Lucene search
K

448 matches found

NVD
NVD
added 2017/02/13 9:59 p.m.16 views

CVE-2016-5803

An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can...

8.6CVSS8.5AI score0.02306EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.16 views

CVE-2016-5803

An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can...

8.5AI score0.02306EPSS
Exploits0References3
Hacker One
Hacker One
added 2016/09/18 2:21 a.m.22 views

Internet Bug Bounty: wddx_deserialize use-after-free

Upstream Bug --- https://bugs.php.net/bug.php?id=72860 Summary -- wddxdeserialize allows to unserialize a WDDX packet that usually comes from external input. While WDDX tries to deserialize "recordset" element, use-after-free happens if the close tag for the field is not found. Patch --...

6.9AI score
Exploits0
curl security advisories
curl security advisories
added 2015/01/08 8:0 a.m.48 views

URL request injection

When libcurl sends a request to a server via an HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those are sent along to the proxy too, which allows the program to for example send a separate HTTP request injected...

4.3CVSS7.4AI score0.0681EPSS
Exploits0Affected Software2
exploitpack
exploitpack
added 2014/11/24 12:0 a.m.45 views

tcpdump 4.6.2 - Geonet Decoder Denial of Service

tcpdump 4.6.2 - Geonet Decoder Denial of Service CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or...

5CVSS8.7AI score0.19807EPSS
Exploits5
0day.today
0day.today
added 2014/11/24 12:0 a.m.63 views

tcpdump 4.6.2 Geonet Decoder Denial of Service Vulnerability

Exploit for multiple platform in category dos / poc CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or...

5CVSS9.2AI score0.19807EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/06/30 12:0 a.m.57 views

Xorbin Analog Flash Clock 1.0 For WordPress XSS

==================================================================== Xorbin Analog Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays analog flash clock on your website. It's easy to use and...

4.1CVSS0.6AI score0.0245EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/06/30 12:0 a.m.25 views

Xorbin Digital Flash Clock 1.0 For WordPress XSS

==================================================================== Xorbin Digital Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays digital flash clock on your website. It's easy to use and...

0.2AI score0.01251EPSS
Exploits2
Rows per page
Query Builder