CentOS Update for rh-postgresql CESA-2010:0427 centos3 i386

Check for the Version of rh-postgresql OpenVAS Vulnerability Test CentOS Update for rh-postgresql CESA-2010:0427 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

CVE-2010-1587

creationtimestamp| type| source ---|---|--- 2010-04-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33868 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/apacheactivemqsourcedisclosure.rb 2018-05-29...

HP LaserJet printers - 存储型xss

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-048 http://dsecrg.ru/pages/vul/show.php?id=148 Application: HP LaserJet printer web interface Vulnerable: HP LaserJet 2200, 4350, 4600, 5500, and many others Vendor URL: http://www.hp.com/ Bug: Multiple...

RHEL 4 / 5 : java-1.5.0-sun (RHSA-2009:1199)

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Sun 1.5.0 Java release includes the Sun Java 5...

RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2009:0445)

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response...

HPSBPI02463 SSRT090061 rev.2 - HP LaserJet Printers, HP Color LaserJet Printers, Remote Cross Site Scripting (XSS)

Potential Security Impact Remote Cross Site Scripting XSS VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerabilities could be exploited remotely by Cross Site Scripting XSS...

Design/Logic Flaw

The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also...

CVE-2009-0897

IBM WebSphere Partner Gateway WPG 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive aka the archiver script...

CVE-2008-3958

CVE-2008-3958 affects IBM DB2 UDB 8 before Fixpak 17, where a remote attacker can crash the instance by sending a crafted CONNECT/ATTACH stream that mimics a V7 client connect/attach request. The note indicates overlap with CVE-2008-3858 and an incomplete fix related to CVE-2008-3959. The provide...

Cross site request forgery (csrf)

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service instance crash via a crafted CONNECT data stream that simulates a V7 client connect request...

CVE-2008-3858

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service instance crash via a crafted CONNECT data stream that simulates a V7 client connect request...

CVE-2008-2590

Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors...

CVE-2008-2590

Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors...

CVE-2008-2908

creationtimestamp| type| source ---|---|--- 2008-06-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16508 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novelliprintgetdriversettings.rb 2025-02-06...

Ruby XMLRPC Arbitrary Command Execution Vulnerability

Overview utils.rb in The Ruby XMLRPC server sets an insecure default value for the publicinstancemethods function, which could cause the highly privileged function to be exposed. Impact An attacker could execute arbitrary command on the system running Ruby XMLRPC. Solution Please refer to the...

CVE-2007-6081

AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs. Fixed in EventLog Analyzer Build 6000...

CVE-2007-0080

Buffer overflow in the SMBConnectServer function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMBHandleType instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that...

SQL injection - moodle

// http://www.w4cking.com Product: moodle 1.6.2 http://www.moodle.org Vulnerability: SQL injection Notes: - SQL injection can be used to obtain password hash - the moodle blog "module" must be enabled - guest access to the blog must be enabled POC:...

CVE-2006-3486

Off-by-one buffer overflow in the Instanceoptions::completeinitialization function in instanceoptions.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service application crash via unspecified vectors, which triggers the overflow...

CVE-2006-3486

Off-by-one buffer overflow in the Instanceoptions::completeinitialization function in instanceoptions.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service application crash via unspecified vectors, which triggers the overflow...