CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

404 matches found

0day.today•added 2007/12/19 12:0 a.m.•22 views

HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities

Exploit for unknown platform in category dos / poc ================================================================= HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities ================================================================= Advisory: ///////// There is another remotely...

7AI score

Exploits0

Tenable Nessus•added 2007/11/12 12:0 a.m.•18 views

FreeBSD : gallery2 -- multiple vulnerabilities (9b718b82-8ef5-11dc-8e42-001c2514716c)

Gallery project reports : Gallery 2.2.3 addresses the following security vulnerabilities : - Unauthorized renaming of items possible with WebDAV reported by Merrick Manalastas - Unauthorized modification and retrieval of item properties possible with WebDAV - Unauthorized locking and replacing of...

6.4CVSS5.4AI score0.00959EPSS

Exploits0References2

OSV•added 2007/11/08 12:0 a.m.•5 views

DSA-1404-1 gallery2 - privilege escalation

Bulletin has no description...

6.4CVSS6.7AI score0.00959EPSS

Exploits0

CVE•added 2007/10/26 7:0 p.m.•42 views

CVE-2002-2310

Technical details about CVE-2002-2310 are not publicly available in the provided documents. No affected products/versions or remediation specifics are described here. Monitor for updates from connected sources.

5CVSS7.1AI score0.00419EPSS

Exploits1References3Affected Software1

CVE•added 2007/10/20 10:0 a.m.•36 views

CVE-2003-1423

Vulnerability summary: Petitforum stores the liste.txt data file under the web document root with insufficient access control, allowing remote attackers to obtain sensitive information (e-mails and encrypted passwords). Root cause: improper access restrictions on the data file within the web root...

5CVSS6.7AI score0.00252EPSS

Exploits1References2Affected Software1

FreeBSD•added 2007/08/29 12:0 a.m.•27 views

gallery2 -- multiple vulnerabilities

Gallery project reports: Gallery 2.2.3 addresses the following security vulnerabilities: Unauthorized renaming of items possible with WebDAV reported by Merrick Manalastas Unauthorized modification and retrieval of item properties possible with WebDAV Unauthorized locking and replacing of items...

6.4CVSS6.4AI score0.00959EPSS

Exploits0

Prion•added 2007/08/18 9:17 p.m.•24 views

Design/Logic Flaw

Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via 1 unspecified vectors where an attacker's umask is honored, 2 /etc/ld.so.preload, 3 certain "cron data file locations", and other unspecified vectors possibly involvi...

1.9CVSS6.7AI score0.00073EPSS

Exploits1References12Affected Software1

NVD•added 2007/08/18 9:17 p.m.•18 views

CVE-2007-4272

1.9CVSS6.5AI score0.00073EPSS

Exploits1References12

NVD•added 2006/09/13 10:7 p.m.•9 views

CVE-2006-4745

ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header...

3.6CVSS6.2AI score0.00177EPSS

Exploits1References3

CVE•added 2006/09/13 10:0 p.m.•37 views

CVE-2006-4745

The CVE-2006-4745 entry concerns ScaryBear PocketExpense Pro 3.9.1, where an internally recorded key protects a data file whose contents are stored in plaintext. The underlying issue allows local users to bypass authentication and access the file by modifying a value in the file header. This is a...

3.6CVSS6.6AI score0.00177EPSS

Exploits1References3Affected Software1

Tenable Nessus•added 2005/10/03 12:0 a.m.•18 views

4D WebStar < 5.3.5 IMAP Mac OS Client DoS

Binary data 3249.prm...

5CVSS7.3AI score0.00543EPSS

Exploits0References1

Tenable Nessus•added 2005/05/04 12:0 a.m.•13 views

PostgreSQL < 8.0.3 Incorrect Function Declaration

Binary data 2876.prm...

7.5CVSS7.3AI score0.0148EPSS

Exploits0References4

NVD•added 2005/04/27 4:0 a.m.•11 views

CVE-2005-0229

CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt...

5CVSS6.4AI score0.09876EPSS

Exploits1References6

CVE•added 2005/03/28 5:0 a.m.•48 views

CVE-2002-1656

CVE-2002-1656 affects X-News (x_news) 1.1 and earlier, a PHP-based news management system that stores user IDs and MD5 password hashes in a world-readable file (db/users.txt). The vulnerability enables an attacker to authenticate as other users by obtaining a password hash (e.g., via sniffing or ...

7.5CVSS6.5AI score0.14207EPSS

Exploits1References5Affected Software1

Tenable Nessus•added 2005/03/11 12:0 a.m.•8 views

Xerox Document Centre Denial of Service (DoS)

Binary data 2697.prm...

7.3AI score

Exploits0References2

CVE•added 2005/02/26 5:0 a.m.•41 views

CVE-2004-1713

Technical details about CVE-2004-1713 are not provided in the connected documents; the materials only reiterate the basic description that local users could corrupt data files in HP PRM on HP-UX WLM. Monitor for updates.

2.1CVSS6.3AI score0.00168EPSS

Exploits0References4Affected Software2

Tenable Nessus•added 2004/12/16 12:0 a.m.•9 views

Singapore Gallery Multiple Vulnerabilities

Binary data 2466.prm...

7.5CVSS7.3AI score0.00846EPSS

Exploits0References5

Tenable Nessus•added 2004/08/20 12:0 a.m.•26 views

SNMPv2 Public Community String (deprecated)

Binary data 1345.prm...

7.3AI score

Exploits0