9262 matches found
MySQL Denial of Service (infinite loop) Vulnerabilities
MySQL is prone to denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql"; ifdescription...
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4051
The regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service application crash via a regular expression containing adjacent bounded repetitions that bypass the intended REDUPMAX...
CVE-2010-4051
The regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service application crash via a regular expression containing adjacent bounded repetitions that bypass the intended REDUPMAX...
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4051
The regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service application crash via a regular expression containing adjacent bounded repetitions that bypass the intended REDUPMAX...
Design/Logic Flaw
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4051
CVE-2010-4051 : The regcomp implementation in the GNU C Library (glibc/libc6) allows context-dependent attackers to cause a denial of service (application crash) via a regex containing adjacent bounded repetitions that bypass the RE_DUP_MAX limit. Affected versions include up to 2.11.3 and 2.12.x...
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4051
The regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service application crash via a regular expression containing adjacent bounded repetitions that bypass the intended REDUPMAX...
PYSEC-2011-28
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...
Protests and Website Hackings in Tunisia !
We are concerned about demonstrations that have occurred over the past few weeks in Tunisia, which we understand to be the result of social and economic unrest. We encourage all parties to show restraint as citizens exercise their right of public assembly. We have also conveyed our views directly...
Anonymous Clarifies Its Identity and Mission in Recent Statement
On December 10, 2010, Anonymous released a press statement to clarify its identity and objectives. Who is Anonymous? Anonymous, often misunderstood, is not a conventional group. Instead, it is an internet gathering without formal structure. Both Anonymous and the media acknowledge the perceived...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1017-1)
It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. CVE-2010-2008 It was discovered that MySQL...
CVE-2010-3835
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service mysqld server crash by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be...
expression-xss.txt
=================================== Vulnerability ID: HTB22618 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinexpressioncms1.html Product: Expression Vendor: Backbone Technology http://www.backbonetechnology.com Vulnerable Version: Current at 18.09.2010 and Probably Prior Versions...
Expression Cross Site Scripting
=================================== Vulnerability ID: HTB22618 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinexpressioncms1.html Product: Expression Vendor: Backbone Technology http://www.backbonetechnology.com Vulnerable Version: Current at 18.09.2010 and Probably Prior Versions...
XSS vulnerability in Expression CMS
Vulnerability ID: HTB22617 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinexpressioncms.html Product: Expression Vendor: Backbone Technology http://www.backbonetechnology.com Vulnerable Version: Current at 18.09.2010 and Probably Prior Versions Vendor Notification: 22 September 2010...