330 matches found
CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
Design/Logic Flaw
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
Authorization
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare the file to themselv...
CVE-2016-2049
examples/consumer/common.php in JanRain PHP OpenID library aka php-openid improperly checks the openid.realm parameter against the SERVERNAME element in the SERVER superglobal array, which might allow remote attackers to hijack the authentication of arbitrary users via vectors involving a crafted...
CVE-2013-0442
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...
CVE-2013-0442
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...
Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download
Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download Exploit Title: Arbitrary File Download in InterScan Web Security Virtual Appliance 5.0 Date: 22-06-2010 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249®s=NABU?loc=1...
CVE-2024-33427
CVE-2024-33427 is rejected/not used; this CVE entry does not represent an active vulnerability.
CVE-2024-33427
Removed by vendor...