Lucene search
+L

5954 matches found

Ubuntu
Ubuntu
added 2015/01/23 1:19 a.m.55 views

USN-2482-1: elfutils vulnerability

Alexander Cherepanov discovered that libelf1 incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform a directory traversal attack on the root directory if the process extracting the ar archive has write access to the root directory...

6.4CVSS6.4AI score0.05018EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/01/23 12:0 a.m.43 views

Ubuntu: Security Advisory (USN-2470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.63178EPSS
Exploits5References2
FreeBSD
FreeBSD
added 2015/01/18 12:0 a.m.25 views

ha -- Directory traversals

Alexander Cherepanov reports: Version 0.999b and older of ha archiver is susceptible to directory traversal vulnerabilities via absolute and relative paths...

7.5CVSS7.6AI score0.03323EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/01/13 12:0 a.m.37 views

Microsoft Windows Directory Traversal Elevation of Privilege (MS15-004; CVE-2015-0016)

An elevation of privilege vulnerability exists in Windows Components. The vulnerability is caused when Windows fails to properly sanitize file paths. An attacker can exploit this vulnerability by tricking a user into downloading a specially crafted application...

9.3CVSS6AI score0.7594EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.63 views

RHEL 6 : kernel (RHSA-2013:1450)

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

7.1CVSS6.8AI score0.0381EPSS
Exploits2References7
Cvelist
Cvelist
added 2014/10/25 10:0 p.m.24 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

6.8AI score0.03828EPSS
Exploits6References8
Debian CVE
Debian CVE
added 2014/10/25 10:0 p.m.30 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

3.7CVSS6.9AI score0.03828EPSS
Exploits6
CVE
CVE
added 2014/10/25 10:0 p.m.132 views

CVE-2014-0476

chkrootkit before 0.50 contains a flaw in the slapper function that does not properly quote file paths, allowing a local user to execute arbitrary code via a Trojan horse executable in /tmp when /tmp is not mounted with noexec. This enables local privilege escalation to root. Public reports refer...

3.7CVSS7AI score0.03828EPSS
Exploits6References8Affected Software2
Kitploit
Kitploit
added 2014/08/11 7:29 p.m.20 views

NTFSLinksView - View NTFS symbolic links and junction points

Starting from Windows Vista, Microsoft uses symbolic links and junction points of NTFS file system in order to make changes in the folders structure of Windows and keep the compatibility of applications written for older versions of Windows. This utility simply shows you a list of all symbolic...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/08/04 12:0 a.m.30 views

TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities

Document Title: =============== TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1284 Release Date: ============= 2014-07-30 Vulnerability Laboratory ID VL-ID: ==================================== 1284...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31124/info ZoneAlarm Security Suite is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input when performing virus scans on long directory paths...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

WM-News <= 0.5 - Multiple Remote File Include Vulnerabilities

No description provided by source. ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- WM-News v0.5 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=203 Script : WM-News v0.5 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

RARLAB FAR 1.65/1.70 File Manager Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6822/info A buffer overflow vulnerability has been reported for FAR that may result in a denial of service condition. The vulnerability exists due to insufficient bounds checking performed by FAR when parsing directory...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

iClone SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : iClone SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.reallusion.com/iclone/ Platform: Windows Price:$199 Author...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

uTorrent DLL Hijacking Vulnerabilities

No description provided by source. Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and placed in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.46 views

WebJeff Filemanager 1.6 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7995/info A vulnerability has been reported for Filemanager that may result in the disclosure of arbitrary files. The vulnerability exists due to insufficient sanitization of user-supplied values for URI parameters. A...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit

No description provided by source. / ======================================================================== 0-day AtomixMP3 = v2.3 Malformed M3U Buffer Overflow PoC ======================================================================== AtomixMP3 Player/Mixer fails to properly handle large fil...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Snowblind 1.0/1.1 Web Server File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7618/info It has been announced that Snowblind Web Server is vulnerable to a condition that may result in the disclosure of potentially sensitive information. According to the report, Snowblind Web Server does not perform...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

askSam 4.0 Web Publisher Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4670/info askSam is a database system. An optional component, askSam Web Publisher versions 1 and 4, is reportedly vulnerable to cross site scripting vulnerability in the asweb.exe or asweb4.exe component. This is due to ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

ASPMass Shopping Cart - Vulnerability File Upload CSRF

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-30-aspmass-shopping-cart-vulnerability-file-upload-csrf/ ''' Abysssec Inc Public Advisory Title : ASPMass...

7.1AI score
Exploits0
Rows per page
Query Builder