Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.3 views

SUSE CVE-2014-0061

The validator functions for the procedural languages PLs in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is 1 defined in another language or 2 not allowed to b...

6.5CVSS7.2AI score0.0493EPSS
Exploits1References5
OSV
OSV
added 2022/05/14 4:4 a.m.17 views

GHSA-8R7Q-CVJQ-X353 Incorrect Privilege Assignment in Jinja2

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with jinja2 in /tmp...

8.6CVSS5.8AI score0.00373EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2022/05/02 12:0 a.m.24 views

Debian DLA-2987-1 : libarchive - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2987 advisory. Three issues have been found in libarchive, a multi-format archive and compression library. CVE-2021-31566 symbolic links incorrectly followed when changing modes,...

7.8CVSS6.8AI score0.00661EPSS
Exploits1References9
CNVD
CNVD
added 2020/11/20 12:0 a.m.3 views

Command Execution Vulnerability in Ocean CMS (CNVD-2020-69482)

Ocean CMS seacms, Ocean Video Management System is a video-on-demand system designed for webmasters with different needs. A command execution vulnerability exists in the background of Ocean CMS. Attackers can use this vulnerability to write malicious code to execute system commands and obtain...

7.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/05/04 12:0 a.m.48 views

Debian DLA-455-1 : asterisk security update

CVE-2014-6610 Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the resfaxspandsp module, allows remote authenticated users to cause a denial of service crash via an out of call message, which is not properly handled in the...

9CVSS7.9AI score0.46156EPSS
Exploits1References8
NVD
NVD
added 2014/09/04 10:55 a.m.10 views

CVE-2014-5285

Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors...

7.5CVSS6.6AI score0.02008EPSS
Exploits0References2
NVD
NVD
added 2012/10/11 10:51 a.m.21 views

CVE-2012-5381

Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\PHP directory, which may be added to the PATH system environment variable by an...

6CVSS6.6AI score0.00854EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2010/06/18 12:0 a.m.23 views

CVE-2010-0407

Multiple buffer overflows in the MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled...

6.8CVSS6AI score0.00394EPSS
Exploits0References2
Prion
Prion
added 2007/01/10 12:28 a.m.26 views

Design/Logic Flaw

The PML Driver HPZ12 HPZipm12.exe in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICECHANGECONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to...

4.1CVSS7.3AI score0.01283EPSS
Exploits1References8
Cvelist
Cvelist
added 2006/09/06 10:0 p.m.14 views

CVE-2006-4586

The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modifprofil.php, and changing a password via...

7.1AI score0.03088EPSS
Exploits1References10
Cvelist
Cvelist
added 2006/06/24 1:0 a.m.19 views

CVE-2006-3203

The installation of Ultimate PHP Board UPB 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges...

7AI score0.02684EPSS
Exploits1References3
Rows per page
Query Builder