Lucene search
+L

96 matches found

Cvelist
Cvelist
added 2013/11/12 1:0 a.m.32 views

CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...

6.9AI score0.00596EPSS
Exploits1References20
UbuntuCve
UbuntuCve
added 2013/11/12 12:0 a.m.39 views

CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...

6.9CVSS7.1AI score0.00596EPSS
Exploits1References16
OSV
OSV
added 2013/11/12 12:0 a.m.5 views

UBUNTU-CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...

6.9CVSS7AI score0.00596EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2013/11/07 12:0 a.m.10 views

PT-2013-5051 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12 Description: The issue is related to multiple integer overflows in Alchemy LCD frame-buffer drivers. Local users can create a read-write memory mapping for the entirety of kernel memory and gain privileges...

9.3CVSS7.5AI score0.34649EPSS
Exploits66References263
NVD
NVD
added 2006/12/10 11:28 a.m.16 views

CVE-2006-6441

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows local users to bypass security controls and boot Alchemy via certain alternate boot media, as demonstrated by a USB thumb drive...

4.6CVSS6.4AI score0.003EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.25 views

Alchemy Eye HTTP Command Execution

Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. SPDX-FileCopyrightText: 2001 HD Moore...

7.5CVSS7.1AI score0.02966EPSS
Exploits0References2
CERT
CERT
added 2002/09/27 12:0 a.m.34 views

Alchemy Eye HTTP Server does not adequately validate user input thereby allowing remote command execution

Overview Alchemy Eye does not properly validate HTTP requests, allowing arbitrary command execution. Description Alchemy Eye includes an HTTP server for remote system monitoring and control. In versions 2.0 through 2.6 of Alchemy Eye, the HTTP server component does not adequately validate HTTP...

7.5CVSS7.3AI score0.02966EPSS
Exploits0References4
NVD
NVD
added 2001/12/21 5:0 a.m.13 views

CVE-2001-0870

HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file...

5CVSS6.4AI score0.02414EPSS
Exploits0References3
NVD
NVD
added 2001/12/21 5:0 a.m.17 views

CVE-2001-0871

Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing 1 a .. in versions 2.0 through 2.6.18, or 2 a DOS device name followed by a .. in versions 2.6.19 through 3.0.10...

7.5CVSS7.6AI score0.02966EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2001/12/03 12:0 a.m.41 views

Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution

Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. %NASLMINLEVEL 70300 This script was...

7.5CVSS5.5AI score0.02966EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/12/01 12:0 a.m.37 views

Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing

-----BEGIN PGP SIGNED MESSAGE----- Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com to download NeXposetm, our advanced vulnerability scanner. Linux and Windows 2000 versions are available now! Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing Published: November...

5CVSS0.9AI score0.02414EPSS
Exploits0
securityvulns
securityvulns
added 2001/12/01 12:0 a.m.34 views

Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com to download NeXposetm, our advanced vulnerability scanner. Linux and Windows 2000 versions are available now! Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution Published: November 29,...

7.5CVSS1.3AI score0.02966EPSS
Exploits0
CVE
CVE
added 2001/11/30 5:0 a.m.42 views

CVE-2001-0870

The CVE-2001-0870 issue affects Alchemy Eye and Alchemy Network Monitor versions 1.9x through 2.6.18, whose built-in HTTP server is enabled by default and allows remote, unauthenticated access to view monitoring logs by directly requesting the eye.ini file. The vulnerability enables disclosure of...

5CVSS6.5AI score0.02414EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2001/11/30 5:0 a.m.59 views

CVE-2001-0871

CVE-2001-0871 affects Alchemy Eye and Alchemy Network Monitor’s built-in HTTP server. Versions 2.0–2.6.18 are vulnerable to simple dotdot traversal; versions 2.6.19–3.0.10 are vulnerable to a variant using a DOS device name (e.g., NUL) plus traversal. Successful exploitation allows remote attacke...

7.5CVSS7.6AI score0.02966EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2001/11/30 5:0 a.m.26 views

CVE-2001-0870

HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file...

6.4AI score0.02414EPSS
Exploits0References3
Cvelist
Cvelist
added 2001/11/30 5:0 a.m.26 views

CVE-2001-0871

Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing 1 a .. in versions 2.0 through 2.6.18, or 2 a DOS device name followed by a .. in versions 2.6.19 through 3.0.10...

7.6AI score0.02966EPSS
Exploits0References5
Rows per page
Query Builder