Lucene search
K

223 matches found

Cvelist
Cvelist
added 2009/04/09 12:0 a.m.26 views

CVE-2009-1251

Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via an RX response containing more data than specified in a...

8.1AI score0.06438EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2009/04/09 12:0 a.m.24 views

CVE-2009-1251

Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via an RX response containing more data than specified in a...

10CVSS7.9AI score0.06438EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2009/01/13 9:39 p.m.7 views

OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications...

7.5CVSS7.2AI score0.03426EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2008/09/09 12:0 a.m.23 views

Firebird / InterBase Database Server Service Detection (TCP)

TCP based detection of a Firebird / InterBase Database service. SPDX-FileCopyrightText: 2008 Christian Eric Edjenguele SPDX-FileCopyrightText: Improved / extended code / detection routine since 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

5.3AI score
Exploits0
NVD
NVD
added 2008/08/05 7:41 p.m.14 views

CVE-2008-3356

verifydb in Ingres 2.6, Ingres 2006 release 1 aka 9.0.4, and Ingres 2006 release 2 aka 9.1.0 on Linux and other Unix platforms sets the ownership or permissions of an iivdb.log file without verifying that it is the application's own log file, which allows local users to overwrite arbitrary files ...

4.6CVSS6.3AI score0.00374EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2007/05/14 4:59 p.m.5 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2007/04/16 11:49 a.m.3 views

security flaw

The CUPS service on multiple platforms allows remote attackers to cause a denial of service service hang via a "partially-negotiated" SSL connection, which prevents other requests from being accepted...

5CVSS5.9AI score0.05321EPSS
Exploits0References4
securityvulns
securityvulns
added 2004/06/26 12:0 a.m.39 views

multiple remote & local buffer overflows discovered in Drcatd

Zone-h Security Advisory Date of discovery : 24 june 2004 Date of release : 25 june 2004 Bug found by Khan Shirani [email protected] http://www.zone-h.org --------------------------------------- Software : Drcatd Bugs : Buffer Overflows , Remote and local multiple Risk : low Platform : nix...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2004/04/25 12:0 a.m.14 views

Veritas NetBackup 3.54.55.0 - Multiple Local Memory Corruption Vulnerabilities (2)

Veritas NetBackup 3.54.55.0 - Multiple Local Memory Corruption Vulnerabilities 2 source: https://www.securityfocus.com/bid/10226/info Multiple unspecified local buffer overrun and format string vulnerabilities have been reported to exist in various setuid Veritas NetBackup binaries. These issues...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/12/11 12:0 a.m.31 views

Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

Westpoint Security Advisory Title: VisitorBook LE Mail Relay and Cross Site Scripting Risk Rating: Moderate Software: FreeScripts VisitorBook LE Platforms: Most Unix Vendor URL: http://www.freescripts.com/ Author: Paul Johnston [email protected] Date: 10th December 2003 Advisory ID: wp-03-000...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2002/12/21 12:0 a.m.40 views

RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002)

NGSSoftware Insight Security Research Advisory Name: Muliple Buffer overruns RealNetworks Helix Universal Server 9.0 Systems Affected: Windows, FreeBSD, HP-UX, AIX, Linux, Sun Solaris 2.7 & 2.8 Severity: High Risk Category: Buffer Overrun Vendor URL: http://www.real.com/ Author: Mark Litchfield...

8AI score
Exploits0
securityvulns
securityvulns
added 2002/08/12 12:0 a.m.146 views

Apache 2.0 vulnerability affects non-Unix platforms

-----BEGIN PGP SIGNED MESSAGE----- For Immediate Disclosure =============== SUMMARY ================ Title: Apache 2.0 vulnerability affects non-Unix platforms Date: 9th August 2002 Revision: 2 Product Name: Apache HTTP server 2.0 OS/Platform: Windows, OS2, Netware Permanent URL:...

7.5CVSS0.7AI score0.69698EPSS
Exploits0
Exploit DB
Exploit DB
added 2002/08/09 12:0 a.m.36 views

Apache 2.0 - Encoded Backslash Directory Traversal

source: https://www.securityfocus.com/bid/5434/info A directory traversal vulnerability exists in Apache versions 2.0.39 and earlier on non-Unix platforms potentially including Apache compiled with CYGWIN. Platforms that may be affected by this include Windows, OS2, and Netware. The issue is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/15 12:0 a.m.28 views

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution

source: https://www.securityfocus.com/bid/5028/info Zeroboard is a PHP web board package available for the Linux and Unix platforms. Under some circumstances, it may be possible to include arbitrary PHP files. The head.php file does not sufficiently check or sanitize input. When the "allowurlfope...

7AI score
Exploits0
AlpineLinux
AlpineLinux
added 2001/09/12 4:0 a.m.3 views

CVE-1999-1357

Netscape Communicator 4.04 through 4.7 and possibly other versions in various UNIX operating systems converts the 0x8b character to a "" sign, which could allow remote attackers to attack other clients via cross-site scripting CSS in CGI programs that do not filter these characters...

7.5CVSS6.8AI score0.01378EPSS
Exploits0References1
exploitpack
exploitpack
added 2001/07/21 12:0 a.m.18 views

SSH2 3.0 - Short Password Login

SSH2 3.0 - Short Password Login source: https://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the...

Exploits0
Exploit DB
Exploit DB
added 2001/07/21 12:0 a.m.44 views

SSH2 3.0 - Short Password Login

source: https://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the password field of the system password...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/06/23 12:0 a.m.22 views

GNU groff 1.1x - xploitation Via LPD

GNU groff 1.1x - xploitation Via LPD // source: https://www.securityfocus.com/bid/3103/info lpd is the print spooling daemon. It is used to support network printing on a variety of unix platforms. The version of lpd that ships with linux systems invokes groff to process documents that are to be...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/06/02 12:0 a.m.47 views

Acme.Server v1.7 of 13nov96 Directory Browsing

---------------------------------------------------------------------- Date: 31.05.2001 Affected Software: Acme.Serve v1.7 of 13nov96 http://www.acme.com Exploit: Browsing of directories and files allowed to unauthorized users Keywords: Cisco Secure Administration, Netscape FastTrack, ... Contact...

2.3AI score
Exploits0
Packet Storm
Packet Storm
added 2000/10/10 12:0 a.m.23 views

boa.server.txt

ID: S21SEC-005-en Title: Vulnerability in BOA web server v0.94.8.2 Date: 03/10/2000 Status: Vendor contacted, patch available Scope: Arbitrary file access Platforms: Unix Author: llmora Location: http://www.s21sec.com/en/avisos/s21sec-005-en.txt Release: Public S 2 1 S E C http://www.s21sec.com...

7.4AI score
Exploits0
Rows per page
Query Builder