356 matches found
CVE-2017-9543
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm...
Juniper Networks NorthStar Controller Application Buffer Overflow Vulnerability (CNVD-2017-07222)
Juniper Networks NorthStar Controller Application is a traffic planning controller from Juniper Networks, Inc. The controller optimizes service provider transport networks by establishing open industry standard protocols. A buffer overflow vulnerability exists in Juniper Networks NorthStar...
UBUNTU-CVE-2016-5598
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python...
Wireshark CORBA IDL Dissector Remote Denial of Service Vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A remote denial of service vulnerability exists in Wireshark versions 2.0.0 through 2.0....
Wireshark Denial of Service Vulnerability (CNVD-2016-01444)
Wireshark is the most popular network protocol parser. A denial-of-service vulnerability exists in Wireshark version 2.0.x prior to 2.0.2, which allows remote attackers to cause a denial of service via a crafted packet...
BSA-2016-001
Summary Security Advisory ID : BSA-2016-001 Component : Java Revision : 2.0 N/A...
IniNet Solutions SCADA Web Server Path Traversal Vulnerability
IniNet SCADA Web Server is a third-party web-based server software. Versions of SCADA Web Server prior to 2.02 fail to effectively filter certain elements within path names and are implemented with a path traversal vulnerability. An attacker can exploit this vulnerability to read arbitrary OS fil...
WordPress Plugin WonderPlugin Audio Player Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WonderPlugin Audio Player is one of the audio player plugin. WordPress WonderPlugin Audio Player plugin 2.0 and...
Vanilla Forums Cross-Site Scripting Vulnerability
Vanilla Forums is a Canadian company VanillaForums PHP-based open source forum program . A cross-site scripting vulnerability exists in Vanilla Forums versions 2.0.18.12 and 2.1.x prior to 2.1.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
PT-2014-5437 · Red Hat · Spacewalk-Java +1
Name of the Vulnerable Software and Affected Versions: spacewalk-java version 2.0.2 Red Hat Network RHN Satellite versions 5.5 through 5.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to API endpoints such as...
UBUNTU-CVE-2014-5031
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors...
PT-2012-4689 · Moodle · Moodle
Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.9 Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Moodle versions 2.3.x through 2.3.0 Description: A cross-site scripting XSS issue exists, allowing remote authenticated administrators...
PT-2011-4554 · Apache +3 · Apache Http Server +3
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.0.x through 2.0.64 Apache HTTP Server versions 2.2.x before 2.2.18 Description: The issue arises from the mod proxy module's improper interaction with RewriteRule and ProxyPassMatch pattern matches when configure...
PT-2008-5265 · Dic · Dic Shop V52 +1
Name of the Vulnerable Software and Affected Versions: DIC shop v50 versions 3.0 and earlier DIC shop v52 versions 2.0 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For DIC shop v5...
PT-2008-4391 · Pidgin +1 · Pidgin +1
Name of the Vulnerable Software and Affected Versions: Pidgin versions 2.0.0 and possibly other versions Description: A memory leak in Pidgin allows remote attackers to cause a denial of service via malformed XML documents. The issue has been disputed by the upstream vendor due to a lack of...
AZL-7422 CVE-2008-2149 affecting package wordnet for versions less than 3.0-38
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...