Lucene search
K

117 matches found

CVE
CVE
added 2017/03/14 10:0 p.m.86 views

CVE-2016-8016

CVE-2016-8016 affects McAfee VirusScan Enterprise for Linux (VSEL) 2.0.3 and earlier. The vulnerability is an information disclosure via the web interface: an authenticated remote attacker can use a URL parameter to determine the existence of unauthorized files on the system. Connected sources al...

3.5CVSS4.7AI score0.0456EPSS
Exploits4References4Affected Software1
OpenVAS
OpenVAS
added 2017/02/03 12:0 a.m.39 views

Debian Security Advisory DSA 3776-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5006 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2017-5007 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2017-5008 Mariusz Mlynski discovered a third cross-site scripting issue...

6.8CVSS0.4AI score0.02099EPSS
Exploits4References1
CNVD
CNVD
added 2016/12/07 12:0 a.m.5 views

Google Chrome PDFium Local File Access Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. A local file access vulnerability exists in PDFium in versions of Google Chrome prior to 55.0.2883.75. An attacker can exploit this vulnerability to access...

6.5CVSS8.8AI score0.01121EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/06/25 8:43 a.m.3 views

php: missing null byte checks for paths in various PHP extensions

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

5.3CVSS7.2AI score0.04094EPSS
Exploits1References4
CNVD
CNVD
added 2015/02/26 12:0 a.m.5 views

Todd Miller Sudo Local Security Bypass Vulnerability

Sudo is a program that allows users to securely execute commands with other user privileges and is widely used under Linux and Unix operating systems. A local security bypass vulnerability exists in Todd Miller Sudo, which allows local attackers to exploit the vulnerability to bypass security...

3.3CVSS6.8AI score0.0047EPSS
Exploits1References1
securityvulns
securityvulns
added 2014/07/14 12:0 a.m.103 views

python security vulnerabilities

json information leak, CGIHTTPServer unauthroized files access and code execution, lz4 integer overflow...

4.3CVSS3.1AI score0.247EPSS
Exploits6References3Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

SmallFTPD 1.0.3 - Remote Directory Traversal Vulnerability

No description provided by source. / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Contact: [email protected] ----------------------------------- SmallFTPD...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Armada Design Master Index 1.0 Path Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1772/info Master Index is a commercially supported search engine. Certain versions of this software ship with a path traversal vulnerability. This is to say that a remote user may 'back out' .../ of the web root directory...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/12/05 12:0 a.m.38 views

Siemens Automation License Manager multiple security vulnerabilities

Code execution, unauthorized files access, DoS...

3.6AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2010/11/08 12:0 a.m.26 views

WinTFTP Server Pro 3.1 Directory Traversal

/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / ,tftp Transfers files to and from a remote computer running the TFTP service. TFTP -i host GET | PUT source destination -i Specifies binary image transfer mode also called octet. In binary image mode the file is moved...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2010/11/03 12:42 a.m.10 views

Security Flaw in Mac Safari Remains Unfixed for Two Years, Experts Concerned

Two years after fixing a security bug in the Windows version of its Safari browser, Apple apparently has decided that Mac users can go without a fix. Apple was initially unimpressed by Nitesh Dhanjani’s work developing what’s known as a “carpet bomb” attack, the security researcher said in an...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/23 12:0 a.m.11 views

Syncrify < 2.1 Build 420 Multiple Security Bypass Vulnerabilities

According to its version, the remote installation of Syncrify is affected by multiple security bypass vulnerabilities : - The application fails to restrict access to the password management page and allows users to change the administrator's password by directly accessing that page. - It is...

5.6AI score
Exploits0References1
securityvulns
securityvulns
added 2010/03/04 12:0 a.m.40 views

fcrontab Information Disclosure Vulnerability

============================================ fcrontab Information Disclosure Vulnerability March 3, 2010 CVE-2010-0792 ============================================ ==Description== fcrontab, part of the fcron scheduler, is vulnerable to several race conditions that allow a local attacker to use...

1.9CVSS1.2AI score0.00351EPSS
Exploits0
Prion
Prion
added 2009/10/26 5:30 p.m.13 views

Design/Logic Flaw

The filefieldfiledownload function in FileField 6.x-3.1, a module for Drupal, does not properly check node-access permissions for Drupal core private files, which allows remote attackers to access unauthorized files via unspecified vectors...

7.5CVSS7.2AI score0.02163EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2009/06/14 12:0 a.m.69 views

Windows print spooler multiple security vulnerabilities

Buffer overflow, unauthorized files access, privilege escalation with dynamic library loading...

10CVSS3.7AI score0.34878EPSS
Exploits10References2
Positive Technologies
Positive Technologies
added 2009/03/30 12:0 a.m.5 views

PT-2009-2018 · Moinmoin · Moinmoin

Name of the Vulnerable Software and Affected Versions: MoinMoin version 1.6.1 Description: The issue concerns the rst parser in MoinMoin, which fails to check the ACL of an included page. This allows attackers to read unauthorized include files via unknown vectors. Recommendations: For MoinMoin...

6.9CVSS6.1AI score0.01003EPSS
Exploits0References13
securityvulns
securityvulns
added 2009/01/22 12:0 a.m.54 views

Axis 70U Network Document Server multiple security vulnerabilities

Privilege escalation, unauthorized files acccess, crossite scripting...

2.7AI score
Exploits0References1
securityvulns
securityvulns
added 2008/01/24 12:0 a.m.89 views

HTTP File Serve multiple security vulnerabilities

Crossite scripting, information disclosure, unauthroized files creation, log manipulation, user name spoofing...

10CVSS0.1AI score0.03568EPSS
Exploits11References3Affected Software1
Cvelist
Cvelist
added 2007/01/29 4:0 p.m.20 views

CVE-2005-4825

Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service disk consumption, or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332...

7AI score0.00609EPSS
Exploits0References3
Symantec
Symantec
added 2006/10/10 12:0 a.m.16 views

Microsoft Office Improper Memory Access Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when Office attempts to process malformed files. An attacker could exploit this issue by enticing a victim to load a malicious Office file. If the vulnerability is successfully exploited, this could...

0.1AI score
Exploits0References1Affected Software3
Rows per page
Query Builder