Lucene search
K

3718 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Google Chrome 0.2.149 Malformed 'view-source' HTTP Header Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31035/info Google Chrome is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted HTTP 'view-source' headers. Attackers can exploit this issue to crash the affected...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Liferay Enterprise Portal 4.3.6 User-Agent HTTP Header Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27547/info Liferay Enterprise Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
NVD
NVD
added 2014/06/13 2:55 p.m.24 views

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

6.8CVSS7.9AI score0.20179EPSS
Exploits3References6
NVD
NVD
added 2014/06/13 2:55 p.m.20 views

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

5CVSS6.5AI score0.02506EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2014/06/13 2:55 p.m.19 views

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

6.8CVSS6.1AI score0.20179EPSS
Exploits3References7
Prion
Prion
added 2014/06/13 2:55 p.m.14 views

Stack overflow

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

6.8CVSS8.6AI score0.20179EPSS
Exploits3References6Affected Software1
UbuntuCve
UbuntuCve
added 2014/06/13 2:55 p.m.32 views

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

5CVSS5.9AI score0.02506EPSS
Exploits1References2
Cvelist
Cvelist
added 2014/06/13 2:0 p.m.36 views

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

6.5AI score0.02506EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/06/13 2:0 p.m.33 views

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

7.8AI score0.20179EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.43 views

openSUSE Security Update : perl-CGI-Simple (openSUSE-SU-2011:0020-1)

A HTTP header injection attack was fixed in perl-CGI-Simple. CVE-2010-2761 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update perl-CGI-Simple-3785. The text...

4.3CVSS9.1AI score0.02713EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.35 views

openSUSE Security Update : php5 (openSUSE-SU-2012:1169-1)

php5 was updated to fix two security issues : - use FilesMatch with 'SetHandler' rather than 'AddHandler' bnc775852 Since this update just hardens a configuration to protect weakly designed web applications, there was no CVE assigned. - A HTTP header Carriage-Return injection flaw was fixed...

4.3CVSS5.4AI score0.10173EPSS
Exploits0References4
NVD
NVD
added 2014/06/09 7:55 p.m.18 views

CVE-2013-3081

SQL injection vulnerability in the checkEmailFormat function in plugins/jojocore/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/...

7.5CVSS8.3AI score0.02359EPSS
Exploits1References3
Prion
Prion
added 2014/06/09 7:55 p.m.13 views

Sql injection

SQL injection vulnerability in the checkEmailFormat function in plugins/jojocore/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/...

7.5CVSS9AI score0.02359EPSS
Exploits1References3Affected Software1
Packet Storm
Packet Storm
added 2014/06/03 12:0 a.m.37 views

PHPBTTracker+ 2.2 SQL Injection

Exploit Title: PHPBTTracker+ 2.2 SQL Injection Date: May 13th, 2014 Exploit Author: BackBox Team Vendor Homepage: http://phpbttrkplus.sourceforge.net/ Software Link: http://sourceforge.net/projects/phpbttrkplus/files/ Version: PHPBTTracker+ 2.2 Tested on: PHP 5.4.27, Apache 2.4.9, MySQL = 5.0.0...

Exploits0
NVD
NVD
added 2014/05/30 2:55 p.m.18 views

CVE-2012-5877

Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and crash via an HTTP header without a name...

5CVSS6.5AI score0.07681EPSS
Exploits5References6
CVE
CVE
added 2014/05/30 2:0 p.m.61 views

CVE-2012-5877

CVE-2012-5877 concerns Nero MediaHome Server (Product: Nero MediaHome, vulnerable through NMMediaServer.dll) with versions up to 4.5.8.0. The available documents describe a denial-of-service via malformed HTTP handling, notably a NULL pointer dereference triggered by ill-formed HTTP headers (e.g....

5CVSS6.6AI score0.07681EPSS
Exploits5References6Affected Software1
Cvelist
Cvelist
added 2014/05/30 2:0 p.m.22 views

CVE-2012-5877

Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and crash via an HTTP header without a name...

6.5AI score0.07681EPSS
Exploits5References6
0day.today
0day.today
added 2014/05/25 12:0 a.m.40 views

phpnuke 8.3 Sql Injection Vulnerability

Exploit for php platform in category web applications author : ali ahmady -- Iranian security researcher email : snip3rirathotmail.com greets : b0x , PhantomX , VIRkid , email protected , zeus REKCAH , milad22 google dork : inurl: modules.php?name=SubmitNews at post review level you can inject...

7.1AI score
Exploits0
FreeBSD
FreeBSD
added 2014/05/23 12:0 a.m.39 views

tomcat -- multiple vulnerabilities

Tomcat Security Team reports: Tomcat does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference,...

8.3AI score
Exploits0References3
Hacker One
Hacker One
added 2014/05/19 8:12 a.m.89 views

Secret: Content Sniffing not disabled

URL :- https://www.secret.ly/ Issue description :- There was no "X-Content-Type-Options" HTTP header with the value nosniff set in the response. The lack of this header causes that certain browsers, try to determine the content type and encoding of the response even when these properties are...

0.1AI score
Exploits0
Rows per page
Query Builder