Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.15 views

EUVD-2012-2664

Malware in sbrugna...

5CVSS6.1AI score0.01791EPSS
Exploits0References6
CVE
CVE
added 2025/04/01 3:40 p.m.153 views

CVE-2025-21910

CVE-2025-21910 affects the Linux kernel (wifi: cfg80211: regulatory) where invalid user regulatory hints could pass through via regulatory_hint_user() into user_alpha2[]. The root cause involves isalpha() handling non-Latin symbols and a subsequent toupper() mutation that bypassed a prior check. ...

5.5CVSS7AI score0.002EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2019/01/15 8:55 a.m.17 views

Denial Of Service (DoS)

cumin is vulnerable to denial of service DoS attacks. The vulnerability exists as Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a li...

5CVSS5.7AI score0.01791EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.34 views

Fedora 22 : pcre-8.37-7.fc22 (2015-afafa29551)

This release fixes CVE-2015-8380 a heap-based buffer overflow in pcreexec when ovector has size 1. ---- This release fixes a crash when compiling an expression with long MARK or THEN names. It also fixes compiling a POSIX character class followed by a single ASCII character in a class item while...

7.5CVSS8.2AI score0.04436EPSS
Exploits1References3
Hacker One
Hacker One
added 2016/01/04 4:49 p.m.33 views

X (Formerly Twitter): Bypassing callback_url validation on Digits

Hi, I would like to report an issue in Digits which allows attacker to bypass the callbackurl validation of an application and thus takeover an account. Detail Digits is a part of the Fabric SDK which offers phone-based sign in. It also provides web login flow. In the navigation-based...

7AI score
Exploits0
NVD
NVD
added 2014/12/07 9:59 p.m.13 views

CVE-2014-9303

EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...

7.8CVSS6.5AI score0.03311EPSS
Exploits1References3
Prion
Prion
added 2014/12/07 9:59 p.m.19 views

Default credentials

EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...

7.8CVSS6.8AI score0.06986EPSS
Exploits6References3
Cvelist
Cvelist
added 2014/12/07 9:0 p.m.27 views

CVE-2014-9303

EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...

6.5AI score0.03311EPSS
Exploits1References3
NVD
NVD
added 2014/07/23 11:12 a.m.16 views

CVE-2014-1560

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use ASCII character encoding in a required context...

4.3CVSS6.2AI score0.01113EPSS
Exploits0References6
Cvelist
Cvelist
added 2014/07/23 10:0 a.m.31 views

CVE-2014-1560

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use ASCII character encoding in a required context...

8.9AI score0.01113EPSS
Exploits0References6
CVE
CVE
added 2014/07/23 10:0 a.m.70 views

CVE-2014-1560

CVE-2014-1560 affects Mozilla Firefox before 31.0 and Thunderbird before 31.0. The issue is in parsing X.509 certificates: a crafted certificate that does not use ASCII character encoding in a required context can trigger a denial of service. The vulnerability is triggered during certificate pars...

4.3CVSS8.7AI score0.01113EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2014/07/22 12:0 a.m.25 views

CVE-2014-1560

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use ASCII character encoding in a required context...

4.3CVSS6.6AI score0.01113EPSS
Exploits0References4
NVD
NVD
added 2014/07/19 7:55 p.m.30 views

CVE-2012-2682

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a link...

5CVSS6.2AI score0.01791EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/07/19 7:0 p.m.36 views

CVE-2012-2682

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a link...

6.2AI score0.01791EPSS
Exploits0References3
seebug.org
seebug.org
added 2009/07/27 12:0 a.m.17 views

PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl Original discover author banner PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN...

7.1AI score
Exploits0
Prion
Prion
added 2007/05/11 4:20 a.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.5AI score0.0253EPSS
Exploits1References24Affected Software1
NVD
NVD
added 2007/05/11 4:20 a.m.16 views

CVE-2007-1262

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.5AI score0.0253EPSS
Exploits1References24
UbuntuCve
UbuntuCve
added 2007/05/11 4:20 a.m.27 views

CVE-2007-1262

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.9AI score0.0253EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2007/05/09 12:0 a.m.39 views

squirrelmail -- Cross site scripting in HTML filter

The SquirrelMail developers report: Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that a...

4.3CVSS5.6AI score0.0253EPSS
Exploits1References1
securityvulns
securityvulns
added 2000/10/10 12:0 a.m.44 views

Microsoft Internet Explorer 5.5 ASCII equivalent of "%01" security vulnerability....

The following security vulnerability has been found in Microsoft Internet Explorer version 5.5 When "" an undisplayable character, which is eaqual to the 1st caharacter in ASCII table - after the 0th... inserted in some strategic position in Javascript code ,it is possible to access to local fil...

Exploits0
Rows per page
Query Builder