21 matches found
EUVD-2012-2664
Malware in sbrugna...
CVE-2025-21910
CVE-2025-21910 affects the Linux kernel (wifi: cfg80211: regulatory) where invalid user regulatory hints could pass through via regulatory_hint_user() into user_alpha2[]. The root cause involves isalpha() handling non-Latin symbols and a subsequent toupper() mutation that bypassed a prior check. ...
Denial Of Service (DoS)
cumin is vulnerable to denial of service DoS attacks. The vulnerability exists as Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a li...
Fedora 22 : pcre-8.37-7.fc22 (2015-afafa29551)
This release fixes CVE-2015-8380 a heap-based buffer overflow in pcreexec when ovector has size 1. ---- This release fixes a crash when compiling an expression with long MARK or THEN names. It also fixes compiling a POSIX character class followed by a single ASCII character in a class item while...
X (Formerly Twitter): Bypassing callback_url validation on Digits
Hi, I would like to report an issue in Digits which allows attacker to bypass the callbackurl validation of an application and thus takeover an account. Detail Digits is a part of the Fabric SDK which offers phone-based sign in. It also provides web login flow. In the navigation-based...
CVE-2014-9303
EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...
Default credentials
EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...
CVE-2014-9303
EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...
CVE-2014-1560
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use ASCII character encoding in a required context...
CVE-2014-1560
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use ASCII character encoding in a required context...
CVE-2014-1560
CVE-2014-1560 affects Mozilla Firefox before 31.0 and Thunderbird before 31.0. The issue is in parsing X.509 certificates: a crafted certificate that does not use ASCII character encoding in a required context can trigger a denial of service. The vulnerability is triggered during certificate pars...
CVE-2014-1560
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use ASCII character encoding in a required context...
CVE-2012-2682
Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a link...
CVE-2012-2682
Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a link...
PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl Original discover author banner PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...
CVE-2007-1262
Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...
CVE-2007-1262
Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...
squirrelmail -- Cross site scripting in HTML filter
The SquirrelMail developers report: Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that a...
Microsoft Internet Explorer 5.5 ASCII equivalent of "%01" security vulnerability....
The following security vulnerability has been found in Microsoft Internet Explorer version 5.5 When "" an undisplayable character, which is eaqual to the 1st caharacter in ASCII table - after the 0th... inserted in some strategic position in Javascript code ,it is possible to access to local fil...