Lucene search
K

231 matches found

CNVD
CNVD
added 2015/06/29 12:0 a.m.11 views

Cisco Unified MeetingPlace SQL Injection Vulnerability (CNVD-2015-04162)

Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. A SQL injection vulnerability exists in Cisco Unified MeetingPlace due to the program failing to properly validate user input within a sql query. An authenticated, remote...

6.5CVSS8.1AI score0.01993EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.27 views

Microsoft Graphics Component Memory Corruption (MS14-007) - Ver2 (CVE-2014-0263)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted GIF files. A remote attacker can exploit this issue by enticing a user to view GIF files in shared content. Successful exploitatio...

9.3CVSS7.2AI score0.18885EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2014/06/19 10:50 a.m.16 views

CVE-2014-2611

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...

9CVSS6AI score0.11864EPSS
Exploits0References7
Prion
Prion
added 2014/06/19 10:50 a.m.19 views

Directory traversal

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...

9CVSS7.1AI score0.11864EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2012/12/04 6:52 p.m.5 views

rhev-m: MoveDisk ignores the disk's wipe-after-delete property

Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors...

2.1CVSS5.8AI score0.00352EPSS
Exploits0References4
Prion
Prion
added 2012/05/24 12:55 a.m.18 views

Authentication flaw

GR Board aka grboard 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to 1 modrewrite.php, 2 commentwriteok.php, 3 poll/index.php, 4 update/index.php, 5 trackback.php, or 6 an arbitrary...

6.4CVSS7.5AI score0.01301EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/10/18 12:0 a.m.41 views

openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0730-1)

local users could delete data files for tables of other users CVE-2010-1626. - authenticated users could gather information for tables they should not have access to CVE-2010-1849 - authenticated users could crash mysqld CVE-2010-1848 - authenticated users could potentially execute arbitrary code...

6.5CVSS5.5AI score0.21789EPSS
Exploits12References20
0day.today
0day.today
added 2010/06/25 12:0 a.m.16 views

linux/x86 delete all data on filesystem polymorphic shellcode

Exploit for linux/x86 platform in category shellcode ============================================================= linux/x86 delete all data on filesystem polymorphic shellcode ============================================================= /...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/05/26 2:57 p.m.5 views

mysql: multiple insufficient table name checks

Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. dot dot in a table name...

6.5CVSS5.9AI score0.03119EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.2 views

TeraStation HD-HTGL series cross-site request forgery vulnerability

Overview TeraStation HD-HTGL series provided by Buffalo, Inc. are hard disks for LAN connection and have administrative web interface. The administrative interface for the TeraStation HD-HTGL contains a cross-site request forgety CSRF vulnerability. Impact If a TeraStation HD-HTGL administrator w...

7.6CVSS6.8AI score0.01095EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/10/02 12:0 a.m.15 views

JVN#93484133 TeraStation HD-HTGL series cross-site request forgery vulnerability

Impact If a TeraStation HD-HTGL administrator who logged into the web administration interface views a malicous website, an attacker could possibly modify configurations or delete data on the hard disk. Solution Products Affected HD-HTGL Series firmware Ver. 2.05-beta-1 and earlier...

7.3AI score
Exploits0
Rows per page
Query Builder