Lucene search
K

356 matches found

OSV
OSV
added 2017/06/12 6:29 a.m.5 views

CVE-2017-9543

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm...

7.5CVSS6AI score0.01332EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/18 12:0 a.m.4 views

Juniper Networks NorthStar Controller Application Buffer Overflow Vulnerability (CNVD-2017-07222)

Juniper Networks NorthStar Controller Application is a traffic planning controller from Juniper Networks, Inc. The controller optimizes service provider transport networks by establishing open industry standard protocols. A buffer overflow vulnerability exists in Juniper Networks NorthStar...

6.5CVSS7.1AI score0.01163EPSS
Exploits0References1
OSV
OSV
added 2016/10/25 2:31 p.m.6 views

UBUNTU-CVE-2016-5598

Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python...

5.6CVSS6.2AI score0.02207EPSS
Exploits0References2
CNVD
CNVD
added 2016/07/29 12:0 a.m.5 views

Wireshark CORBA IDL Dissector Remote Denial of Service Vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A remote denial of service vulnerability exists in Wireshark versions 2.0.0 through 2.0....

5.9CVSS6AI score0.06444EPSS
Exploits1References1
CNVD
CNVD
added 2016/03/03 12:0 a.m.3 views

Wireshark Denial of Service Vulnerability (CNVD-2016-01444)

Wireshark is the most popular network protocol parser. A denial-of-service vulnerability exists in Wireshark version 2.0.x prior to 2.0.2, which allows remote attackers to cause a denial of service via a crafted packet...

5.9CVSS7.3AI score0.03096EPSS
Exploits0References1
Broadcom
Broadcom
added 2016/01/15 12:0 a.m.5 views

BSA-2016-001

Summary Security Advisory ID : BSA-2016-001 Component : Java Revision : 2.0 N/A...

10CVSS4.9AI score0.06451EPSS
Exploits0
CNVD
CNVD
added 2015/10/26 12:0 a.m.5 views

IniNet Solutions SCADA Web Server Path Traversal Vulnerability

IniNet SCADA Web Server is a third-party web-based server software. Versions of SCADA Web Server prior to 2.02 fail to effectively filter certain elements within path names and are implemented with a path traversal vulnerability. An attacker can exploit this vulnerability to read arbitrary OS fil...

5CVSS6.8AI score0.02089EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/06 12:0 a.m.6 views

WordPress Plugin WonderPlugin Audio Player Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WonderPlugin Audio Player is one of the audio player plugin. WordPress WonderPlugin Audio Player plugin 2.0 and...

4.3CVSS6.1AI score0.04186EPSS
Exploits1References1
CNVD
CNVD
added 2015/02/28 12:0 a.m.3 views

Vanilla Forums Cross-Site Scripting Vulnerability

Vanilla Forums is a Canadian company VanillaForums PHP-based open source forum program . A cross-site scripting vulnerability exists in Vanilla Forums versions 2.0.18.12 and 2.1.x prior to 2.1.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.3CVSS6.1AI score0.01773EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/11/03 12:0 a.m.5 views

PT-2014-5437 · Red Hat · Spacewalk-Java +1

Name of the Vulnerable Software and Affected Versions: spacewalk-java version 2.0.2 Red Hat Network RHN Satellite versions 5.5 through 5.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to API endpoints such as...

4.3CVSS6.3AI score0.01759EPSS
Exploits0References6
OSV
OSV
added 2014/07/29 12:0 a.m.5 views

UBUNTU-CVE-2014-5031

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors...

5CVSS5.8AI score0.02911EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/07/23 12:0 a.m.3 views

PT-2012-4689 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.9 Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Moodle versions 2.3.x through 2.3.0 Description: A cross-site scripting XSS issue exists, allowing remote authenticated administrators...

3.5CVSS5.1AI score0.0144EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2011/11/30 12:0 a.m.8 views

PT-2011-4554 · Apache +3 · Apache Http Server +3

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.0.x through 2.0.64 Apache HTTP Server versions 2.2.x before 2.2.18 Description: The issue arises from the mod proxy module's improper interaction with RewriteRule and ProxyPassMatch pattern matches when configure...

4.6CVSS6.9AI score0.82756EPSS
Exploits13References33
Positive Technologies
Positive Technologies
added 2008/09/05 12:0 a.m.3 views

PT-2008-5265 · Dic · Dic Shop V52 +1

Name of the Vulnerable Software and Affected Versions: DIC shop v50 versions 3.0 and earlier DIC shop v52 versions 2.0 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For DIC shop v5...

6.1CVSS6AI score0.00957EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2008/07/01 12:0 a.m.4 views

PT-2008-4391 · Pidgin +1 · Pidgin +1

Name of the Vulnerable Software and Affected Versions: Pidgin versions 2.0.0 and possibly other versions Description: A memory leak in Pidgin allows remote attackers to cause a denial of service via malformed XML documents. The issue has been disputed by the upstream vendor due to a lack of...

5CVSS7AI score0.02EPSS
Exploits0References14
OSV
OSV
added 2008/05/12 9:20 p.m.6 views

AZL-7422 CVE-2008-2149 affecting package wordnet for versions less than 3.0-38

Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...

7.5CVSS6.3AI score0.04087EPSS
Exploits2References1
Rows per page
Query Builder