Lucene search
K

6827 matches found

UbuntuCve
UbuntuCve
added 2009/12/15 2:30 a.m.38 views

CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...

9.3CVSS7.2AI score0.81863EPSS
Exploits21References2
securityvulns
securityvulns
added 2009/12/01 12:0 a.m.37 views

Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities

/ / | | | / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,||,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Theeta CMS Cross Site Scripting,SQL Injection Multiple Vulnerabilities Discovered By c0dy http://r00tDefaced.net Greetz:...

0.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/11/03 12:0 a.m.6 views

Microsoft ASP.NET Resource Paths Canonicalization (MS05-004; CVE-2004-0847)

The .NET framework is a windows framework for building and running software. The framework supports a variety of programming languages. A component of this framework is ASP.NET which allows for the development of dynamic Web applications in different programming languages. A vulnerability exists ...

7.5CVSS9.2AI score0.75702EPSS
Exploits1
securityvulns
securityvulns
added 2009/10/14 12:0 a.m.56 views

US-CERT Technical Cyber Security Alert TA09-286B -- Adobe Reader and Acrobat Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-286B Adobe Reader and Acrobat Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected Adobe Reader and Acrobat 9.1.3 and earlier 9.x versions Adobe Reader...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2009/10/14 12:0 a.m.35 views

ZoIPer 2.22 - Call-Info Remote Denial of Service

!/usr/bin/python ZoIPer v2.22 Call-Info Remote Denial Of Service. Remote Crash P.O.C. Author: Tomer Bitton Gr33nG0bL1n Tested on Windows XP SP2 , SP3 , Ubuntu 8.10 Vendor Notified on: 21/09/2009 Vendor Fix: Fixed in version 2.24 Library 5324 Bad Chars: \x20 , \x09 import sys import socket import ...

7.4AI score
Exploits0
Prion
Prion
added 2009/10/13 10:30 a.m.18 views

Heap overflow

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtaine...

9.3CVSS8.4AI score0.86468EPSS
Exploits12References12Affected Software3
exploitpack
exploitpack
added 2009/10/07 12:0 a.m.12 views

Ada Image Server 0.6.7 - imgsrv.exe Remote Buffer Overflow

Ada Image Server 0.6.7 - imgsrv.exe Remote Buffer Overflow !/usr/bin/python Only usable module with safeseh disabled on XP SP2 and XP SP3 is imgsrv.exe. However, it contains a null character in the address ex: XP SP3 = 00689aff. Versions above 0.6.7 do not seem to be vulnerable. $ ./imgsrv.py...

0.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.21 views

SuSE9 Security Update : gnome-vfs2,gnome-vfs2-doc (YOU Patch Number 10010)

This update fixes the following security problems : - The VFS scripts contained in GNOME are vulnerable to attacks on temporary files as well as command execution via shell meta-characters. These bugs can be exploited by accessing a malformated archive file. CVE-2004-0494 - Insufficient checks wh...

7.5CVSS5.7AI score0.04621EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/09/18 12:0 a.m.28 views

Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (AST-2009-006)

Asterisk is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk";...

7.8CVSS6.2AI score0.02581EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2009/09/11 12:0 a.m.20 views

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (Windows)

This host has IBM Lotus Notes installed and is prone to HTML Injection vulnerability. OpenVAS Vulnerability Test $Id: secpodibmlotusnoteshtmlinjvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability Windows Authors: Antu Sanadi Copyright:...

7.5CVSS0.1AI score0.02245EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/09/11 12:0 a.m.68 views

Mac OS X Multiple Vulnerabilities (Security Update 2009-005)

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-005 applied. This security update contains fixes for the following products : - Alias Manager - CarbonCore - ClamAV - ColorSync - CoreGraphics - CUPS - Flash Player plug-in - ImageIO - Launch...

10CVSS7.5AI score0.25006EPSS
Exploits23References36
Tenable Nessus
Tenable Nessus
added 2009/09/11 12:0 a.m.43 views

Mac OS X 10.6.x < 10.6.1 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.1. Mac OS X 10.6.1 contains security fixes for the following product : - Flash Player plug-in C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'compat.inc'; if description scriptid40946;...

9.3CVSS8.6AI score0.25006EPSS
Exploits6References12
seebug.org
seebug.org
added 2009/09/10 12:0 a.m.19 views

MYRE Holiday Rental Manager (action) SQL Injection Vulnerability

No description provided by source. Viva IslaM Viva IslaM Remote SQL Injection Vulnerability review.php action MYRE Holiday Rental Manager http://www.myrephp.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/09/10 12:0 a.m.62 views

Microsoft Windows TCP/IP Remote Code Execution Vulnerability (967723)

This host is missing a critical security update according to Microsoft Bulletin MS09-048. OpenVAS Vulnerability Test $Id: secpodms09-048.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Windows TCP/IP Remote Code Execution Vulnerability 967723 Authors: Sharath S Updated By: Madhuri D on...

10CVSS0.1AI score0.35042EPSS
Exploits3References5
Prion
Prion
added 2009/09/08 10:30 a.m.14 views

Design/Logic Flaw

Insecure method vulnerability in the UUSee UUUpgrade ActiveX control UUUpgrade.ocx 3.0.2.12 allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009...

9.3CVSS7.4AI score0.05647EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2009/09/08 10:0 a.m.24 views

CVE-2008-7168

Insecure method vulnerability in the UUSee UUUpgrade ActiveX control UUUpgrade.ocx 3.0.2.12 allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009...

6.8AI score0.05647EPSS
Exploits1References3
Prion
Prion
added 2009/09/01 6:30 p.m.9 views

Design/Logic Flaw

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for 1 ecrire/exec/install.php and 2 ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009...

7.5CVSS7.2AI score0.06589EPSS
Exploits2References5Affected Software1
Exploit DB
Exploit DB
added 2009/08/31 12:0 a.m.39 views

Re-Script 0.99 Beta - &#039;listings.php?op&#039; SQL Injection

Viva IslaM Viva IslaM Remote SQL Injection Vulnerability listings.php op REScript V.0.99 Beta http://www.ebigman.com/ AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2009/08/19 2:44 p.m.49 views

Windows WINS Attacks In The Wild

The “critical” WINS vulnerability that Microsoft issued a patch for last week is now being exploited actively in the wild, according to the SANS Institute sans.org. The Internet Storm Center ISC, which is operated by SANS, is receiving preliminary reports that hackers are targeting Microsoft’s WI...

9.3CVSS3.2AI score0.99945EPSS
Exploits33References3
0day.today
0day.today
added 2009/08/18 12:0 a.m.18 views

Videos Broadcast Yourself V2 (UploadID) SQL Injection Vuln

Exploit for unknown platform in category web applications ========================================================== Videos Broadcast Yourself V2 UploadID SQL Injection Vuln ========================================================== Viva IslaM Viva IslaM Remote SQL Injection Vulnerability...

7.1AI score
Exploits0
Rows per page
Query Builder