Lucene search
K

8749 matches found

Tenable Nessus
Tenable Nessus
added 2010/09/09 12:0 a.m.38 views

FreeBSD : mozilla -- multiple vulnerabilities (4a21ce2c-bb13-11df-8e32-000f20797ede)

The Mozilla Project reports : MFSA 2010-49 Miscellaneous memory safety hazards rv:1.9.2.9/ 1.9.1.12 MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-53 Heap buffer...

9.3CVSS9.3AI score0.22109EPSS
Exploits1References31
Tenable Nessus
Tenable Nessus
added 2010/09/09 12:0 a.m.48 views

Debian DSA-2106-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2760, CVE-2010-3167, CVE-2010-3168 Implementation errors in XUL processing allow the...

9.3CVSS8.6AI score0.06527EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2010/09/08 12:24 a.m.7 views

Mozilla Copy-and-paste or drag-and-drop into designMode document allows XSS (MFSA 2010-62)

Cross-site scripting XSS vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in...

4.3CVSS7.5AI score0.0207EPSS
Exploits0References4
Mozilla
Mozilla
added 2010/09/07 12:0 a.m.45 views

Copy-and-paste or drag-and-drop into designMode document allows XSS — Mozilla

Security researcher Paul Stone reported that when an HTML selection containing JavaScript is copy-and-pasted or dropped onto a document with designMode enabled the JavaScript will be executed within the context of the site where the code was dropped. A malicious site could leverage this issue in ...

4.3CVSS0.6AI score0.0207EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.19 views

Cisco IOS Secure Copy Authorization Bypass Vulnerability

The server side of the Secure Copy SCP implementation in Cisco Internetwork Operating System IOS contains a vulnerability that allows any valid user, regardless of privilege level, to transfer files to and from an IOS device that is configured to be a Secure Copy server. This vulnerability could...

8.5CVSS5.5AI score0.02576EPSS
Exploits0References3
0day.today
0day.today
added 2010/08/18 12:0 a.m.21 views

PHP 5.3.3 ibase_gen_id() off-by-one Overflow Vulnerability

Exploit for php platform in category dos / poc ========================================================== PHP 5.3.3 ibasegenid off-by-one Overflow Vulnerability ========================================================== === Vulnerability === PHP 5.3.3 Possible All versions ibasegenid off-by-one...

7AI score
Exploits0
NVD
NVD
added 2010/08/11 6:47 p.m.23 views

CVE-2010-2542

Stack-based buffer overflow in the isgitdirectory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy...

7.5CVSS6.6AI score0.02507EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2010/08/11 6:47 p.m.25 views

CVE-2010-2542

Stack-based buffer overflow in the isgitdirectory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy...

7.5CVSS6AI score0.02507EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2010/06/25 12:0 a.m.48 views

Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AVM...

10CVSS4.5AI score0.06751EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2010/04/20 8:45 p.m.13 views

Copy Machines, Security Risk?

CBS News broadcaster Armen Keteyian reports that the advanced technology added to the good, old-fashioned copy machine has opened a dangerous hole in data security...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2010/04/06 12:0 a.m.84 views

ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability

ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-059 April 5, 2010 -- CVE ID: CVE-2010-0846 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPoint...

7.5CVSS0.7AI score0.06581EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/04/06 12:0 a.m.37 views

CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

10CVSS4.8AI score0.16755EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
added 2010/04/05 12:0 a.m.62 views

Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within a function responsible for...

10CVSS4.9AI score0.06581EPSS
Exploits0References1
NVD
NVD
added 2010/03/30 6:30 p.m.25 views

CVE-2010-0064

DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users...

6.9CVSS6.2AI score0.00336EPSS
Exploits0References2
Cvelist
Cvelist
added 2010/03/30 6:0 p.m.22 views

CVE-2010-0064

DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users...

8.6AI score0.00336EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2010/03/04 4:19 p.m.11 views

Researchers Find Flaw in RSA Authentication

University of Michigan scientists have found they could foil RSA authentication by varying the voltage supply to the holder of the “private key,” which would be the consumer’s device in the case of copy protection and the retailer or bank in the case of Internet communication. It is highly unlike...

1.8AI score
Exploits0References2
Prion
Prion
added 2010/02/27 12:30 a.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1.7.3 rc2 allows remote attackers to inject arbitrary web script or HTML via the which parameter in a copy action...

4.3CVSS6.1AI score0.02172EPSS
Exploits1References9Affected Software1
Metasploit
Metasploit
added 2010/02/08 7:4 p.m.39 views

Microsoft IIS WebDAV Write Access Code Execution

This module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script via a WebDAV PUT request. The target IIS machine must meet these conditions to be considered as exploitable: It allows 'Script resource access', Read and Wri...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2010/01/10 12:0 a.m.26 views

linux/x86 cp /bin/sh /tmp/katy

No description provided by source. / Linux/x86 /bin/cp /bin/sh /tmp/katy ; chmod 4555 /tmp/sh using fork / include stdio.h char shellcode = "\xeb\x5e\x5f\x31\xc0\x88\x47\x07\x88\x47\x0f\x88\x47\x19\x89\x7f" "\x1a\x8d\x77\x08\x89\x77\x1e\x31\xf6\x8d\x77\x10\x89\x77\x22\x89"...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.286 views

Fedora Core 11 FEDORA-2009-13694 (kernel)

The remote host is missing an update to the linux kernel announced via advisory FEDORA-2009-13694. OpenVAS Vulnerability Test $Id: fcore200913694.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13694 kernel Authors: Thomas Reinke Copyright: Copyrigh...

7.2CVSS0.6AI score0.0489EPSS
Exploits17References1
Rows per page
Query Builder