Lucene search
K

2223 matches found

CVE
CVE
added 2008/06/10 12:0 a.m.35 views

CVE-2008-2635

CVE-2008-2635 describes multiple directory traversal vulnerabilities in BitKinex 2.9.3 that allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. sequence in responses to LIST (FTP) and PROPFIND (WebDAV). The note indicates this can be leveraged for code execution by...

9.3CVSS7.5AI score0.02237EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2007/11/23 8:46 p.m.7 views

CVE-2007-6112

Buffer overflow in the PPP dissector Wireshark formerly Ethereal 0.99.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

7.7AI score
Exploits0References25
RedHat Linux
RedHat Linux
added 2007/10/25 5:33 p.m.4 views

php multiple integer overflows in gd

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

6.8CVSS6.2AI score0.04219EPSS
Exploits1References4
OSV
OSV
added 2007/09/27 8:17 p.m.8 views

CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

9.7AI score0.16061EPSS
Exploits0References75
Prion
Prion
added 2007/09/18 10:17 p.m.16 views

Directory traversal

Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. dot dot in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder...

9.3CVSS7.9AI score0.05989EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2007/09/12 8:17 p.m.15 views

Directory traversal

Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlier allows remote FTP servers to create or overwrite arbitrary files via a .. dot dot in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder...

9.3CVSS8AI score0.02687EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2007/06/12 11:0 p.m.8 views

CVE-2007-3194

Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggierootpath parameter to 1 config.php; 2 db.php, 3 template.php, 4 functions.php, and 5 classes.php in includes/; 6 viewmode.php; and 7 blogbody.php. NOT...

8AI score0.0155EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2006/12/14 12:0 a.m.7 views

PT-2006-7152 · Rad · Radupload

Name of the Vulnerable Software and Affected Versions: Rad Upload version 3.02 Description: A remote file inclusion issue exists due to the handling of the save path parameter in the upload.php file. This could potentially allow remote attackers to execute arbitrary PHP code by providing a URL in...

7.5CVSS7.9AI score0.01348EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/09/15 7:41 a.m.2 views

security flaw

Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...

7.6CVSS6AI score0.14074EPSS
Exploits0References4
OSV
OSV
added 2006/08/23 10:4 a.m.9 views

CVE-2006-4262

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...

7.6AI score
Exploits0References18
OSV
OSV
added 2006/08/15 11:4 p.m.5 views

CVE-2006-4144

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via large 1 bytesperpixel, 2 columns, and 3 rows values, which trigger a heap-based buffer overflow...

7.6AI score
Exploits0References26
Positive Technologies
Positive Technologies
added 2006/04/25 12:0 a.m.3 views

PT-2006-2919 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.15 through 0.10.14 Description: The issue is related to a buffer overflow that can be triggered via the COPS dissector, allowing remote attackers to cause a denial of service, potentially leading to a crash, and possibly...

5CVSS7.7AI score0.05028EPSS
Exploits0References25
OSV
OSV
added 2006/04/14 10:2 a.m.11 views

CVE-2006-1730

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow...

7.7AI score
Exploits0References76
Exploit DB
Exploit DB
added 2005/12/13 12:0 a.m.23 views

McGallery 1.0/1.1/2.2 - 'index.php?album' SQL Injection

source: https://www.securityfocus.com/bid/15845/info mcGallery PRO is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of...

7.4AI score
Exploits0
OSV
OSV
added 2005/12/12 9:3 p.m.7 views

CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...

7.4AI score
Exploits0References11
Exploit DB
Exploit DB
added 2005/06/01 12:0 a.m.34 views

Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation

source: https://www.securityfocus.com/bid/13837/info Microsoft Outlook Express is prone to an attachment file extension obfuscation vulnerability that may present a risk under certain configurations. The issue manifests due to Microsoft Outlook Express behavior while handling an 'EML' email...

7AI score
Exploits0
securityvulns
securityvulns
added 2005/04/27 12:0 a.m.47 views

iDEFENSE Security Advisory 04.26.05: Citrix Program Neighborhood Agent Arbitrary Shortcut Creation Vulnerability

Citrix Program Neighborhood Agent Arbitrary Shortcut Creation Vulnerability iDEFENSE Security Advisory 04.26.05 www.idefense.com/application/poi/display?id=237&type=vulnerabilities April 26, 2005 I. BACKGROUND Citrix Program Neighborhood Agent is a part of the Citrix Presentation Server Client an...

5CVSS0.7AI score0.01165EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/04 12:0 a.m.25 views

GLSA-200503-06 : BidWatcher: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200503-06 BidWatcher: Format string vulnerability Ulf Harnhammar discovered a format string vulnerability in 'netstuff.cpp'. Impact : Remote attackers can potentially exploit this vulnerability by sending specially crafted respons...

7.5CVSS6AI score0.01907EPSS
Exploits0References2
NVD
NVD
added 2005/03/02 5:0 a.m.20 views

CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmapunit value that leads to a buffer overflow...

7.5CVSS9.6AI score0.04507EPSS
Exploits0References27
Gentoo Linux
Gentoo Linux
added 2005/02/23 12:0 a.m.22 views

Cyrus IMAP Server: Multiple overflow vulnerabilities

Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description Possible single byte overflows have been found in the imapd annotate extension and mailbox handling code. Furthermore stack buffer overflows have been found in fetchnews, the backend and imapd. Impac...

7.5CVSS7.6AI score0.04244EPSS
Exploits0
Rows per page
Query Builder