Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3100 matches found

securityvulns
securityvulnsadded 2002/06/27 12:0 a.m.28 views

Formatstring Vulnerability in decfingerd 0.7

Hello all, I have no idea if this is the most current version of this application, I found it while browsing packetstormsecurity earlier. For all I know it may not even be kept current anymore. Anyhow... bad call to syslog is the culprit. I'm to lazy to code an exploit for this at the moment but ...

0.7AI score
Exploits0
CVE
CVEadded 2002/06/11 4:0 a.m.38 views

CVE-2002-0554

The CVE-2002-0554 issue affects IBM Informix Web DataBlade 4.12, where a SQL injection in an HTTP request allows remote attackers to bypass user access levels or read arbitrary files. This is documented in NVD/NVD-linked records; no explicit exploit details or remediation are provided in the conn...

7.5CVSS7.8AI score0.0073EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2002/06/11 4:0 a.m.16 views

CVE-2002-0589

PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling chinfo.php with the newpass and confirm parameters both set to the new password...

7.1AI score0.06411EPSS
Exploits1References4
exploitpack
exploitpackadded 2002/05/24 12:0 a.m.7 views

ViewCVS 0.9.2 - Cross-Site Scripting

ViewCVS 0.9.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/4818/info ViewCVS does not filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks. An attacker may exploit this by constructing a malicious link with script code to a site running...

0.3AI score
Exploits0
Exploit DB
Exploit DBadded 2002/05/15 12:0 a.m.22 views

Opera 5.12/6.0 - Frame Location Same Origin Policy Circumvention

source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some versions of the Opera Browser. It is possible to bypass the same...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/05/14 12:0 a.m.41 views

Squid 2.4.1 - Remote Buffer Overflow

/ 7350squish - x86/linux squid remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties, copied or duplicated in any form, in...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2002/04/29 12:0 a.m.33 views

SAP R/3 on Oracle: vulnerable Default Installation

SAP R/3 on Oracle: vulnerable Default Installation Topic: SAP R/3 on Oracle: vulnerable Default Installation Module: Default Oracle Listener Configuration Announced: 2002-04-27 Affects: All R/3 Releases using SQLnet V2 3.x, 4.x, 6.10 Vendor: 1SAP AG, Walldorf, Germany Vendor-Status: 2002-03-03:...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2002/04/23 12:0 a.m.31 views

GNU Screen 3.9.x Braille Module - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/4578/info Screen is a freely available, open source terminal management software package. It is distributed and maintained by the Free Software Foundation. It is available for the Unix and Linux platforms. Under some circumstances, it may be possible f...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/04/17 12:0 a.m.29 views

Sambar Server 5.1 - Script Source Disclosure

source: https://www.securityfocus.com/bid/4533/info An issue has been discovered in Sambar Server, which could allow a user to reveal the source code of script files. Submitting a request for a known script file along with a space and null character %00, will successfully bypass the serverside UR...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2002/04/02 12:0 a.m.24 views

Happy Easter / April Fools from Snosoft (Oracle 8.1.5 tnslsnr)

This is ment to be an April fools joke but if you still use old Oracle its not to funny I guess: After I ate a few too many hard boiled eggs this weekend I decided to install Oracle and play with it a little. Being poor I didn't have 800 bones to shell out on Oracle 16i so I had to settle with...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2002/03/28 12:0 a.m.49 views

SquirrelMail 1.2.x - Theme Remote Command Execution

source: https://www.securityfocus.com/bid/4385/info SquirrelMail is a feature rich webmail program implemented in the PHP4 language. It is available for Linux and Unix based operating systems. SquirrelMail allows for extended functionality through a plugin system. A vulnerability has been reporte...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2002/03/26 12:0 a.m.19 views

Linux Kernel 2.2.x/2.3/2.4.x - 'd_path()' Path Truncation

/ source: https://www.securityfocus.com/bid/4367/info The Linux kernel dpath function converts a dentry structure into an ASCII path name. The full path to the specified dentry is returned in a fixed length buffer of size PAGESIZE bytes. Reportedly, if a dentry structure is passed with a path whi...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/03/22 12:0 a.m.19 views

Progress Database 9.1 - sqlcpp Local Buffer Overflow

Progress Database 9.1 - sqlcpp Local Buffer Overflow // source: https://www.securityfocus.com/bid/4402/info Progress is a commercial database for Microsoft Windows and Unix systems. A buffer overflow has been reported in the sqlcpp program included with Progress, used as a SQL preprocessor...

0.6AI score
Exploits0
CVE
CVEadded 2002/03/09 5:0 a.m.77 views

CVE-2001-0613

The CVE-2001-0613 entry applies to Omnicron Technologies’ OmniHTTPd Pro HTTP Server, affected in version 2.08 and earlier. The connected OpenVAS/NASL and Nessus entries describe a vulnerability where the remote server is vulnerable to a buffer overflow when handling specially long POST requests, ...

5CVSS6.6AI score0.00886EPSS
Exploits1References3Affected Software1
securityvulns
securityvulnsadded 2002/02/27 12:0 a.m.86 views

Multiple PHP Vulnerabilities - Remote Compromise Exploit in Circulation

Internet Security Systems Security Alert February 27, 2002 Multiple PHP Vulnerabilities: Remote Compromise Exploit in Circulation Synopsis: ISS X-Force has learned of multiple buffer overflow vulnerabilities present in the PHP Hypertext Preprocessor scripting language. PHP is a popular server-sid...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/01/11 12:0 a.m.22 views

FreeWnn 1.1 0 - jserver JS_MKDIR MetaCharacter Command Execution

// source: https://www.securityfocus.com/bid/3860/info FreeWnn 1.1.0 is a kana-kanji japanese translation system. This software is a client-server type application, with the jserver portion acting as a server and performing translations for clients. The jserver component passes unsanitized input...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/01/07 12:0 a.m.16 views

Boozt 0.9.8 - Remote Buffer Overflow

Boozt 0.9.8 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/3787/info Boozt! is a free open source banner management software for Linux hosts. An issue has been reported which could allow for a user to execute arbitrary code on a Boozt! host. This is acheivable when a Boozt!...

0.6AI score
Exploits0
securityvulns
securityvulnsadded 2002/01/05 12:0 a.m.34 views

More reading of local files in MSIE

More reading of local files in MSIE Description There is a security vulnerability in IE 5.5 and 6 probably other versions as well which allows reading and sending of local files. The problem lies in the fact that you are able to access a local file's dom by calling the execScript function on a...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2001/12/18 12:0 a.m.22 views

Novell Groupwise servlet gateway default username and password

OS Affected NT/2000/Netware 5 Programs Affected Groupwise 5.5 Enhancement Pack Groupwise 6.0 Discussion A default username and password exists that controls the servlet manager. The servlet manager allows the configuration of the servlets to be loaded, reloaded or unloaded. This is more of an...

0.7AI score
Exploits0
securityvulns
securityvulnsadded 2001/11/15 12:0 a.m.64 views

the other IE cookie stealing bug (MS01-055)

The patch for MS01-055 released today by Microsoft includes three fixes. Two of them are for cookie stealing bugs. One of those cookie stealing bugs was previously publicized on bugtraq, details on the other are now available at http://alive.znep.com/marcs/security/iecookie2/ This document is...

6.6AI score
Exploits0
Rows per page
Query Builder