Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53777

Impact ServerFilters.DigestAuth and the underlying DigestAuthProvider both defaulted their nonceVerifier parameter to true — i.e. every nonce was accepted regardless of value, age, or prior use. Any deployment using the default configuration had no replay protection on Digest authentication; a...

5.7AI score
Exploits0References7
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.7 views

CVE-2022-39325 Cross-site scripting vulnerability in BaserCMS

BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users...

4.6CVSS6AI score0.00547EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2017/09/05 2:10 p.m.80 views

Patch Released for Critical Apache Struts Bug

The Apache Software Foundation has patched a critical remote code execution vulnerability affecting all versions of the popular application development framework Struts since 2008. All web applications using the framework’s REST plugin are vulnerable. Users are advised to upgrade their Apache...

10CVSS9.9AI score0.99999EPSS
Exploits66References9
Tenable Nessus
Tenable Nessus
added 2015/09/08 12:0 a.m.36 views

Fedora 23 : drupal6-6.37-1.fc23 (2015-14443)

"Maintenance and security release of the Drupal 6 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003 No other fixes are...

7.5CVSS7.3AI score0.0506EPSS
Exploits0References10
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.69 views

Clarifications on LedgerSMB vulnerability with Bugtraq ID:24940

Hi all; The LedgerSMB team is still working on a security advisory which details the exact nature of the security vulnerability, how to test for it, etc. We are giving it a couple days to ensure that it is correct and well edited, and that administrators have a chance to upgrade before the exploi...

1.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/13 12:0 a.m.27 views

sitepanel2.txt

GulfTech Security Research May 3rd, 2005 Vendor : Morgan Harvey URL : http://www.sitepanel2.com/ Version : 2.6.1 And Earlier Risk : Multiple Vulnerabilities Description: SitePanel2 is a helpdesk / trouble ticket / support system used by businesses and individuals alike. There are a number of...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2004/04/05 12:0 a.m.33 views

racoon fails to verify signature during Phase 1

Ralf Spenneberg discovered a serious flaw in racoon. When using Phase 1 main or aggressive mode, racoon does not verify the client's RSA signature. Any installations using X.509 authentication are strongly urged to upgrade. Installations using pre-shared keys are believed to be unaffected...

7.5CVSS6.5AI score0.03625EPSS
Exploits0References1
Debian
Debian
added 2002/10/17 2:6 p.m.9 views

[SECURITY] [DSA 178-1] New Heimdal packages fix remote command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 178-1 [email protected] http://www.debian.org/security/ Martin Schulze October 17th, 2002 http://www.debian.org/security/faq -...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.43 views

sysklogd.bof.txt

Date: Tue, 16 Feb 1999 02:22:56 -0500 From: Cory Visi To: [email protected] Subject: RedHat sysklogd vulnerability I'd like to apologize for being so late with this e-mail as I have known about this problem for months. The vulnerability was discussed in a Thu, 10 Sep 1998 BugTraq e-mail by...

0.1AI score
Exploits0
Rows per page
Query Builder