CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PHP是一款广泛使用的WEB开发脚本语言。 PHP的ext/session在置于会话COOKIE前没有URL编码会话ID，远程攻击者可以利用漏洞可以对会话COOKIE进行注入攻击。当PHP' ext/session调用sessionstart，会在部分情况下发送新会话COOKIE，这些情况如下： - session id嵌入到PATHINFO - session id重生成 - session id通过sessionid设置 - sessionstart多次调用...

6.8AI score

Exploits0

seebug.org•added 2007/04/03 12:0 a.m.•31 views

PHP Imap_Mail_Compose()函数缓冲区溢出漏洞

BUGTRAQ ID: 23234 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的imapmailcompose函数实现上存在缓冲区溢出漏洞，本地攻击者可能利用此漏洞提升权限。 imapmailcompose函数在名为tmp的栈缓冲区中创建固定大小的多部邮件： PHPFUNCTIONimapmailcompose ... char tmp8 MAILTMPLEN, mystring=NULL, t=NULL, tempstring=NULL;...

6.7AI score

Exploits0

seebug.org•added 2007/03/28 12:0 a.m.•80 views

PHP会话数据反序列化代码执行漏洞

PHP是一款广泛使用的WEB开发脚本语言。 PHP会话数据反序列化存在问题，远程攻击者可利用此漏洞以应用程序权限执行任意指令。当registerglobals激活时，会话数据反序列化可以覆盖任意全局变量，包括SESSION数组。特殊的实现可导致任意代码执行。 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PHP 5.1.1 PHP PHP 5.1 PHP PHP 5.0.5 PHP PHP 5.0.4 PHP PHP 5.0.3 + Trustix Secu...

6.8AI score

Exploits0

seebug.org•added 2006/11/03 12:0 a.m.•29 views

PHP Apache 2 本地拒绝服务漏洞

'sapiapache2.c', 这个问题最终会影响PHP的5.1.0和4.4.1之前版本 Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix...

6.8AI score

Exploits0

securityvulns•added 2003/09/25 12:0 a.m.•22 views

[ESA-20030924-026] 'WebTool-userpass' passphrase disclosure vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | Guardian Digital Security Advisory September 24, 2003 | | http://www.guardiandigital.com ESA-20030924-026 | | | | Package: WebTool-userpass | | Summary: Passphrase disclosure...

0.5AI score

Exploits0

securityvulns•added 2003/09/16 12:0 a.m.•41 views

[ESA-20030916-023] OpenSSH buffer management error.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | Guardian Digital Security Advisory September 16, 2003 | | http://www.guardiandigital.com ESA-20030916-023 | | | | Packages: openssh, openssh-clients, openssh-server | |...

10CVSS0.6AI score0.26823EPSS

Exploits2

securityvulns•added 2003/03/19 12:0 a.m.•47 views

[ESA-20030318-009] Several 'kernel' vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | EnGarde Secure Linux Security Advisory March 18, 2003 | | http://www.engardelinux.org/ ESA-20030318-009 | | | | Package: kernel | | Summary: several vulnerabilities. |...

7.2CVSS1.4AI score0.04317EPSS

Exploits21

securityvulns•added 2002/10/30 12:0 a.m.•23 views

[ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | EnGarde Secure Linux Security Advisory October 29, 2002 | | http://www.engardelinux.org/ ESA-20021029-028 | | | | Package: syslog-ng | | Summary: buffer overflow in macro...

1.4AI score

Exploits0

Cvelist•added 2002/06/25 4:0 a.m.•15 views

CVE-2001-1240

The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access...

6.9AI score0.00461EPSS

Exploits0References1

CVE•added 2002/06/25 4:0 a.m.•38 views

CVE-2001-1240

The CVE-2001-1240 entry concerns Engarde Secure Linux 1.0.1 where the default sudo configuration allows any user in the admin group to execute certain commands that could yield full root access. The documents confirm the affected component is the sudo configuration on Engarde Secure Linux 1.0.1 a...

10CVSS7.3AI score0.00461EPSS

Exploits0References1Affected Software1

CVE•added 2002/06/25 4:0 a.m.•36 views

CVE-2001-1146

AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 is affected. The issue stems from creating temporary files with predictable names, enabling local users to perform a symlink attack to modify files. The description in the Connected documents confirms the root cause as predictable t...

1.2CVSS6.5AI score0.00109EPSS

Exploits0References3Affected Software1

Cvelist•added 2002/06/25 4:0 a.m.•13 views

CVE-2001-1146

AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack...

6.1AI score0.00109EPSS

Exploits0References3

Cvelist•added 2002/03/09 5:0 a.m.•19 views

CVE-2001-0739

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges...

6.5AI score0.0005EPSS

Exploits0References3

NVD•added 2001/10/18 4:0 a.m.•11 views

CVE-2001-0739

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges...

7.2CVSS6.5AI score0.0005EPSS

Exploits0References3

NVD•added 2001/07/11 4:0 a.m.•9 views

CVE-2001-1146

AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack...

1.2CVSS6.1AI score0.00109EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by