Lucene search
K

5947 matches found

Positive Technologies
Positive Technologies
added 2008/11/18 12:0 a.m.5 views

PT-2008-6280 · Os-Prober +1 · Os-Prober +1

Name of the Vulnerable Software and Affected Versions: os-prober version 1.17 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/mounted-map or /tmp/raided-map temporary file. The vendor disputes this issue, stating that the insecure code path...

6.2CVSS9AI score0.00383EPSS
Exploits0References11
OSV
OSV
added 2008/09/25 7:25 p.m.2 views

DEBIAN-CVE-2008-4242

ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery CSRF attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web...

6.8CVSS7.6AI score0.07066EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2008/06/04 2:33 p.m.4 views

cups: integer overflow in the image filter

Multiple integer overflows in 1 filter/image-png.c and 2 filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service crash and trigger memory corruption, as demonstrated via a crafted PNG image...

4.3CVSS6.7AI score0.02EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/01/17 8:21 p.m.6 views

xfree86: information disclosure via TOG-CUP extension

The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index...

5CVSS7.4AI score0.01735EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2007/02/21 12:0 a.m.4 views

PT-2007-2481 · Xmms · Phpxmms

Name of the Vulnerable Software and Affected Versions: phpXmms version 1.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to 1 "phpxmmsb.php" or 2 "phpxmmst.php". However, a reliable third party has disputed this, stating that the tcm...

10CVSS8AI score0.02389EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.3 views

CVE-2006-6281

PHP remote file inclusion vulnerability in checkstatus.php in dicshunary 0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the dicshunaryrootpath parameter...

7.5CVSS6.2AI score0.02341EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.2 views

CVE-2006-6248

index.php in GPhotos 1.5 allows remote attackers to obtain sensitive information via an invalid rep parameter, which reveals the full path in an error message...

7.8CVSS5.5AI score0.01499EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2006/11/21 12:0 a.m.5 views

PT-2006-6666 · Bloo · Bloo

Name of the Vulnerable Software and Affected Versions: Bloo version 1.0 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the lang parameter in the extensions/googiespell/googlespell proxy.php file. Recommendations: For...

6.8CVSS5.5AI score0.01324EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2006/11/08 12:0 a.m.5 views

PT-2006-6487 · Xoops · Xoops

Name of the Vulnerable Software and Affected Versions: XOOPS version 1.0 Description: A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the newdownloadshowdays parameter in the /modules/wfdownloads/newlist.php endpoint...

6.8CVSS6AI score0.0156EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2006/09/29 12:23 a.m.6 views

openssh DoS

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...

7.8CVSS6.7AI score0.34666EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2006/09/29 12:18 a.m.7 views

openssh DoS

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...

7.8CVSS6.7AI score0.34666EPSS
Exploits1References4
OSV
OSV
added 2006/09/27 1:7 a.m.1 views

DEBIAN-CVE-2006-4924

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...

7.8CVSS9.1AI score0.34666EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2006/08/29 12:0 a.m.6 views

PT-2006-5246 · Cutenews · Cutenews

Name of the Vulnerable Software and Affected Versions: CuteNews versions 1.3.x Description: The issue allows remote attackers to potentially execute arbitrary PHP code via a URL in the cutepath parameter to API endpoints such as "show news.php" or "search.php". However, analysis has not identifie...

7.5CVSS7.8AI score0.01799EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2006/06/01 5:46 p.m.4 views

security flaw

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that 1 disable RIPv1 or 2 require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information routing state via REQUEST packets such as SEND UPDATE...

5CVSS7.4AI score0.1128EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2006/06/01 5:46 p.m.8 views

security flaw

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...

5CVSS5.8AI score0.10358EPSS
Exploits1References4
securityvulns
securityvulns
added 2006/05/26 12:0 a.m.38 views

ChatPat v1.0

ChatPat v1.0 Homepage: http://calendarscripts.info/download-3.html Description: An online chat room that lets users chat with each other. Effected files: fastchat.php fastshow.php The nickname input form doesn't sanatize user input before it adds it to the db. In turn this can cause SQL query...

Exploits0
securityvulns
securityvulns
added 2006/03/07 12:0 a.m.28 views

[Full-disclosure] Skype emoticons problems / bugs

Skype 1.x havent tested on 2.x windows version has problems with emoticons when there is a big enough list of them like this :...

2.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/11/19 12:0 a.m.5 views

PT-2005-4445 · Xmb · Xmb

Name of the Vulnerable Software and Affected Versions: XMB version 1.9.2 Description: The issue allows remote attackers to obtain the installation path. This is achieved by providing an invalid fid parameter in a newthread action to the post.php file. Recommendations: For XMB version 1.9.2,...

5CVSS6.7AI score0.02563EPSS
Exploits1References7
OSV
OSV
added 2005/10/05 9:2 p.m.2 views

DEBIAN-CVE-2005-3146

StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files...

2.1CVSS6.7AI score0.00362EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/08/02 12:0 a.m.39 views

PHPList Vunerability

SVadvisory12 Title: SQl injection Product: OpenBook Version: 1.2.2 Site: http://openbook.sourceforge.net/ Vulnerabilities Code: function authuser$userid, $password global $HTTPPOSTVARS; global $admintable; $userid=$HTTPPOSTVARS'userid'; $password=$HTTPPOSTVARS'password'; dbconnect; $query="SELECT...

0.1AI score
Exploits0
Rows per page
Query Builder