Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3489 matches found

0day.today
0day.todayadded 2014/10/28 12:0 a.m.44 views

Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF

Exploit for php platform in category web applications function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "https://sftp.example.org/api/v1.0/files/", true; xhr.setRequestHeader"Accept", "...

6.8CVSS0.3AI score0.01429EPSS
Exploits5
ArchLinux
ArchLinuxadded 2014/10/24 12:0 a.m.43 views

libvncserver: remote code execution, denial of service

CVE-2014-6051 Integer overflow in MallocFrameBuffer on client side. A malicious VNC server could advertise a very large screen size by RFB protocol, width and height are 16-bit integers, resulting in an integer overflow during malloc on client-side. Heap corruption, and possibly remote code...

7.5CVSS1.4AI score0.08272EPSS
Exploits1References7
Exploit DB
Exploit DBadded 2014/10/23 12:0 a.m.66 views

Axway Secure Transport 5.1 SP2 - Arbitrary File Upload (via Cross-Site Request Forgery)

function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "https://sftp.example.org/api/v1.0/files/", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q...

6.8CVSS6.6AI score0.01429EPSS
Exploits5
exploitpack
exploitpackadded 2014/10/23 12:0 a.m.27 views

Axway Secure Transport 5.1 SP2 - Arbitrary File Upload (via Cross-Site Request Forgery)

Axway Secure Transport 5.1 SP2 - Arbitrary File Upload via Cross-Site Request Forgery function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "https://sftp.example.org/api/v1.0/files/", true; xhr.setRequestHeader"Accept", "text/ht...

6.8CVSS0.6AI score0.01429EPSS
Exploits5
Vulnerability Lab
Vulnerability Labadded 2014/10/10 12:0 a.m.16 views

USB Disk Free v1.0 iOS - File Include Vulnerability

Document Title: =============== USB Disk Free v1.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2014-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 1340 Commo...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/10/10 12:0 a.m.27 views

GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability

No description provided by source. Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Labadded 2014/10/10 12:0 a.m.18 views

USB Disk Free v1.0 iOS - File Include Vulnerability

Document Title: =============== USB Disk Free v1.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2014-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 1340 Commo...

0.3AI score
Exploits0
Mageia
Mageiaadded 2014/10/07 9:22 a.m.48 views

Updated libvncserver & remmina packages fix security vulnerabilities

Updated libvncserver and remmina packages fix security vulnerabilities: A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on...

7.5CVSS9.4AI score0.08272EPSS
Exploits1References3
OSV
OSVadded 2014/09/30 4:55 p.m.1 views

DEBIAN-CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.9AI score0.0783EPSS
Exploits0References1
NVD
NVDadded 2014/09/30 4:55 p.m.17 views

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.4AI score0.0783EPSS
Exploits0References17
Prion
Prionadded 2014/09/30 4:55 p.m.22 views

Stack overflow

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.9AI score0.0783EPSS
Exploits0References17Affected Software5
Cvelist
Cvelistadded 2014/09/30 4:0 p.m.32 views

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

8.7AI score0.0783EPSS
Exploits0References17
CVE
CVEadded 2014/09/30 4:0 p.m.121 views

CVE-2014-6055

CVE-2014-6055 is a LibVNCServer (rfbserver.c) vulnerability: multiple stack-based buffer overflows in the File Transfer feature could allow remote authenticated users to crash the server and potentially execute arbitrary code. Affected product/version reference in the sources includes LibVNCServe...

6.5CVSS8.4AI score0.0783EPSS
Exploits0References17Affected Software1
Debian CVE
Debian CVEadded 2014/09/30 4:0 p.m.21 views

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS9.6AI score0.0783EPSS
Exploits0
Ubuntu
Ubuntuadded 2014/09/29 5:12 p.m.57 views

USN-2365-1: LibVNCServer vulnerabilities

Nicolas Ruff discovered that LibVNCServer incorrectly handled memory when being advertised large screen sizes by the server. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

7.5CVSS8.6AI score0.08272EPSS
Exploits1
OSV
OSVadded 2014/09/29 5:12 p.m.3 views

USN-2365-1 libvncserver vulnerabilities

Nicolas Ruff discovered that LibVNCServer incorrectly handled memory when being advertised large screen sizes by the server. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.08272EPSS
Exploits1References6
exploitpack
exploitpackadded 2014/09/29 12:0 a.m.24 views

GS Foto Uebertraeger 3.0 iOS - Local File Inclusion

GS Foto Uebertraeger 3.0 iOS - Local File Inclusion Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability...

7.1AI score
Exploits0
UbuntuCve
UbuntuCveadded 2014/09/24 12:0 a.m.31 views

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.6AI score0.0783EPSS
Exploits0References6
OSV
OSVadded 2014/09/24 12:0 a.m.2 views

UBUNTU-CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.9AI score0.0783EPSS
Exploits0References7
FreeBSD
FreeBSDadded 2014/09/23 12:0 a.m.37 views

libvncserver -- multiple security vulnerabilities

Nicolas Ruff reports: Integer overflow in MallocFrameBuffer on client side. Lack of malloc return value checking on client side. Server crash on a very large ClientCutText message. Server crash when scaling factor is set to zero. Multiple stack overflows in File Transfer feature...

7.5CVSS8.9AI score0.08272EPSS
Exploits1References1
Rows per page
Query Builder