Lucene search
K

408 matches found

exploitpack
exploitpack
added 2012/08/31 12:0 a.m.20 views

SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities

SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/55347/info SugarCRM Community Edition is prone to multiple information-disclosure vulnerabilities because it fails to restrict access to certain application data. Attackers can...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2012/07/03 9:0 p.m.26 views

CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...

6AI score0.02162EPSS
Exploits1References5
exploitpack
exploitpack
added 2012/05/24 12:0 a.m.18 views

phpCollab 2.5 - Direct Request Multiple Protected Page Access

phpCollab 2.5 - Direct Request Multiple Protected Page Access source: https://www.securityfocus.com/bid/53675/info phpCollab is prone to an unauthorized-access and an arbitrary-file-upload vulnerabilities. Attackers can leverage these issues to gain unauthorized access to application data and to...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2012/05/24 12:0 a.m.12 views

PHPCollab 2.5 - uploadfile.php Crafted Request Arbitrary Non-PHP File Upload

PHPCollab 2.5 - uploadfile.php Crafted Request Arbitrary Non-PHP File Upload source: https://www.securityfocus.com/bid/53675/info phpCollab is prone to an unauthorized-access and an arbitrary-file-upload vulnerabilities. Attackers can leverage these issues to gain unauthorized access to applicati...

0.3AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2012/01/05 12:0 a.m.9 views

Changing from a single-user to a multi-user installation on Windows (rev2) – Opera Security Advisories

Changing from a single-user to a multi-user installation on Windows rev2 – Opera Security Advisories OPCOM Team | January 5, 2012 If you received the error message “There was a problem initializing Opera Mail. Engine Init Failed”, it may mean that you have a stand-alone USB installation of Opera...

5.8AI score
Exploits0References1
Prion
Prion
added 2011/10/19 10:55 a.m.24 views

Design/Logic Flaw

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

5CVSS7AI score0.04266EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2011/10/19 10:55 a.m.36 views

PYSEC-2011-2

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

5CVSS5.7AI score0.03024EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2011/10/19 10:0 a.m.51 views

CVE-2011-4136

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...

5.8CVSS6.2AI score0.02284EPSS
Exploits0
The Hacker News
The Hacker News
added 2011/08/28 8:22 p.m.1 views

INSECT Pro 2.7 - Penetration testing tool download

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/28 8:22 p.m.11 views

INSECT Pro 2.7 - Penetration testing tool download

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active...

6.8AI score
Exploits0
Metasploit
Metasploit
added 2011/04/24 7:28 p.m.53 views

Windows Gather Apple iOS MobileSync Backup File Collection

This module will collect sensitive files from any on-disk iOS device backups This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'English' class MetasploitModule 'Windows Gather Apple iOS MobileSync Backup File...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2011/04/08 3:0 p.m.27 views

CVE-2011-1475

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

4.1AI score0.0869EPSS
Exploits0References12
The Hacker News
The Hacker News
added 2010/12/07 4:29 a.m.7 views

Xplico v0.6.1 - Network Forensic Analysis Tool (NFAT)

"The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn't a network protocol analyzer. Xplico is...

6.2AI score
Exploits0
NVD
NVD
added 2010/11/09 1:0 a.m.24 views

CVE-2010-4213

The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...

4.3CVSS6.1AI score0.00905EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/11/08 11:0 p.m.28 views

CVE-2010-4212

The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data...

6.1AI score0.00292EPSS
Exploits0References3
Prion
Prion
added 2010/08/25 8:0 p.m.12 views

Code injection

Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the iPad allows remote attackers to read and modify MagCloud application data via unknown vectors...

6.4CVSS7AI score0.02088EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2010/08/25 7:0 p.m.16 views

CVE-2010-2711

Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the iPad allows remote attackers to read and modify MagCloud application data via unknown vectors...

6.5AI score0.02088EPSS
Exploits0References4
Prion
Prion
added 2010/04/16 6:30 p.m.11 views

Code injection

The IBM BladeCenter with Advanced Management Module AMM firmware before bpet50g does not properly perform interrupt sharing for USB and iSCSI, which allows remote attackers to cause a denial of service management module reboot via TCP packets with malformed application data...

5CVSS7.2AI score0.02769EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/05/26 3:30 p.m.21 views

Design/Logic Flaw

The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted...

4.3CVSS7.2AI score0.0068EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/05/26 3:16 p.m.40 views

CVE-2009-1754

The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted...

6.6AI score0.0068EPSS
Exploits1References5
Rows per page
Query Builder