Lucene search
K

1195 matches found

CNVD
CNVD
added 2015/03/06 12:0 a.m.3 views

WordPress Plugin WonderPlugin Audio Player Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WonderPlugin Audio Player is one of the audio player plugin. WordPress WonderPlugin Audio Player plugin 2.0 and...

4.3CVSS6.1AI score0.04186EPSS
Exploits1References1
CNVD
CNVD
added 2015/02/28 12:0 a.m.3 views

Vanilla Forums Cross-Site Scripting Vulnerability

Vanilla Forums is a Canadian company VanillaForums PHP-based open source forum program . A cross-site scripting vulnerability exists in Vanilla Forums versions 2.0.18.12 and 2.1.x prior to 2.1.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.3CVSS6.1AI score0.01773EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2015/01/21 6:59 p.m.7 views

CVE-2015-0386

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191...

5CVSS5.6AI score0.081EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2014/11/03 12:0 a.m.5 views

PT-2014-5437 · Red Hat · Spacewalk-Java +1

Name of the Vulnerable Software and Affected Versions: spacewalk-java version 2.0.2 Red Hat Network RHN Satellite versions 5.5 through 5.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to API endpoints such as...

4.3CVSS6.3AI score0.01759EPSS
Exploits0References6
OSV
OSV
added 2014/07/29 12:0 a.m.5 views

UBUNTU-CVE-2014-5031

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors...

5CVSS5.8AI score0.02911EPSS
Exploits0References4
OSV
OSV
added 2014/03/21 4:38 a.m.3 views

DEBIAN-CVE-2013-7340

VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service memory consumption via a crafted playlist file...

4.3CVSS6.7AI score0.01644EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2013/02/05 12:0 a.m.6 views

PT-2013-1463 · Red Hat · Web Platform +3

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Application Platform EAP versions prior to 5.2.0 Web Platform EWP versions prior to 5.2.0 BRMS Platform versions prior to 5.3.1 SOA Platform versions prior to 5.3.1 Description: A cross-site scripting XSS issue exists in the...

4.3CVSS5.4AI score0.01794EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2013/01/24 6:28 p.m.6 views

JBoss: SecurityAssociation.getCredential() will return the previous credential if no security context is provided

The SecurityAssociation.getCredential method in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 returns the credentials of the previous user when a security context is not provided, which allows remot...

5.8CVSS6.3AI score0.01862EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2012/07/23 12:0 a.m.3 views

PT-2012-4689 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.9 Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Moodle versions 2.3.x through 2.3.0 Description: A cross-site scripting XSS issue exists, allowing remote authenticated administrators...

3.5CVSS5.1AI score0.0144EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2012/03/07 11:55 a.m.1 views

CVE-2012-1392

Unspecified vulnerability in the Dolphin Browser HD mobi.mgeek.TunnyBrowser application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors...

10CVSS5.4AI score0.01432EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/01/18 7:22 p.m.6 views

JDK: unspecified vulnerability fixed in 6u29 (Deployment)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to...

5.8CVSS7.4AI score0.02227EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2011/11/30 12:0 a.m.8 views

PT-2011-4554 · Apache +3 · Apache Http Server +3

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.0.x through 2.0.64 Apache HTTP Server versions 2.2.x before 2.2.18 Description: The issue arises from the mod proxy module's improper interaction with RewriteRule and ProxyPassMatch pattern matches when configure...

4.6CVSS6.9AI score0.82756EPSS
Exploits13References33
RedHat Linux
RedHat Linux
added 2011/09/01 7:54 p.m.11 views

rsyslog: parseLegacySyslogMsg off-by-two buffer overflow

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG in a legacy syslog message...

5CVSS6AI score0.20759EPSS
Exploits2References5
Circl
Circl
added 2008/09/16 12:0 a.m.3 views

CVE-2008-4204

creationtimestamp| type| source ---|---|--- 2008-09-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6470...

7.5CVSS5.8AI score0.00967EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2008/09/05 12:0 a.m.3 views

PT-2008-5265 · Dic · Dic Shop V52 +1

Name of the Vulnerable Software and Affected Versions: DIC shop v50 versions 3.0 and earlier DIC shop v52 versions 2.0 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For DIC shop v5...

6.1CVSS6AI score0.00957EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2008/07/01 12:0 a.m.4 views

PT-2008-4391 · Pidgin +1 · Pidgin +1

Name of the Vulnerable Software and Affected Versions: Pidgin versions 2.0.0 and possibly other versions Description: A memory leak in Pidgin allows remote attackers to cause a denial of service via malformed XML documents. The issue has been disputed by the upstream vendor due to a lack of...

5CVSS7AI score0.02EPSS
Exploits0References14
OSV
OSV
added 2008/05/12 9:20 p.m.5 views

AZL-7422 CVE-2008-2149 affecting package wordnet for versions less than 3.0-38

Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...

7.5CVSS6.3AI score0.04087EPSS
Exploits2References1
OSV
OSV
added 2008/05/12 9:20 p.m.2 views

DEBIAN-CVE-2008-2149

Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...

7.5CVSS8.4AI score0.04087EPSS
Exploits2References1
Circl
Circl
added 2008/04/04 12:0 a.m.7 views

CVE-2008-6206

creationtimestamp| type| source ---|---|--- 2008-04-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31611 2008-04-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31610...

7.5CVSS4.9AI score0.02544EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2006/11/21 12:0 a.m.4 views

PT-2006-6671 · Qualcomm · Eudora Worldmail

Name of the Vulnerable Software and Affected Versions: Eudora Worldmail version 6.1.22.0 Description: The issue concerns multiple buffer overflows in Eudora Worldmail, which may have unknown impact and attack vectors. This is demonstrated by the "Eudora WorldMail stack overflow" and "Eudora...

9.8CVSS7.2AI score0.00943EPSS
Exploits0References5
Rows per page
Query Builder