CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9133 matches found

seebug.org•added 2007/05/16 12:0 a.m.•28 views

PHP mcrypt_create_iv不安全加密实现漏洞

PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP生成随机加密种子的算法上存在漏洞，远程攻击者可能利用此漏洞获取非授权访问。 PHP的mcryptcreateiv函数以未初始化的变量做为种子调用phprandr，导致生成器反复生成相同的IV，具体取决于系统的栈结构。在某些情况下栈结构可能导致生成完全可预测的种子，因此也会生成可预测的IV，而非随机的IV会导致较弱的加密算法。 PHP PHP = 5.2.1 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

7.1AI score

Exploits0

Exploit DB•added 2007/05/07 12:0 a.m.•22 views

SunShop Shopping Cart 4.0 - 'index.php?l' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to steal cookie-based authentication...

7AI score

Exploits0

securityvulns•added 2007/05/04 12:0 a.m.•47 views

Apple QTJava toQTPointer() code execution

Unsafe implementation of Java method allows to overwrite memory regions...

7.6CVSS4.1AI score0.83804EPSS

Exploits1References1

Exploit DB•added 2007/04/23 12:0 a.m.•23 views

Phorum 5.1.20 - 'admin.php?Groups Module group_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the application fails to sufficiently...

7.4AI score

Exploits0

exploitpack•added 2007/04/23 12:0 a.m.•10 views

Phorum 5.1.20 - admin.php?module[] Full Path Disclosure

Phorum 5.1.20 - admin.php?module Full Path Disclosure source: https://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting...

7.4AI score

Exploits0

seebug.org•added 2007/04/17 12:0 a.m.•507 views

Sun Solaris IP实现远程拒绝服务漏洞

Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 8/9的IP实现上存在安全漏洞，远程非特权用户可能利用此漏洞通过发送特制IP报文降低联网Solaris系统的性能。 Solaris系统上可见大量的伪造IP碎片和/或大量的IP碎片重组失败。例如，运行以下命令： % /usr/bin/netstat -s | /usr/bin/egrep 'ReasmDuplicates|ReasmFails' 可能显示很高的ipv6ReasmDuplicates和ipv6ReasmFails计数器值。此外，单处理器的Solaris...

6.9AI score

Exploits0

NVD•added 2007/04/16 10:19 p.m.•22 views

CVE-2007-2045

Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service CPU consumption via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments...

5CVSS6.6AI score0.02079EPSS

Exploits0References10

CVE•added 2007/04/16 10:0 p.m.•71 views

CVE-2007-2045

The CVE-2007-2045 vulnerability affects the IP stack in Sun Solaris 8 and 9. A remote attacker can trigger a denial-of-service (CPU consumption) by sending crafted IP packets, likely involving fragmented packets with duplicate or missing fragments. Impact is described as CPU depletion leading to ...

5CVSS6.6AI score0.02079EPSS

Exploits0References10Affected Software1

exploitpack•added 2007/04/10 12:0 a.m.•12 views

DropAFew 0.2 - editlogcal.php?save Action calories SQL Injection

DropAFew 0.2 - editlogcal.php?save Action calories SQL Injection source: https://www.securityfocus.com/bid/23400/info DropAFew is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues...

0.6AI score

Exploits0

Tenable Nessus•added 2007/04/10 12:0 a.m.•24 views

FreeBSD : fetchmail -- insecure APOP authentication (f1c4d133-e6d3-11db-99ea-0060084a00e5)

Matthias Andree reports : The POP3 standard, currently RFC-1939, has specified an optional, MD5-based authentication scheme called 'APOP' which no longer should be considered secure. Additionally, fetchmail's POP3 client implementation has been validating the APOP challenge too lightly and accept...

2.6CVSS8.2AI score0.02423EPSS

Exploits1References3

Exploit DB•added 2007/04/09 12:0 a.m.•28 views

UBBCentral UBB.Threads 6.1.1 - 'UBBThreads.php' SQL Injection

source: https://www.securityfocus.com/bid/23369/info UBB.threads is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7AI score

Exploits0

FreeBSD•added 2007/04/06 12:0 a.m.•29 views

fetchmail -- insecure APOP authentication

Matthias Andree reports: The POP3 standard, currently RFC-1939, has specified an optional, MD5-based authentication scheme called "APOP" which no longer should be considered secure. Additionally, fetchmail's POP3 client implementation has been validating the APOP challenge too lightly and accepte...

2.6CVSS6.7AI score0.02423EPSS

Exploits1References1

securityvulns•added 2007/04/01 12:0 a.m.•31 views

NetBSD reference ISO protocol implementation multiple security vulnerabilities

Buffer overflows in different functions...

6.6CVSS3.3AI score0.00392EPSS

Exploits0Affected Software1

Cvelist•added 2007/03/21 11:0 p.m.•31 views

CVE-2007-1578

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...

7.6AI score0.16309EPSS

Exploits5References9

NVD•added 2007/03/20 8:19 p.m.•21 views

CVE-2007-1533

The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with different UDP ports within a solicitation session, which makes it easier for remote attackers to spoof the nonce through brute force attacks...

5CVSS6.5AI score0.10623EPSS

Exploits0References6

exploitpack•added 2007/03/19 12:0 a.m.•12 views

PHPX 3.5.153.5.16 - users.php SQL Injection

PHPX 3.5.153.5.16 - users.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

0.1AI score

Exploits0

exploitpack•added 2007/03/19 12:0 a.m.•12 views

PHPX 3.5.153.5.16 - forums.php SQL Injection

PHPX 3.5.153.5.16 - forums.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-base...

0.1AI score

Exploits0

Exploit DB•added 2007/03/19 12:0 a.m.•46 views

PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection

source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...

7.4AI score

Exploits0

securityvulns•added 2007/03/06 12:0 a.m.•82 views

CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ GnuPG and GnuPG clients unsigned data injection vulnerability Date Published: 2007-03-05 Last Update: 2007-03-05 Advisory ID: CORE-2007-0115 Bugtraq IDs: BID 22757 -...

7.8CVSS5.8AI score0.05359EPSS

Exploits5

Cvelist•added 2007/02/26 5:0 p.m.•26 views

CVE-2007-1104

PHP remote file inclusion vulnerability in top.php in PHP Module Implementation PHP-MIP 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter...

7.5AI score0.02323EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by