6734 matches found
HP Data Protector 6.20 Multiple Vulnerabilities
Exploit for windows platform in category dos / poc Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protector Advisory ID: CORE-2011-0514 Advisory URL:...
Multiple vulnerabilities in HP Data Protector
Core Security Technologies - Corelabs Advisory Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protector Advisory ID: CORE-2011-0514 Advisory URL: http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities Date...
HP Data Protector 6.20 - Multiple Vulnerabilities
HP Data Protector 6.20 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protect...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent...
TYPO3 Security Bulletin
It has been discovered that the extension powermail powermail is vulnerable to Cross-Site Scripting, SQL Injection and Validation Bypass Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.5.3 and below Vulnerability...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. The QSslSocketBackendPrivate::transmit function in srcnetworksslqsslsocketopenssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service infinite loop via a malformed request...
CVE-2010-2020: FreeBSD kernel NFS client local vulnerabilities
Census ID: census-2010-0001 URL: http://census-labs.com/news/2010/05/26/freebsd-kernel-nfsclient/ CVE ID: CVE-2010-2020 Affected Products: FreeBSD 8.0-RELEASE, 7.3-RELEASE, 7.2-RELEASE Class: Improper Input Validation CWE-20 Remote: No Discovered by: Patroklos Argyroudis We have discovered two...
CVE-2009-2936
DISPUTED The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a...
KLA10414 ACe vulnerability in Avast! Antivirus
Improper input validation was found in Avast! Antivirus. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed IOCTL request. Original advisories - Related products...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, whi...
FreeBSD : monkey -- improper input validation vulnerability (4465c897-ee5c-11de-b6ef-00215c6a37bb)
Census Labs reports : We have discovered a remotely exploitable 'improper input validation' vulnerability in the Monkey web server that allows an attacker to perform denial of service attacks by repeatedly crashing worker threads that process HTTP requests. %NASLMINLEVEL 70300 C Tenable Network...
Monkey Web Server Denial Of Service
census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ≤ 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...
Telepark.wiki Multiple Vulnerabilities
This host is running Telepark wiki and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbteleparkwikimultvuln.nasl 4892 2016-12-30 15:39:07Z teissa $ Telepark.wiki Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...
CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability
census ID: census-2009-0003 URL: http://census-labs.com/news/2009/12/02/corehttp-web-server/ CVE ID: CVE-2009-3586 Affected Products: CoreHTTP web server versions = 0.5.3.1. Class: Improper Input Validation CWE-20, Failure to Constrain Operations within the Bounds of a Memory Buffer CWE-119 Remot...
Gentoo Security Advisory GLSA 200804-17 (speex)
The remote host is missing updates announced in advisory GLSA 200804-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service CPU consumption via an XML document with recursively nested...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service crash or infinite loop or trigger an integer overflow...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. The padroproot function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from 1 setresuid, 2 setreuid, 3 setuid, and 4 seteuid calls when attempting to drop privileges, which might...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...
Sql injection
SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly related to improper input validation of the PATHINFO PHPSELF by virtuemartparser.php...