Lucene search
K

2294 matches found

Prion
Prion
added 2014/12/15 6:59 p.m.28 views

Design/Logic Flaw

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS6.8AI score0.10783EPSS
Exploits0References26Affected Software4
myhack58
myhack58
added 2014/11/25 12:0 a.m.19 views

CVE-2 0 1 4-1 8 0 6 . NET Remoting Services vulnerability analysis-vulnerability warning-the black bar safety net

0x00 description Microsoft . NET Remoting is a distributed processing manner, there is provided a method that allows the object by the application domain with the other objects to interact with the framework. A few days ago James Forshaw posted a CVE-2 0 1 4-1 8 0 6 . NET Remoting Services exploi...

0.9AI score
Exploits0
WPVulnDB
WPVulnDB
added 2014/11/20 12:0 a.m.16 views

CM Download Manager <= 2.0.0 - Unauthenticated Code Injection

The plugin does not validate and sanitise the CMDsearch parameter which used to create a custom function. This allows attacker to run arbitrary command on the remote server PoC GET /cmdownloads/?CMDsearch=".phpinfo." HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 Windows NT 6.3; WOW64; rv:33....

10CVSS2.6AI score0.14804EPSS
Exploits6References3Affected Software1
Ubuntu
Ubuntu
added 2014/11/11 1:33 p.m.51 views

USN-2403-1: GnuTLS vulnerability

Sean Burford discovered that GnuTLS incorrectly handled printing certain elliptic curve parameters. A malicious remote server or client could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code...

5CVSS5.7AI score0.03281EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/11/10 1:43 p.m.67 views

USN-2399-1: curl vulnerability

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPTCOPYPOSTFIELDS and curleasyduphandle. This may result in sensitive data being incorrectly sent to the remote server...

4.3CVSS7.6AI score0.05121EPSS
Exploits0
OSV
OSV
added 2014/11/10 1:43 p.m.4 views

USN-2399-1 curl vulnerability

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPTCOPYPOSTFIELDS and curleasyduphandle. This may result in sensitive data being incorrectly sent to the remote server...

4.3CVSS7AI score0.05121EPSS
Exploits0References2
Prion
Prion
added 2014/10/15 2:55 p.m.22 views

Authorization

Requests aka python-requests before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request...

5CVSS7AI score0.022EPSS
Exploits0References6Affected Software4
Veeam
Veeam
added 2014/09/12 12:0 a.m.28 views

How to use Windows Management Instrumentation (WMI) Tester [WBEMTest] to Test WMI Connectivity

Purpose This article documents how to use Windows Management Instrumentation WMI Tester WBEMTest to test connectivity, which can assist in troubleshooting and isolating WMI-related issues with Veeam products. Solution Opening Windows Management Instrumentation WMI Tester 1. Open a Run prompt Win+...

5.8AI score
Exploits0
OSV
OSV
added 2014/09/04 5:55 p.m.8 views

CVE-2014-6060

The getoption function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHOOPTIONSOVERLOADED option in the 1 bootfile or 2 servername section, which triggers the option to be processed again...

6.3AI score
Exploits0References8
OwnCloud
OwnCloud
added 2014/08/18 6:31 p.m.49 views

Insufficient RSA Host Key validation in files_external (SFTP driver) - ownCloud

The SFTP external storage driver was verifying the RSA Host Key after logging in. This allows for a man-in-the-middle MITM attack even if the host key is already known and can be validated. Basically, at the point where the host key was validated, the secret has already been given away. It should...

4.3CVSS6AI score0.01078EPSS
Exploits0Affected Software1
NVD
NVD
added 2014/07/23 2:55 p.m.16 views

CVE-2014-4501

Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the 1 extractsockaddr or 2 parsereconnect functions in util.c...

10CVSS7.2AI score0.0291EPSS
Exploits1References5
Prion
Prion
added 2014/07/23 2:55 p.m.16 views

Heap overflow

Multiple heap-based buffer overflows in the parsenotify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a 1 large or 2 negative value in the Extranonc2size parameter in a mining.subscribe response and a...

10CVSS7.6AI score0.03296EPSS
Exploits1References6Affected Software2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

AWStats (6.0-6.2) configdir Remote Command Execution Exploit (perl code)

No description provided by source. !/usr/bin/perl ---GHC--------------------------------- Remote command execution exploit Product: Advanced Web Statistics 6.0 - 6.2 URL:http://awstats.sourceforge.net Greets & respects to our friends: 1dt.w0lf and all rst.void.ru Special greets 2 d0G4 & cr0n for...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

cURL 6.1 - 7.4 - Remote Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that cURL...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6173/info The phpBB Advanced Quick Reply Hack is prone to an issue which may allow attackers to include arbitrary files from a remote server. It is possible for remote attackers to influence the include path for...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Poll It CGI 2.0 - exploit

No description provided by source. !/usr/bin/perl Poll It CGI v2.0 exploit keelis/havoc korp 2000 shouts to modjo, p, zen, kd, ab, all the script kiddies. keelisathushmaildotcom use Socket; $host, $cgiloc = @ARGV0,1; $ip=inetaton$host; print\n\t+--- Poll It CGI v2.0 exploit ---+; print\n\t+---...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

W-Agora 4.1.x Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4977/info W-Agora is prone to an issue which may allow an attacker to include arbitrary files located on a remote server. In particular, the 'incdir' variable found in a number of the W-Agora scripts defines the path to t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

D-Forum 1 footer Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/6879/info D-Forum is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in the /includes/header.php3 and /includes/footer.php3 scripts. Under some...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

LieroX <= 0.62b Remote Server/Client Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include stdarg.h include time.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h /...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Opera 6.0.1,MS IE 5/6 JavaScript Modifier Keypress Event Subversion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious JavaScript may subvert some keypress events, with consequences...

7.1AI score
Exploits0
Rows per page
Query Builder