Lucene search
K

75 matches found

BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

The vulnerability of the software for managing VMware vCenter Server allows a malicious individual to prevent other users from accessing the system.

The OpenSSH software mechanism for managing VMware vCenter Server’s virtual infrastructure contains a vulnerability that can lead to service interruptions during authentication processes. A service interruption occurs when the values of logingraceTime and maxStartup differ from the default values...

5CVSS6.5AI score0.1651EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2014/11/11 7:39 p.m.6 views

USN-2408-1 neutron vulnerability

Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values...

4CVSS5.8AI score0.02089EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/11/03 8:36 a.m.5 views

openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users

It was discovered that unprivileged users could in some cases reset admin-only network attributes to their default values. This could lead to unexpected behavior or in some cases result in a denial of service...

4CVSS5.8AI score0.02089EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2014/10/02 12:0 a.m.30 views

CVE-2014-6414

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors...

4CVSS5.9AI score0.02089EPSS
Exploits0References4
OSV
OSV
added 2014/09/30 2:55 p.m.33 views

PYSEC-2014-33

z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id...

4.3CVSS4.9AI score0.01231EPSS
Exploits0References5
Cvelist
Cvelist
added 2014/09/30 2:0 p.m.20 views

CVE-2012-5491

z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id...

6.4AI score0.01231EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/10 1:9 p.m.10 views

rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

1.9CVSS5.8AI score0.00331EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Microsoft Windows NT 4.0 SNMP-WINS DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2244/info The Simple Network Management Protocol SNMP provides remote network administration functions. Windows NT provides an optional SNMP implementation. Windows NT networks can use Windows Internet Name Service WINS, ...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2014/05/08 2:0 p.m.21 views

CVE-2014-0135

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

5.8AI score0.00331EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/03/03 12:0 a.m.41 views

Oracle Java FileDialog.Show Heap Buffer Overflow - Ver2 (CVE-2011-0802)

A remote code execution vulnerability has been reported in Oracle Java Runtime Environment.The vulnerability is due to insufficient validation of the selected file's default values size. A remote attacker could exploit this vulnerability by enticing an unsuspecting user to open a web page...

10CVSS7.6AI score0.06277EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/09/20 12:0 a.m.22 views

IBM solidDB Stored Procedure Call Handling Denial of Service Vulnerability

IBM solidDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:soliddb";...

3.5CVSS6.5AI score0.0118EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/02/11 12:0 a.m.28 views

MantisBT < 1.2.12 Multiple Vulnerabilities

According to its version number, the MantisBT install hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by an information disclosure vulnerability due to a flaw in using default values to determine if a user has sufficient privileges to modify...

5.5CVSS5.6AI score0.01883EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2011/07/26 12:0 a.m.59 views

SLP (Service Location Protocol) Denial Of Service

!/usr/bin/python ''' ================================== Pseudo documentation ================================== ''' SLPick, extension DoS release by Nicolas Gregoire ''' ================================== Imports ================================== ''' import getopt import re import sys import...

5CVSS7.6AI score0.17223EPSS
Exploits1
Atlassian
Atlassian
added 2008/09/08 8:18 a.m.19 views

default config values restored

This should be for 2.9.1 - this version was not yet available under "affects versions" when filing this bug. After updating from 2.9 to 2.9.1, most of my settings were overwritten by their default values. - public signup got enabled - the language changed back to english instead of german - e-mai...

0.8AI score
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2001/01/03 12:0 a.m.124 views

WU-FTPD 2.6.0 - Remote Format Strings

/ 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible for delivering it to the intended...

7.4AI score
Exploits0
Rows per page
Query Builder