Lucene search
K

8688 matches found

RedHat Linux
RedHat Linux
added 2010/08/17 3:52 p.m.3 views

kernel: nfsd: fix vm overcommit crash

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...

6.9CVSS5.9AI score0.00372EPSS
Exploits0References4
exploitpack
exploitpack
added 2010/08/03 12:0 a.m.50 views

EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export

EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export Trustwave's SpiderLabs Security Advisory TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra Network Attached Storage NAS appliance https://www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt Published:...

9.3CVSS0.8AI score0.04266EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2010/07/14 12:0 a.m.42 views

Oracle Database Multiple Vulnerabilities (July 2010 CPU)

The remote Oracle database server is missing the July 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Listener - Net Foundation Layer - Oracle OLAP - Application Express - Network Layer - Export %NASLMINLEVEL 70300 C Tenable...

7.8CVSS5.3AI score0.0187EPSS
Exploits0References7
Prion
Prion
added 2010/07/13 10:30 p.m.20 views

Design/Logic Flaw

Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary...

2.1CVSS5.6AI score0.01026EPSS
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2010/07/04 12:0 a.m.26 views

Esoftpro Online Contact Manager - Multiple Vulnerabilities

Esoftpro Online Contact Manager - Multiple Vulnerabilities Exploit Title: Esoftpro Online Contact Manager Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:3 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYu...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/04 12:0 a.m.56 views

Esoftpro Online Contact Manager - Multiple Vulnerabilities

Exploit Title: Esoftpro Online Contact Manager Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:3 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/06/22 12:44 p.m.35 views

Moderate: Red Hat Security Advisory: vdsm security, bug fix, and enhancement update

Updated vdsm packages that fix one security issue, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

2.1CVSS5.8AI score0.00374EPSS
Exploits0References2
Atlassian
Atlassian
added 2010/06/21 3:40 a.m.14 views

XSS vulnerability in PDF export

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence action that performs the export to PDF. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's o...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2010/06/21 3:40 a.m.22 views

XSS vulnerability in PDF export

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence action that performs the export to PDF. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's o...

0.1AI score
Exploits0Affected Software1
OSV
OSV
added 2010/05/04 4:0 p.m.1 views

DEBIAN-CVE-2010-1431

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

7.5CVSS8.3AI score0.03802EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2010/05/04 3:0 p.m.29 views

CVE-2010-1431

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

7.5CVSS8.2AI score0.03802EPSS
Exploits0
Exploit DB
Exploit DB
added 2010/04/22 12:0 a.m.43 views

Cacti 0.8.7e - SQL Injection

CVSSv2 Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the “exportitemid” parameter to “templatesexport.php” script is not properly sanitized before being used in a SQL query...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2010/04/21 12:0 a.m.82 views

cacti -- SQL injection and command execution vulnerabilities

Bonsai information security reports: A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the "exportitemid" parameter to "templatesexport.php" script is not properly sanitized before being used in a SQL query. The sam...

7.5CVSS6.7AI score0.03802EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2010/03/28 12:0 a.m.27 views

Discuz! Cross Site Scripting

hi; All versions of Discuz! have the cross-site vulnerabilities because of the export value of "$referer". Like: Discuz! 7.X Discuz! 6.X Discuz! 5.X Discuz!NT 3.X and so on. There are some htm pages in all versions of Discuz!, that are: /templates/default/attachpay.htm /templates/default/ecrate.h...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/03/24 12:0 a.m.50 views

"$referer" export lead to the cross-site flaws in all versions of Discuz!

hi; All versions of Discuz! have the cross-site vulnerabilities because of the export value of "$referer". Like: Discuz! 7.X Discuz! 6.X Discuz! 5.X Discuz!NT 3.X and so on. There are some htm pages in all versions of Discuz!, that are: /templates/default/attachpay.htm /templates/default/ecrate.h...

0.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/02/23 12:0 a.m.4 views

Microsoft WordPerfect 5.x Converter Buffer Overflow (CVE-2004-0573)

The Microsoft Office text editing tools support a number of foreign file formats for compatibility with third party software. The foreign file format support is based on import and export converters. When a text editor needs to read a foreign format file, a converter transforms the file to an...

7.5CVSS6.7AI score0.42337EPSS
Exploits0
Drupal
Drupal
added 2010/02/03 12:0 a.m.11 views

SA-CONTRIB-2010-014 - Node Export - Arbitrary code execution

The Node export module allows users to export and import nodes. Node export does not warn administrators that users with the "access administration pages" permission together with the "import nodes" permission can execute arbitrary PHP statements during the import operation. Versions affected Nod...

7.7AI score
Exploits0References6
Cvelist
Cvelist
added 2010/01/08 6:0 p.m.49 views

CVE-2009-4486

Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema...

7.9AI score0.0433EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.30 views

Fedora Core 11 FEDORA-2009-12575 (cacti)

The remote host is missing an update to cacti announced via advisory FEDORA-2009-12575. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

4.3CVSS6.4AI score0.05739EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2009/12/28 12:0 a.m.35 views

Fedora 11 : cacti-0.8.7e-3.fc11 (2009-12575)

This fix contains several official patches from cacti: Command Line Add Graphs Syntax SNMP Invalid Responses Template Import/Export Duplication Cross-Site Scripting Fixes http://www.cacti.net/downloadpatches.php Note that Tenable Network Security has extracted the preceding description block...

4.3CVSS5.3AI score0.05739EPSS
Exploits6References4
Rows per page
Query Builder