Lucene search
K

128 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.22 views

Debian Security Advisory DSA 1098-1 (horde3)

The remote host is missing an update to horde3 announced via advisory DSA 1098-1. Michael Marek discovered that the Horde web application framework performs insufficient input sanitising, which might lead to the injection of web script code through cross-site scripting. The old stable distributio...

6.8CVSS6.8AI score0.02197EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.22 views

Debian Security Advisory DSA 1239-1 (sql-ledger)

The remote host is missing an update to sql-ledger announced via advisory DSA 1239-1. Several remote vulnerabilities have been discovered in SQL Ledger, a web based double-entry accounting program, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project...

7.5CVSS0.1AI score0.05734EPSS
Exploits4
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian Security Advisory DSA 1196-1 (clamav)

The remote host is missing an update to clamav announced via advisory DSA 1196-1. Several remote vulnerabilities have been discovered in the ClamAV malware scan engine, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following...

7.5CVSS0.2AI score0.19739EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.10 views

Debian: Security Advisory (DSA-1098-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.02197EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.15 views

Debian: Security Advisory (DSA-944-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03742EPSS
Exploits9References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.8 views

Debian: Security Advisory (DSA-782-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2008/01/14 12:0 a.m.21 views

Debian DSA-1462-1 : hplip - missing input sanitising

Kees Cook discovered that the hpssd tool of the HP Linux Printing and Imaging System HPLIP performs insufficient input sanitising of shell meta characters, which may result in local privilege escalation to the hplip user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.6CVSS5.3AI score0.67264EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2007/09/14 12:0 a.m.20 views

Debian DSA-1369-1 : gforge - missing input sanitising

Sumit I. Siddharth discovered that Gforge, a collaborative development tool performs insufficient input sanitising, which allows SQL injection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

7.5CVSS5.3AI score0.0201EPSS
Exploits0References3
Debian
Debian
added 2007/09/01 11:53 a.m.35 views

[SECURITY] [DSA 1366-1] New clamav packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1366-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 1st, 2007 http://www.debian.org/security/faq -...

7.6CVSS6.9AI score0.83539EPSS
Exploits12
FreeBSD
FreeBSD
added 2006/12/17 12:0 a.m.35 views

sql-ledger -- multiple vulnerabilities

The Debian security Team reports: Several remote vulnerabilities have been discovered in SQL Ledger, a web based double-entry accounting program, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: Chris Travers...

7.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.20 views

Debian DSA-999-1 : lurker - several vulnerabilities

Several security related problems have been discovered in lurker, an archive tool for mailing lists with integrated search engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1062 Lurker's mechanism for specifying configuration files was...

5CVSS5.7AI score0.01965EPSS
Exploits0References7
OSV
OSV
added 2006/09/04 12:0 a.m.33 views

DSA-1168-1 imagemagick

Bulletin has no description...

7.5CVSS7.4AI score0.0341EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/06/29 12:0 a.m.25 views

Horde Web Application Framework: XSS vulnerability

Background The Horde Web Application Framework is a general-purpose web application framework written in PHP, providing classes for handling preferences, compression, browser detection, connection tracking, MIME, and more. Description Michael Marek discovered that the Horde Web Application...

6.8CVSS7.2AI score0.02197EPSS
Exploits1
securityvulns
securityvulns
added 2006/05/25 12:0 a.m.37 views

Chatty improper input sanitizing

Chatty improper input sanitizing Discovered by: Nomenumbra Date: 21/5/2006 impact:moderate possible defacement Chatty is a PHP-based chatscript allowing users to chat over the web. Subscribing with a username like this: scriptalert22xss22/script would cause major xss in the chatroom. Nomenumbra...

3.2AI score
Exploits0
securityvulns
securityvulns
added 2006/05/07 12:0 a.m.34 views

ChipmunkBlogger improper input sanitizing

ChipmunkBlogger improper input sanitizing Discovered by: Nomenumbra Date: 6/4/2006 impact:moderate privilege escalation,possible defacement Posts potentially made by lower-privilege members and profile names aren't properly sanitized, thus resulting in being vulnerable to the following kind of XS...

2.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.19 views

Mandrake Linux Security Advisory : bluez-utils (MDKSA-2005:150)

A vulnerability in bluez-utils was discovered by Henryk Plotz. Due to missing input sanitizing, it was possible for an attacker to execute arbitrary commands supplied as a device name from the remote bluetooth device. The updated packages have been patched to correct this problem. %NASLMINLEVEL...

7.5CVSS5.6AI score0.024EPSS
Exploits0References1
OSV
OSV
added 2005/08/05 4:0 a.m.10 views

CVE-2005-1854

Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server...

7.3AI score
Exploits0References6
Debian
Debian
added 2005/07/19 8:14 a.m.36 views

[SECURITY] [DSA 762-1] New affix packages fix arbitrary command and code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 762-1 [email protected] http://www.debian.org/security/ Martin Schulze July 19th, 2005 http://www.debian.org/security/faq -...

10CVSS0.8AI score0.12938EPSS
Exploits0
CVE
CVE
added 2005/04/04 4:0 a.m.58 views

CVE-2005-0388

CVE-2005-0388 applies to remstats' remoteping service in versions up to 1.0.13. The vulnerability arises from missing input sanitising, enabling remote command execution. Debian DSA-704-1 fixes the issue in remstats (uptstream: version 1.0.13a-5 for sid; 1.00a4-8woody1 for woody). Red Hat advisor...

7.5CVSS7.4AI score0.01924EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/03/22 12:0 a.m.52 views

[SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 695-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.5AI score0.16344EPSS
Exploits1
Rows per page
Query Builder