Lucene search
K

483 matches found

ATTACKERKB
ATTACKERKB
added 2013/03/13 12:55 a.m.2 views

CVE-2013-0080

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...

7.5CVSS5.6AI score0.1929EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/01/24 7:6 p.m.8 views

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.3AI score0.01448EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2012/08/26 7:55 p.m.4 views

CVE-2011-5127

Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request...

10CVSS6AI score0.13162EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/09/14 6:42 p.m.7 views

jakarta-commons-daemon: jsvc does not drop capabilities allowing access to files and directories owned by the superuser

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for...

5CVSS5.8AI score0.07243EPSS
Exploits0References4
0day.today
0day.today
added 2011/07/06 12:0 a.m.97 views

PHP-NUKE Remote read config Vulnerability

Exploit for php platform in category web applications Exploit Title:PHP-NUKE remote read config Vulnerability Date: 6/6/2011 Author: Angel Injection home Page: http://www.club-h.co.cc Email: Angel-Injectionathotmail.com Vendor or Software Link:http://phpnuke.org Version: n/a Category:: webapps...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2011/05/31 8:55 p.m.4 views

CVE-2011-1647

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified...

5CVSS5.6AI score0.01166EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2011/04/10 2:55 a.m.2 views

CVE-2011-1673

BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file...

5CVSS5.6AI score0.02492EPSS
Exploits0References5
0day.today
0day.today
added 2010/11/28 12:0 a.m.251 views

Kleeja Upload Script remote read config Vulnerability

Exploit for php platform in category web applications ===================================================== Kleeja Upload Script remote read config Vulnerability ===================================================== + Author : ali.erroor Contact : email protected HomePage :...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/07/14 5:46 p.m.3 views

libpng: Interlaced Images Information Disclosure Vulnerability

libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in t...

4.3CVSS6.1AI score0.02278EPSS
Exploits0References4
OSV
OSV
added 2009/06/22 8:30 p.m.2 views

UBUNTU-CVE-2009-2166

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter...

5CVSS6AI score0.03195EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2008/10/02 2:2 p.m.1 views

tomcat Unicode directory traversal vulnerability

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...

5CVSS6.8AI score0.99708EPSS
Exploits23References4
OSV
OSV
added 2008/03/10 9:44 p.m.1 views

DEBIAN-CVE-2008-1270

moduserdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the nobody directory...

5CVSS6.9AI score0.119EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2008/02/08 2:13 a.m.5 views

chrome: directory traversal

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...

4.3CVSS7.5AI score0.08633EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/10/19 3:45 p.m.3 views

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

4.3CVSS6AI score0.02441EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/05/21 12:13 p.m.8 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
securityvulns
securityvulns
added 2007/04/17 12:0 a.m.46 views

webMethods Security Advisory: Glue console directory traversal vu lnerability

======================================================================== webMethods Security Advisory Glue console directory traversal vulnerability Announced: 2007-04-17 Affects: webMethods Glue 4.x, 5.x, 6.x Severity: High I. Description On April 11 2007, Patrick Webster reported a vulnerabilit...

6.7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2007/04/16 9:19 p.m.1 views

CVE-2007-2036

The SNMP implementation in the Cisco Wireless LAN Controller WLC before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384...

10CVSS5.7AI score0.02566EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2005/09/08 12:0 a.m.5 views

PT-2005-3723 · Microsoft +1 · Windows +3

Name of the Vulnerable Software and Affected Versions: Rediff Bol version 7.0 Description: The issue allows remote attackers to read the Windows Address Book. This is achieved via the FullAddressBook method of the Fetch.FetchContact.1 ActiveX control, which is part of the Fetch.dll component...

5CVSS6.6AI score0.01306EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2005/04/21 9:11 a.m.5 views

security flaw

The findreplen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method...

5CVSS5.9AI score0.10036EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2002/11/05 12:0 a.m.4 views

security flaw

The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...

5CVSS5.9AI score0.1682EPSS
Exploits1References4
Rows per page
Query Builder