Lucene search
K

3122 matches found

NVD
NVD
added 2008/02/13 9:0 p.m.21 views

CVE-2008-0760

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the URI. NOTE: this issue reportedly exists because of an incomplete fix for...

5CVSS6.5AI score0.03319EPSS
Exploits1References6
Prion
Prion
added 2008/02/13 9:0 p.m.17 views

Directory traversal

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the URI. NOTE: this issue reportedly exists because of an incomplete fix for...

5CVSS6.8AI score0.10361EPSS
Exploits7References6Affected Software2
NVD
NVD
added 2008/02/13 9:0 p.m.29 views

CVE-2008-0639

Stack-based buffer overflow in the EnumPrinters function in the Spooler service nwspool.dll in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE:...

10CVSS7.8AI score0.23186EPSS
Exploits6References9
CVE
CVE
added 2008/02/13 8:0 p.m.116 views

CVE-2008-0760

Summary: CVE-2008-0760 is a directory traversal vulnerability in SafeNet Sentinel Protection Server <= 7.4.1.0 and Sentinel Keys Server

5CVSS6.5AI score0.03319EPSS
Exploits1References6Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/02/12 12:0 a.m.66 views

JVN#09470767 Apache Tomcat fails to properly handle cookie value

Apache Tomcat from the Apache Software Foundation is a web container that implements both Java Servlets and JavaServer Pages. Apache Tomcat from the Apache Software Foundation contains a vulnerability that could allow a remote attacker to coerce a crafted cookie to a user's web browser. The...

5CVSS4.8AI score0.62575EPSS
Exploits5
Cvelist
Cvelist
added 2008/02/12 12:0 a.m.40 views

CVE-2007-5333

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle 1 double quote " characters or 2 %5C encoded backslash sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable...

4.8AI score0.62575EPSS
Exploits1References55
Prion
Prion
added 2007/11/21 9:46 p.m.24 views

Session fixation

The session fixation protection mechanism in cgiprocess.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookieonly attribute from the DEFAULTSESSIONOPTIONS constant, which effectively causes cookieonly to be applied only to the first instantiation of CgiRequest, which allows remote...

6.8CVSS6.5AI score0.03576EPSS
Exploits0References11Affected Software1
UbuntuCve
UbuntuCve
added 2007/11/21 9:46 p.m.28 views

CVE-2007-6077

The session fixation protection mechanism in cgiprocess.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookieonly attribute from the DEFAULTSESSIONOPTIONS constant, which effectively causes cookieonly to be applied only to the first instantiation of CgiRequest, which allows remote...

6.8CVSS5.9AI score0.02512EPSS
Exploits0References3
OSV
OSV
added 2007/11/21 9:46 p.m.9 views

CVE-2007-6077

The session fixation protection mechanism in cgiprocess.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookieonly attribute from the DEFAULTSESSIONOPTIONS constant, which effectively causes cookieonly to be applied only to the first instantiation of CgiRequest, which allows remote...

6.4AI score
Exploits0References11
OSV
OSV
added 2007/11/15 11:46 p.m.3 views

DEBIAN-CVE-2007-6010

Unspecified vulnerability in pioneers formerly gnocatan 0.11.3 allows remote attackers to cause a denial of service daemon crash via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933...

7.8CVSS6.8AI score0.01646EPSS
Exploits0References1
NVD
NVD
added 2007/11/15 11:46 p.m.16 views

CVE-2007-6010

Unspecified vulnerability in pioneers formerly gnocatan 0.11.3 allows remote attackers to cause a denial of service daemon crash via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933...

7.8CVSS6.5AI score0.01646EPSS
Exploits0References3
Prion
Prion
added 2007/11/15 11:46 p.m.17 views

Code injection

Unspecified vulnerability in pioneers formerly gnocatan 0.11.3 allows remote attackers to cause a denial of service daemon crash via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933...

7.8CVSS6.7AI score0.02022EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2007/11/15 11:46 p.m.7 views

CVE-2007-6010

Unspecified vulnerability in pioneers formerly gnocatan 0.11.3 allows remote attackers to cause a denial of service daemon crash via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933...

6.5AI score
Exploits0References3
Cvelist
Cvelist
added 2007/11/15 11:0 p.m.22 views

CVE-2007-6010

Unspecified vulnerability in pioneers formerly gnocatan 0.11.3 allows remote attackers to cause a denial of service daemon crash via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933...

6.4AI score0.01646EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2007/11/15 11:0 p.m.26 views

CVE-2007-6010

Unspecified vulnerability in pioneers formerly gnocatan 0.11.3 allows remote attackers to cause a denial of service daemon crash via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933...

7.8CVSS6.2AI score0.01646EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.21 views

Ubuntu 7.10 : compiz vulnerability (USN-537-2)

USN-537-1 fixed vulnerabilities in gnome-screensaver. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes related problems in compiz. Jens Askengren discovered that gnome-screensaver became confused when running under Compiz, and...

6.2CVSS5.5AI score0.00356EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2007/11/07 5:52 p.m.5 views

Incomplete fix for CVE-2007-0720 CUPS denial of service

The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation...

5CVSS7.4AI score0.05321EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/11/05 5:0 p.m.23 views

CVE-2007-5805

cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: thi...

6.2AI score0.00306EPSS
Exploits0References8
Ubuntu
Ubuntu
added 2007/10/23 6:53 p.m.54 views

USN-531-2: dhcp vulnerability

USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem. Original advisory details: Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certai...

7.2CVSS5.8AI score0.80265EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2007/10/09 12:0 a.m.55 views

GLSA-200710-06 : OpenSSL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200710-06 OpenSSL: Multiple vulnerabilities Moritz Jodeit reported an off-by-one error in the SSLgetsharedciphers function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the BNfrommontgomery...

10CVSS7.7AI score0.48575EPSS
Exploits2References4
Rows per page
Query Builder