1248 matches found
CVE-2013-1839
The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a "," character in an Accept-Language header...
CVE-2013-1839
The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a "," character in an Accept-Language header...
CVE-2013-1839
The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a "," character in an Accept-Language header...
CVE-2013-1839
Removed by vendor...
Request Tracker - ShowPending SQL Injection
Request Tracker - ShowPending SQL Injection source: https://www.securityfocus.com/bid/59022/info Request Tracker is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker ...
DEBIAN-CVE-2011-1165
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks...
CVE-2011-1165
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks...
Squid 3.x Denial Of Service
DoS loop, 100% cpu strHdrAcptLangGetItem at errorpage.cc Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.2.5, 3.2.7 This error is only triggered when squid needs to generate an error page for example backend node is not responding etc...
vino-preferences does not warn about UPnP especially with no password and no confirmation.
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks...
Clipbucket 2.5 Blind SQL Injection
Author: loneferret of Offensive Security Product: ClipBucket Version: 2.5 and maybe older versions Vendor Site: http://clip-bucket.com/ Software Download: http://sourceforge.net/projects/clipbucket/ Software description: ClipBucket is an OpenSource Multimedia Management Script Provided Free to th...
OS X Gather Keychain Enumeration
This module presents a way to quickly go through the current user's keychains and collect data such as email accounts, servers, and other services. Please note: when using the GETPASS and GETPASSAUTOACCEPT option, the user may see an authentication alert flash briefly on their screen that gets...
Moderate: Red Hat Security Advisory: rhevm security and bug fix update
Updated rhevm packages that fix one security issue and various bugs are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the...
glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error
The svcrun function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service CPU consumption via a large number of RPC connections...
glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error
The svcrun function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service CPU consumption via a large number of RPC connections...
glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error
The svcrun function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service CPU consumption via a large number of RPC connections...
glibc security and bug fix update
2.12-1.47.el62.5 - Avoid high cpu usage when accept fails with EMFILE 767692 2.12-1.47.el62.4 - Make implementation of ARENASTEST and ARENASMAX match documentation 769594 - Check malloc arena atomically 769594 2.12-1.47.el62.3 - Check values from TZ file header 767692 2.12-1.47.el62.2 - Correctly...
Apache Tomcat 4.x < 4.1.36 Multiple Vulnerabilities
According to its self-reported version number, the instance of Apache Tomcat 4.x listening on the remote host is prior to 4.1.36. It is, therefore, affected by the following vulnerabilities : - Requests containing multiple 'content-length' headers are not rejected as invalid. This error can allow...
V-CMS 1.0 Shell Upload
------------------------------------------------------------------------ Software................V-CMS 1.0 Vulnerability...........Arbitrary Upload Threat Level............Very Critical 5/5 Download................http://v-cms.org/ Discovery Date..........11/13/2011 Tested On...............Window...
phpLDAPadmin 0.9.4b - Denial of Service
phpLDAPadmin 0.9.4b - Denial of Service / Exploit Title: phpLDAPadmin 0.9.4b DoS Google Dork: "phpLDAPadmin - 0.9.4b" Date: 2011-10-23 Author: Alguien Software Link: http://sourceforge.net/projects/phpldapadmin/files/phpldapadmin/0.9.4b/ Version: 0.9.4b Tested on: Red Hat CVE : - Compilation:...
WORDPRESS Plugin Accept Signups 0.1 XSS
Exploit for php platform in category web applications Exploit Title: WORDPRESS Plugin Accept Signups PERSISTENT XSS Date:21/12/2010 Author: clshack Software Link:http://wordpress.org/extend/plugins/accept-signups/ Version:0.1 Tested on: wordpress 3.03 CVE : Vulnerable code accept-signupssubmit.ph...