Lucene search
K

8499 matches found

UbuntuCve
UbuntuCve
added 2006/04/14 6:2 p.m.35 views

CVE-2006-1737

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary bytecode via JavaScript with a large regular expression...

9.3CVSS6.1AI score0.04801EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2006/04/14 6:0 p.m.32 views

CVE-2006-1737

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary bytecode via JavaScript with a large regular expression...

9.3CVSS7.2AI score0.04801EPSS
Exploits0
Prion
Prion
added 2006/02/28 2:2 a.m.13 views

Sql injection

SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows remote attackers to execute arbitrary SQL commands via encoded /%2a / sequences in the query string, which bypasses regular expressions that are intended to protect against SQL injection, as demonstrated via the kala parameter...

7.5CVSS9.1AI score0.01628EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2006/02/23 11:2 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow remote attackers to inject arbitrary web script or HTML via 1 HTML tags that follow a "http://" string, which bypasses a regular expression check, and 2 other unspecified attack...

4.3CVSS6.1AI score0.01384EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/02/23 11:0 p.m.20 views

CVE-2006-0860

Multiple cross-site scripting XSS vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow remote attackers to inject arbitrary web script or HTML via 1 HTML tags that follow a "http://" string, which bypasses a regular expression check, and 2 other unspecified attack...

5.8AI score0.01384EPSS
Exploits0References7
NVD
NVD
added 2006/02/13 11:6 a.m.28 views

CVE-2006-0046

squidredirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service CPU consumption via a URL with a large number of trailing / forward slashes, which might produce inefficient regular expressions...

7.8CVSS6.4AI score0.02638EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2006/02/13 11:6 a.m.11 views

CVE-2006-0046

squidredirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service CPU consumption via a URL with a large number of trailing / forward slashes, which might produce inefficient regular expressions...

7.8CVSS5.9AI score0.02638EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.27 views

Ubuntu 4.10 / 5.04 : python2.1, python2.2, python2.3, gnumeric vulnerabilities (USN-173-4)

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library. However, it was found that the various python packages and gnumeric contain static copies of the library code, so these packages need to be updated as well. In gnumeric this bug could be exploited to execute arbitrary code with...

7.5CVSS6.4AI score0.04344EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.28 views

Ubuntu 4.10 / 5.04 : pcre3 vulnerability (USN-173-1)

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to...

7.5CVSS6.5AI score0.04344EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2006/01/04 12:0 a.m.38 views

cijfer-vsczpl.pl.txt

!/usr/bin/perl cijfer-vscxpl - Valdersoft Shopping Cart All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-vscxpl.pl -h www.valdersoft.com -d /store [email protected] /$ id;uname -a uid=2526apache gid=2524apache groups=2524apache, 10004psaserv FreeBSD valdersoft.com...

7.4AI score
Exploits0
OSV
OSV
added 2005/12/31 5:0 a.m.2 views

DEBIAN-CVE-2005-4872

Perl-Compatible Regular Expression PCRE library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service crash via a regular expression with a large number of named subpatterns, which triggers a buffer...

4.3CVSS7.1AI score0.0233EPSS
Exploits0References1
CVE
CVE
added 2005/11/28 11:0 p.m.38 views

CVE-2004-2590

CVE-2004-2590 affects meindlSOFT Cute PHP Library (cphplib) version 0.46. The vulnerability is described as related to regular expressions with unspecified impact and attack vectors. NVD lists a high-severity network-exposed issue (CVSSv2 base score 10.0) with complete impact on confidentiality, ...

10CVSS7AI score0.01924EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/11/28 11:0 p.m.14 views

CVE-2004-2590

Unspecified vulnerability in meindlSOFT Cute PHP Library aka cphplib 0.46 has unknown impact and attack vectors, related to regular expressions...

6.6AI score0.01924EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/11/23 12:0 a.m.32 views

Novell Zenworks authorization bypass

Remote diagnostics functions are available to regular user...

3.6AI score
Exploits0References1Affected Software3
securityvulns
securityvulns
added 2005/11/10 12:0 a.m.25 views

[SA17386] SpamAssassin Long Message Header Denial of Service

TITLE: SpamAssassin Long Message Header Denial of Service SECUNIA ADVISORY ID: SA17386 VERIFY ADVISORY: http://secunia.com/advisories/17386/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: SpamAssassin 3.x http://secunia.com/product/4506/ DESCRIPTION: A vulnerability has been...

1.2AI score
Exploits0
FreeBSD
FreeBSD
added 2005/11/10 12:0 a.m.27 views

p5-Mail-SpamAssassin -- long message header denial of service

A Secunia Advisory reports: A vulnerability has been reported in SpamAssassin, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to the use of an inefficient regular expression in "/SpamAssassin/Message.pm" to parse email headers. This ca...

3.5AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2005/11/01 9:2 p.m.25 views

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

7.5CVSS6.1AI score0.02367EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/11/01 9:0 p.m.32 views

CVE-2005-3420

usercpregister.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signaturebbcodeuid parameter, as demonstrated by injecting an "e" modifier into a pregreplace statement...

6.7AI score0.02367EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.39 views

Mandrake Linux Security Advisory : pcre (MDKSA-2005:151)

Integer overflow in pcrecompile.c in Perl Compatible Regular Expressions PCRE before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. The updated packages have been patched to...

7.5CVSS6.2AI score0.04344EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.36 views

Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : PCRE library (SSA:2005-242-01)

New PCRE packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A buffer overflow could be triggered by a specially crafted regular expression. Any applications that use PCRE to process untrusted regular expressions may be exploited to run arbitrary...

7.5CVSS6.1AI score0.04344EPSS
Exploits0References2
Rows per page
Query Builder