Lucene search
+L

68 matches found

OSV
OSV
added 2015/04/13 2:59 p.m.8 views

CVE-2015-2941

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

5.7AI score
Exploits0References7
OSV
OSV
added 2012/01/06 1:55 a.m.10 views

CVE-2012-0390

The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related...

7.8AI score
Exploits0References3
CVE
CVE
added 2011/07/07 9:0 p.m.39 views

CVE-2011-1946

The CVE affects libgnomesu 1.0.0’s gnomesu-pam-backend, which prints an error but continues on non‑error code paths after setgid/setuid failures, enabling local privilege escalation by exploiting two unprivileged accounts and spawning multiple processes. Connected sources confirm this is tracked ...

7.2CVSS6.6AI score0.00358EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2005/03/01 5:0 a.m.19 views

CVE-2004-1001

Unknown vulnerability in the passwdcheck function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pamchauthtok function call is not properly handled...

4.6CVSS6AI score0.00347EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.32 views

CVE-2002-0400

ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service shutdown via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dnsmessagefindtype function in message.c is not NULL, aka DoSfindtype...

6.4AI score0.14218EPSS
Exploits0References13
Exploit DB
Exploit DB
added 2004/08/13 12:0 a.m.81 views

LibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow

include include include "png.h" / The pngjmpbuf macro, used in error handling, became available in libpng version 1.0.6. If you want to be able to run your code with older versions of libpng, you must define the macro yourself but only if it is not already defined by libpng!. / ifndef pngjmpbuf...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/16 12:0 a.m.16 views

Cerberus FTP Server 2.1 - Information Disclosure

Cerberus FTP Server 2.1 - Information Disclosure source: https://www.securityfocus.com/bid/7369/info It has been reported that Cerberus FTP Server is prone to an information disclosure weakness. The problem exists in the way the FTP server handles the authentication procedure. An attacker may...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2003/03/28 12:0 a.m.20 views

PostNuke 0.72x Members_List Module - Full Path Disclosure

PostNuke 0.72x MembersList Module - Full Path Disclosure source: https://www.securityfocus.com/bid/7218/info Multiple path disclosure vulnerabilities have been reported in various PHP scripts used by PHP-Nuke. The issue occurs when an invalid URI parameter is passed to certain scripts. The affect...

7.4AI score
Exploits0
Rows per page
Query Builder