485 matches found
Buffer overflow
Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
Buffer overflow
Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 and 11.2.1.4.1 allows remote attackers to affect availability via unknown vectors...
CVE-2009-4769
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow 1 remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow 2 remote authenticated users t...
Buffer overflow
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
MySQL Login Handshake Information Disclosure (CVE-2006-1516)
MySQL is an open-source implementation of a relational database management system. MySQL supports the SQL Structured Query Language database query language. The database product allows remote network connections from client applications over the proprietary MySQL network protocol. In addition to...
CVE-2009-3229
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service backend shutdown by "re-LOAD-ing" libraries from a certain plugins directory...
Joomla! Component com_gameserver 1.0 - id SQL Injection
Joomla! Component comgameserver 1.0 - id SQL Injection , . | | o | | |,---.,---., .,---.,---.,---.,---.,---|,---.,---.| .,---.|/ ---'| || || |,---|| ,---|| | ||---'| | || || \ | ---'---|---|---^---'---^ ---'---' ---' ' ---'---' o Joomla Component comgameserver 1.0 id SQL Injection Vulnerability...
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...
Design/Logic Flaw
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...
CVE-2009-1443
OCS Inventory NG is affected in versions before 1.02, with multiple unspecified vulnerabilities in the Server component. The available sources note unknown impact and attack vectors, and there are no explicit root-cause or patch details in the provided connected documents. No exploitation informa...
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Server component in CA Host-Based Intrusion Prevention System HIPS before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer...
CVE-2007-5472
CVE-2007-5472 affects CA Host-Based Intrusion Prevention System (CA HIPS) Server on Windows. The vulnerability arises from unsanitized log data that is later displayed in the log viewer, enabling an attacker to inject arbitrary HTML/script via requests written to logs. Affected versions are CA HI...
CVE-2007-1462
The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the w...
PT-2007-2856 · Conga · Conga
Name of the Vulnerable Software and Affected Versions: conga affected versions not specified Description: The issue concerns the luci server component in conga, where the password is preserved between page loads for the Add System/Cluster task flow. This is done by storing the password in the Val...
CVE-2007-0222
Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...
SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit
Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...