Lucene search
K

616 matches found

Cvelist
Cvelist
added 2015/09/18 10:0 a.m.28 views

CVE-2015-5838

SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which allows attackers to spoof the dialog windows of an arbitrary app via a crafted app...

5.6AI score0.01262EPSS
Exploits0References4
CNVD
CNVD
added 2015/08/25 12:0 a.m.5 views

Mobile Devices C4 OBD2 Dongle Privilege Access Vulnerability (CNVD-2015-05627)

The Mobile Devices aka MDI C4 OBD2 Dongle is a programmable OBD2 solution from the French company Mobile Devices. A security vulnerability exists in the Mobile Devices C4 OBD2 Dongle that arises from different user installers storing the same SSH private key. A remote attacker could exploit the...

9CVSS7AI score0.02563EPSS
Exploits0References1
0day.today
0day.today
added 2015/08/09 12:0 a.m.59 views

Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002) Exploit

NDPROXY is a system-provided driver that interfaces WAN miniport drivers, call managers, and miniport call managers to the Telephony Application Programming Interfaces TAPI services. The vulnerability is caused when the NDProxy.sys kernel component fails to properly validate input. An attacker wh...

7.2CVSS1.2AI score0.34893EPSS
Exploits16
0day.today
0day.today
added 2015/06/20 12:0 a.m.44 views

ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications Document Title: =============== ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities Product & Service Introduction: =============================== SupportCenter Plus is a web-based customer support software that lets...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/04/07 12:0 a.m.3 views

Mozilla Firefox Restricts Bypass Privilege Access Vulnerability

Mozilla Firefox is a web browser released by Mozilla. A restriction bypass privilege access vulnerability exists in Mozilla Firefox. The vulnerability allows remote attackers to bypass security restrictions by navigating through certain content to execute arbitrary script code with chrome...

7.5CVSS7.6AI score0.06375EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/06 12:0 a.m.5 views

EMC Documentum D2 Information Disclosure Vulnerability

EMC Documentum D2 is an enterprise document management software. The EMC Documentum D2-API formation logs passwords and user credentials that are used to encrypt D2 sensitive systems using MD5 hashes recorded to log files, where low-privileged users can obtain the MD5 hashes and perform malicious...

4CVSS6.9AI score0.01228EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.29 views

Ubuntu 14.04 LTS : OpenStack Keystone vulnerability (USN-2406-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2406-1 advisory. Brant Knudson discovered that OpenStack Keystone did not properly perform input sanitization when performing endpoint catalog substitution. A remote attacker with...

4CVSS5.5AI score0.02109EPSS
Exploits1References2
Prion
Prion
added 2013/08/18 2:52 a.m.16 views

Design/Logic Flaw

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors...

10CVSS7AI score0.04394EPSS
Exploits0References4Affected Software2
Vulnerability Lab
Vulnerability Lab
added 2013/08/02 12:0 a.m.31 views

withU Music Share 1.3.7 iOS - Command Inject Vulnerability

Document Title: =============== withU Music Share 1.3.7 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1040 Release Date: ============= 2013-08-02 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/07/01 12:0 a.m.17 views

NinkoBB - Cross-Site Request Forgery

NinkoBB - Cross-Site Request Forgery Title: NinkoBB CSRF Vulnerability Author: ADEO Security Published: 30/06/2010 Version: 1.3RC5 Possible all versions Vendor: http://ninkobb.com Download: http://ninkobb.com/releases/?NinkoBB-1.3RC5.zip Description: "NinkoBB is an open source forum script writte...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/01 12:0 a.m.33 views

NinkoBB 1.3RC5 Cross Site Request Forgery

Title: NinkoBB CSRF Vulnerability Author: ADEO Security Published: 30/06/2010 Version: 1.3RC5 Possible all versions Vendor: http://ninkobb.com Download: http://ninkobb.com/releases/?NinkoBB-1.3RC5.zip Description: "NinkoBB is an open source forum script written in the PHP language and uses a MySQ...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2009/04/21 12:0 a.m.24 views

Oracle存在多个安全漏洞

CNCAN ID:CNCAN-2009041604 多个Oracle产品存在漏洞,可导致SQL注入,泄漏敏感信息或使攻击者破坏系统: -Oracle Process Manager和Notification opmn守护程序存在格式串错误,提交特殊构建的POST请求给port 6000/TCP可导致任意代码执行。 -传递给"DBMSAQIN"的输入在使用前缺少过滤,可导致注入任意SQL代码。 -Oracle数据库包含的Application Express组件存在错误,非特权用户可以获得"LOWS030000.WWVFLOWUSER"中的APEX密码HASH。 目前还存在多个未知漏洞。...

7AI score
Exploits0
CVE
CVE
added 2002/05/03 4:0 a.m.68 views

CVE-2001-1274

The CVE-2001-1274 vulnerability is a buffer overflow in MySQL before 3.23.31. Affected product: MySQL server (pre-3.23.31). Root cause: a buffer overflow that can be triggered remotely, leading to a denial of service and potential privilege escalation. Impact: partial confidentiality/integrity/av...

7.5CVSS6.8AI score0.05428EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2002/03/15 5:0 a.m.51 views

CVE-2002-0110

Nevrona Designs MiraMail (Windows) up to version 1.04 stores user credentials (POP usernames and passwords) in plaintext in an .ini file. The underlying issue is unencrypted storage of authentication data, allowing anyone with file access to read passwords and potentially gain privileges. Public ...

2.1CVSS6.7AI score0.00424EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2000/06/10 12:0 a.m.522 views

OpenSSH's UseLogin option allows remote access with root privilege.

OpenSSH's UseLogin option allows remote access with root privilege. 1. Systems affected: The default installation of OpenSSH is not vulnerable, since UseLogin defaults to 'no'. However, if UseLogin is enabled, all versions of OpenSSH prior to 2.1.1 are affected. 2. Description: If the UseLogin...

1AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.30 views

nt.ras.bof.txt

Date: Wed, 19 May 1999 11:37:00 +0100 From: Mnemonix To: [email protected] Subject: Buffer Overruns in RAS allows execution of arbitary code as system Introduction Microsoft's RAS Service on Windows NT all service packs contains numerous buffer overruns that allow execution of arbritary code...

0.1AI score
Exploits0
Rows per page
Query Builder