Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-7117

Malware in sbrugna...

5CVSS8.5AI score0.0304EPSS
Exploits1References16
Hacker One
Hacker One
added 2014/07/10 5:39 p.m.10 views

Yahoo!: Out-of-band read of arbitrary ASCII files on YQL backend servers via XML external parameter entities

The Yahoo Query Language YQL service allowed arbitrary XML documents to be loaded via the feednormalizer table and its prexslurl parameter. This enabled an attacker to exfiltrate data from the YQL backend servers by defining external parameter entities in the XML document that read local files. T...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2014/07/10 2:36 p.m.14 views

Yahoo!: Read arbitrary ASCII files on YQL backend servers via XSLT unparsed-entity-uri() and parameter entities

Hacker discovered a vulnerability that allowed an unauthorized actor to read arbitrary ASCII files and list directories on the Yahoo Query Language YQL backend servers. This was achieved by leveraging the unparsed-entity-uri XSLT function and the dynamic declaration of unparsed XML entities when...

7.6AI score
Exploits0
NVD
NVD
added 2014/03/24 4:31 p.m.29 views

CVE-2013-7345

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a large amount of...

5CVSS6.1AI score0.0304EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2010/01/06 12:0 a.m.32 views

CentOS 5 : enscript (CESA-2008:1016)

An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and spools the...

9.3CVSS5.6AI score0.08358EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/12/16 12:0 a.m.46 views

RHEL 5 : enscript (RHSA-2008:1016)

An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and spools the...

9.3CVSS5.6AI score0.08358EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2008/12/15 3:1 p.m.36 views

Moderate: Red Hat Security Advisory: enscript security update

An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and...

9.3CVSS6.2AI score0.08358EPSS
Exploits1References4
Fedora
Fedora
added 2008/11/06 4:6 a.m.25 views

[SECURITY] Fedora 9 Update: enscript-1.6.4-10.fc9

GNU enscript is a free replacement for Adobe's Enscript program. Enscript converts ASCII files to PostScriptTM and spools generated PostScript output to the specified printer or saves it to a file. Enscript can be extended to handle different output media and includes many options for customizing...

9.3CVSS0.6AI score0.08358EPSS
Exploits1
NVD
NVD
added 2007/12/31 7:46 p.m.25 views

CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on 1 temporary files used by the cligentempfd function in libclamav/others.c or on 2 .ascii files used by sigtool, when utf16-decode is enabled...

2.1CVSS6.1AI score0.00406EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2007/12/31 7:46 p.m.30 views

CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on 1 temporary files used by the cligentempfd function in libclamav/others.c or on 2 .ascii files used by sigtool, when utf16-decode is enabled...

2.1CVSS7.3AI score0.00406EPSS
Exploits0References1
OSV
OSV
added 2007/12/31 7:46 p.m.1 views

DEBIAN-CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on 1 temporary files used by the cligentempfd function in libclamav/others.c or on 2 .ascii files used by sigtool, when utf16-decode is enabled...

2.1CVSS8.4AI score0.00406EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2007/12/31 7:0 p.m.42 views

CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on 1 temporary files used by the cligentempfd function in libclamav/others.c or on 2 .ascii files used by sigtool, when utf16-decode is enabled...

2.1CVSS6.1AI score0.00406EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/02 12:0 a.m.26 views

RHEL 2.1 / 3 : enscript (RHSA-2005:039)

An updated enscript package that fixes several security issues is now available. GNU enscript converts ASCII files to PostScript. Enscript has the ability to interpret special escape sequences. A flaw was found in the handling of the epsf command used to insert inline EPS files into a document. A...

7.5CVSS5.9AI score0.04476EPSS
Exploits0References7
exploitpack
exploitpack
added 2000/03/27 12:0 a.m.26 views

GeoCel WindMail 3.0 - Remote File Read

GeoCel WindMail 3.0 - Remote File Read source: https://www.securityfocus.com/bid/1073/info WindMail is a command-line mailer that can be integrated with perl cgi applications to create form-mail capability for a website. WindMail 3.0 and possibly previous versions can be used to retrieve any asci...

7.4AI score
Exploits0
Rows per page
Query Builder