Lucene search
K

2442 matches found

OwnCloud
OwnCloud
added 2012/08/10 11:42 a.m.41 views

Server: HTTP header injection

A Header injection vulnerability in ownCloud before 4.0.8 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the HTTP url path parameter to index.php. For more information please consult the official advisory. This advisory is...

4.3CVSS6.6AI score0.01022EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.43 views

Scientific Linux Security Update : perl on SL6.x i386/x86_64

Perl is a high-level programming language commonly used for system administration utilities and web programming. The Perl CGI module provides resources for preparing and processing Common Gateway Interface CGI based HTTP requests and responses. It was found that the Perl CGI module used a...

5CVSS8AI score0.08712EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.36 views

Scientific Linux Security Update : perl on SL4.x, SL5.x i386/x86_64

Perl is a high-level programming language commonly used for system administration utilities and web programming. It was found that the 'new' constructor of the Digest module used its argument as part of the string expression passed to the eval function. An attacker could possibly use this flaw to...

7.5CVSS8.2AI score0.13526EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.38 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64

defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. CVE-2010-3569 Race condition in the way objects were...

10CVSS8.2AI score0.87264EPSS
Exploits14References20
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.37 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64

defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. CVE-2010-3569 Race condition in the way objects were...

10CVSS8.2AI score0.87264EPSS
Exploits14References20
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.28 views

CentOS Update for perl CESA-2011:1797 centos5 x86_64

Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

7.5CVSS9.6AI score0.13526EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.34 views

CentOS Update for perl CESA-2011:1797 centos4 x86_64

Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

7.5CVSS9.6AI score0.13526EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.29 views

CentOS Update for perl CESA-2011:1797 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS8.5AI score0.13526EPSS
Exploits0References2
NVD
NVD
added 2012/07/20 10:40 a.m.20 views

CVE-2011-4586

CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS6.7AI score0.02102EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2012/07/20 10:40 a.m.24 views

CVE-2011-4586

CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS6AI score0.02102EPSS
Exploits0References1
Prion
Prion
added 2012/07/20 10:40 a.m.13 views

Crlf injection

CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS7.3AI score0.02102EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/07/20 10:0 a.m.22 views

CVE-2011-4586

CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.6AI score0.02102EPSS
Exploits0References4
CVE
CVE
added 2012/07/20 10:0 a.m.55 views

CVE-2011-4586

CRLF injection vulnerability (HTTP header injection/response splitting) in Moodle Calendar subsystem via calendar/set.php affects Moodle 1.9.x <1.9.15, 2.0.x <2.0.6, and 2.1.x

5CVSS6.8AI score0.02102EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2012/07/09 12:0 a.m.33 views

RedHat Update for perl RHSA-2011:0558-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS9.5AI score0.08712EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2012/06/26 12:0 a.m.36 views

Adobe ColdFusion HTTP Response Splitting (APSB12-15)

The version of Adobe ColdFusion running on the remote host is affected by an HTTP response splitting vulnerability. The coldfusion.filter.ComponentFilter class does not properly sanitize input used in the Location header of an HTTP response. A remote attacker can exploit this by tricking a user...

4.3CVSS5.6AI score0.01863EPSS
Exploits1References3
NVD
NVD
added 2012/06/13 4:46 a.m.20 views

CVE-2012-2041

CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

4.3CVSS6.8AI score0.01863EPSS
Exploits1References1
Prion
Prion
added 2012/06/13 4:46 a.m.22 views

Crlf injection

CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

4.3CVSS7.4AI score0.01863EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2012/06/13 1:0 a.m.28 views

CVE-2012-2041

CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.8AI score0.01863EPSS
Exploits1References1
CVE
CVE
added 2012/06/13 1:0 a.m.62 views

CVE-2012-2041

CVE-2012-2041 describes a CRLF injection in the Component Browser of Adobe ColdFusion 8.0–9.0.1 , enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. Public references point to Adobe’s APSB12-15 security bulletin, which provided ...

4.3CVSS7AI score0.01863EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2012/06/05 12:0 a.m.23 views

pyrocms 2.1.1 - Multiple Vulnerabilities

pyrocms 2.1.1 - Multiple Vulnerabilities PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it w...

0.4AI score
Exploits0
Rows per page
Query Builder