Lucene search
+L

88 matches found

CISA
CISA
added 2015/07/23 12:0 a.m.5 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in its Application Policy Infrastructure Controller, IOS software, and the Unified MeetingPlace Conferencing products. Exploitation of these vulnerabilities may allow a remote attacker to gain unauthorized access, cause a...

7.3AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/12/09 8:33 p.m.6 views

Kernel: ALSA: control: protect user controls against races & memory disclosure

An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture ALSA implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space...

1.9CVSS6.6AI score0.00335EPSS
Exploits0References4
OSV
OSV
added 2014/07/03 4:22 a.m.6 views

CVE-2014-4656

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to 1 index values in the sndctladd function and 2 numid values in the...

5.7AI score
Exploits0References23
OSV
OSV
added 2014/07/03 4:22 a.m.8 views

CVE-2014-4655

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the userctlcount value, which allows local users to cause a denial of service integer overflow and limit bypass by leveraging /dev/snd/controlCX acces...

7AI score
Exploits0References19
OpenVAS
OpenVAS
added 2011/11/11 12:0 a.m.28 views

Dell KACE K2000 Backdoor

The Dell KACE K2000 System Deployment Appliance contains a hidden administrator account that allow a remote attacker to take control of an affected device. OpenVAS Vulnerability Test $Id: gbdellkace2000backdoor.nasl 3117 2016-04-19 10:19:37Z benallard $ Dell KACE K2000 Backdoor Authors: Michael...

5CVSS0.8AI score0.01335EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2011/08/23 7:27 p.m.3 views

Android Trojan GingerMaster Uses Gingerbread Root Exploit

Android Trojan GingerMaster Uses Gingerbread Root Exploit As our smartphones become more ubiquitous and more powerful, they need to be protected in much the same way that you would protect your computer. Further to this, a malicious piece of malware has been discovered for devices powered by...

7.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/03/08 12:0 a.m.34 views

Microsoft Remote Desktop Client Insecure Library Loading (MS11-017; CVE-2011-0029)

The Remote Desktop feature in Windows enables access to all of the programs, resources, and accessories on a user's computer from another Windows-based computer. Once connected, Remote Desktop gives mouse and keyboard control over the computer while showing everything that is happening on the...

9.3CVSS7.3AI score0.0716EPSS
Exploits4
Check Point Advisories
Check Point Advisories
added 2010/11/01 12:0 a.m.5 views

Adobe Flash Player Flash Content Parsing Code Execution (APSA10-05; CVE-2010-3654)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the Adobe Flash Player that fails to properly parse Flash content inside PDF...

9.3CVSS9.3AI score0.69679EPSS
Exploits14
seebug.org
seebug.org
added 2009/11/03 12:0 a.m.30 views

Multiple Panda Security Products Local Privilege Escalation Vulnerability

No description provided by source. Application: Panda Global Protection 2010 Panda Internet Security 2010 Platforms: Windows XP Professional SP & windows Vista SP1 Exploitation: Local Privilege Escalation Date: 2009-10-27 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/10/28 12:0 a.m.26 views

Rising Firewall 2009 Privilege Escalation

No description provided by source. Application: Rising Firewall 2009 Platforms: Windows XP Professional SP2 Exploitation: Privilege Escalation Date: 2009-10-26 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical details 3 The Code N/A =============== 1 Introduction...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/11 12:0 a.m.44 views

Microsoft GDI+ BMP整数溢出漏洞(MS08-052)

BUGTRAQ ID: 31022 CVE ID:CVE-2008-3015 CNCVE ID:CNCVE-20083015 Microsoft Windows是一款微软开发的操作系统。 Microsoft Windows GDI+子系统解析特殊构建的BMP文件存在问题,远程攻击者可以利用漏洞进行内存破坏,可导致以登录用户进程权限执行任意代码。 提供畸形的BitMapInfoHeader可导致不正确的整数计算,而在之后造成内存破坏问题,构建特殊的BMP文件,诱使用户访问,可触发此漏洞。 Microsoft Works 8.0 Microsoft Visual Studio 2003...

9.3CVSS7.3AI score0.39272EPSS
Exploits1
Exploit DB
Exploit DB
added 2005/12/07 12:0 a.m.29 views

Dell TrueMobile 2300 - Remote Credential Reset

source: https://www.securityfocus.com/bid/15770/info It is possible for remote attackers to gain control of a target TrueMobile 2300 running firmware versions 3.0.0.8 and 5.1.1.6. Other versions are likely affected. The vulnerability appears to be in an administrative component accessed through t...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/10/13 12:0 a.m.31 views

Insecure Default Service DACL's in Windows 2003

To the list, In my documentation of the Default DACL on Windows 2003 Services, I have found and confirmed the following: Both the Distributed Link tracking Server Service and Internet Connection Firewall Service have the Default DACL of Everyone:Full Control, which basically lets anyone connect t...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2004/03/15 12:0 a.m.19 views

VocalTec VGW48 Telephony Gateway - Remote Authentication Bypass

VocalTec VGW48 Telephony Gateway - Remote Authentication Bypass source: https://www.securityfocus.com/bid/9876/info It has been reported that the VGW4/8 Telephony Gateway is prone to a remote authentication bypass vulnerability via its web configuration tool. The problem is due to a design error ...

Exploits0
securityvulns
securityvulns
added 2003/08/06 12:0 a.m.25 views

[sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/02/28 12:0 a.m.35 views

Webmin 'miniserv.pl' Base-64 String Metacharacter Handling Session Spoofing

The remote server is running a version of Webmin that is vulnerable to a Session ID spoofing attack. An attacker could use this flaw to log in as admin on this host, and gain full control of the system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

10CVSS5.6AI score0.15469EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/01/11 12:0 a.m.45 views

Half Life clanmod format string bug

Formst string bug in cmlog command requires rcon access...

2.2AI score
Exploits0References1Affected Software1
security_vulns
security_vulns
added 2002/03/08 12:0 a.m.33 views

Windows 2000 system partition weak default permissions

Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA Date: August, 03 2002 Risk: High Exploitable: Yes Remote: No Vendor notified: May, 17 2002 SECURITY.NNOV URL: http://www.security.nnov.ru Advanced info:...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/11/20 12:0 a.m.21 views

RealServer /admin/includes/ Remote Memory Content Disclosure

The remote Real Server discloses the content of its memory when issued the request : GET /admin/includes/ This information may be used by an attacker to obtain administrative control on this server, or to gain more knowledge about it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script...

5CVSS5.6AI score0.07853EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 1999/07/09 12:0 a.m.95 views

Portal of Doom Backdoor Detection

Portal of Doom is installed. This backdoor allows anyone to partially take the control of the remote system. An attacker may use it to steal your password or prevent your from working properly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0
Rows per page
Query Builder