0.07519EPSS
Exploits1References53
Rows per page
Query Builder