Lucene search
K

412 matches found

OpenVAS
OpenVAS
added 2015/04/09 12:0 a.m.18 views

Debian: Security Advisory (DSA-3218-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.02322EPSS
Exploits0References3
CNVD
CNVD
added 2015/02/27 12:0 a.m.7 views

Multiple Vulnerabilities in UberFire Framework

UberFire Framework is a rich client platform architecture software. The software supports high-availability deployments. An arbitrary code execution and file read vulnerability exists in UberFire Framework version 0.3.x, which stems from the program failing to properly restrict paths. A remote...

6.8CVSS8.1AI score0.03101EPSS
Exploits0References1
NVD
NVD
added 2015/02/20 4:59 p.m.24 views

CVE-2014-8114

The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to 1 execute arbitrary code by uploading crafted content to FileUploadServlet or 2 read arbitrary files via vectors involving FileDownloadServlet...

6.8CVSS7.4AI score0.03101EPSS
Exploits0References4
CVE
CVE
added 2015/02/20 4:0 p.m.54 views

CVE-2014-8114

The CVE-2014-8114 entry affects the UberFire Framework 0.3.x and is caused by inadequate path restriction in the framework’s FileUploadServlet/FileDownloadServlet handling. This leads to two disclosed risks: (1) remote code execution by uploading crafted content to FileUploadServlet and (2) arbit...

6.8CVSS7.6AI score0.03101EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2013/07/18 12:51 p.m.19 views

CVE-2013-3426

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810...

5CVSS6.6AI score0.01187EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2011/10/11 12:0 a.m.19 views

Microsoft Windows Multiple COM Binary Planting Vulnerabilities (MS11-076; CVE-2011-1991; CVE-2011-2009)

The vulnerabilities are due to the way Windows COM servers improperly restrict the paths used when loading external libraries. A remote attacker may exploit these vulnerabilities by enticing an unsuspecting user to open a specially crafted file from a WebDAV or an SMB shareSuccessful exploitation...

9.3CVSS7.4AI score0.12123EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.28 views

Debian Security Advisory DSA 459-1 (kdelibs, kdelibs-crypto)

The remote host is missing an update to kdelibs, kdelibs-crypto announced via advisory DSA 459-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

7.5CVSS7AI score0.04409EPSS
Exploits1References1
NVD
NVD
added 2006/12/10 8:28 p.m.27 views

CVE-2006-6383

PHP 5.2.0 and 4.4 allows local users to bypass safemode and openbasedir restrictions via a malicious path and a null byte before a ";" in a sessionsavepath argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.savepath...

4.6CVSS6AI score0.01087EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2004/11/16 12:0 a.m.4 views

PT-2004-1119 · Unarj · Unarj

Name of the Vulnerable Software and Affected Versions: unarj affected versions not specified Description: The issue is related to a directory traversal vulnerability in the -x extract command line option. This vulnerability allows remote attackers to overwrite arbitrary files by using an arj...

5CVSS6.2AI score0.02737EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.24 views

Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:022)

Corsaire discovered that a number of HTTP user agents contained a flaw in how they handle cookies. This flaw could allow an attacker to avoid the path restrictions specified by a cookie's originator. According to their advisory : 'The cookie specifications detail a path argument that can be used ...

7.5CVSS5.5AI score0.04409EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2004/03/10 12:0 a.m.27 views

Apple Safari 1.x - Cookie Directory Traversal

source: https://www.securityfocus.com/bid/9841/info Multiple vendor Internet Browsers have been reported to be prone to a cookie path argument restriction bypass vulnerability. The issue presents itself due to a failure to properly sanitize encoded URI content, this may make it possible for an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.53 views

eeye.web.interfaces.txt

Date: Wed, 26 May 1999 06:58:27 -0000 From: Marc To: [email protected] Subject: Multiple Web Interface Security Holes Multiple Web Interface Security Holes Systems Affected CMail 2.3 FTGate 2,1,2,1 NTMail 4.20 Release Date May 26, 1999 Advisory Code AD05261999 Description: The following holes...

7.4AI score
Exploits0
Rows per page
Query Builder