CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1002 matches found

OpenVAS•added 2012/09/10 12:0 a.m.•13 views

Slackware Advisory SSA:2012-244-04 seamonkey

The remote host is missing an update as announced via advisory SSA:2012-244-04. OpenVAS Vulnerability Test $Id: esoftslkssa201224404.nasl 6581 2017-07-06 13:58:51Z cfischer $ Description: Auto-generated from advisory SSA:2012-244-04 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

0.7AI score

Exploits0

RedHat Linux•added 2012/09/07 12:42 p.m.•1 views

OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect integrity, related to CORBA...

5CVSS7.4AI score0.02455EPSS

Exploits0References4

OpenVAS•added 2012/08/10 12:0 a.m.•19 views

Debian Security Advisory DSA 2517-1 (bind9)

The remote host is missing an update to bind9 announced via advisory DSA 2517-1. OpenVAS Vulnerability Test $Id: deb25171.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2517-1 bind9 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

7.8CVSS0.4AI score0.06693EPSS

Exploits1

Tenable Nessus•added 2012/08/08 12:0 a.m.•28 views

FreeBSD : automake -- Insecure 'distcheck' recipe granted world-writable distdir (36235c38-e0a8-11e1-9f4d-002354ed89bc)

GNU reports : The recipe of the 'distcheck' target granted temporary world-write permissions on the extracted distdir. This introduced a locally exploitable race condition for those who run 'make distcheck' with a non-restrictive umask e.g., 022 in a directory that was accessible by others. A...

4.4CVSS7.9AI score0.00185EPSS

Exploits1References3

RedHat Linux•added 2012/06/20 11:38 a.m.•2 views

OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)

5CVSS7.4AI score0.02455EPSS

Exploits0References4

ThreatPost•added 2012/05/23 4:13 a.m.•7 views

Anatomy of a LulzSec Attack 'Singles Out' Web 2.0 Weakness

A new report analyzing a recent attack on a military dating site underscores the need for stronger safeguards on social networks. As part of its Hacker Intelligence Initiative, database and application security provider Imperva deconstructed a March attack by the hacker collective LulzSec on...

0.6AI score

Exploits0References1

Exploit DB•added 2012/05/15 12:0 a.m.•25 views

WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53523/info Newsletter Manager plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues ...

7.4AI score

Exploits0

Exploit DB•added 2012/05/12 12:0 a.m.•31 views

GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS

GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS. CVE-2012-6621. Webapps exploit for php platform source: http://www.securityfocus.com/bid/53501/info GetSimple CMS is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplie...

4.3CVSS6.3AI score0.00475EPSS

Exploits4

Exploit DB•added 2012/05/10 12:0 a.m.•26 views

Chevereto 1.91 - '/Upload/engine.php?v' Cross-Site Scripting

source: https://www.securityfocus.com/bid/53448/info Chevereto Image Upload Script is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker m...

7.4AI score

Exploits0

exploitpack•added 2012/05/10 12:0 a.m.•6 views

Chevereto 1.91 - Uploadengine.php?v Cross-Site Scripting

Chevereto 1.91 - Uploadengine.php?v Cross-Site Scripting source: https://www.securityfocus.com/bid/53448/info Chevereto Image Upload Script is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input before...

6.8AI score

Exploits0

OpenVAS•added 2012/04/30 12:0 a.m.•51 views

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 380e8c56-8e32-11e1-9580-4061862b8c22 OpenVAS Vulnerability Test $ Description: Auto generated from VID 380e8c56-8e32-11e1-9580-4061862b8c22 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

10CVSS0.4AI score0.17081EPSS

Exploits3

OpenVAS•added 2012/04/10 12:0 a.m.•32 views

Sourcefabric Newscoop Multiple Cross Site Scripting and SQL Injection Vulnerabilities

Sourcefabric Newscoop is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Exploiting these issues could allow an attacker to steal cookie- based authentication...

7.5CVSS0.6AI score0.01661EPSS

Exploits5References7

exploitpack•added 2012/03/20 12:0 a.m.•23 views

GNUBoard 4.34.20 - download.php HTML Injection

GNUBoard 4.34.20 - download.php HTML Injection source: https://www.securityfocus.com/bid/52622/info Gnuboard is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...

7.6AI score

Exploits0

Exploit DB•added 2012/02/28 12:0 a.m.•35 views

Fork CMS 3.x - '/backend/modules/error/actions/index.php?parse()' Multiple Error Display Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/52236/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...

7.4AI score

Exploits0

OpenVAS•added 2012/02/12 12:0 a.m.•28 views

Gentoo Security Advisory GLSA 201110-17 (avahi)

The remote host is missing updates announced in advisory GLSA 201110-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5CVSS8.9AI score0.57721EPSS

Exploits9

exploitpack•added 2012/01/21 12:0 a.m.•9 views

Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities

Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51608/info Acidcat ASP CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated...

0.3AI score

Exploits0

Exploit DB•added 2012/01/20 12:0 a.m.•18 views

Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/51597/info Syneto Unified Threat Management is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will...

7AI score

Exploits0

Exploit DB•added 2012/01/16 12:0 a.m.•20 views

PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51416/info PHP Membership Site Manager Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute...

7.4AI score

Exploits0

exploitpack•added 2012/01/16 12:0 a.m.•9 views

PHP Membership Site Manager Script 2.1 - index.php Cross-Site Scripting

PHP Membership Site Manager Script 2.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51416/info PHP Membership Site Manager Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically...

Exploits0

exploitpack•added 2012/01/10 12:0 a.m.•18 views

PHP-Fusion 7.2.4 - downloads.php Cross-Site Scripting

PHP-Fusion 7.2.4 - downloads.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51365/info PHP-Fusion is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may levera...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by