Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2988

Malware in sbrugna...

5CVSS6.4AI score0.01665EPSS
Exploits0References3
OSV
OSV
added 2024/11/05 10:19 p.m.12 views

GHSA-HXF5-99XG-86HW cap-std doesn't fully sandbox all the Windows device filenames

Impact cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so o...

2.3CVSS6.4AI score0.0056EPSS
Exploits0References8
OSV
OSV
added 2024/10/31 8:50 a.m.20 views

SUSE-SU-2024:3844-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn for dsidm commands bsc1231462 - Update to version 2.2.10git18.20ce9289: RFE: Use previously extracted key path Update dsidm to...

7.5CVSS7.2AI score0.01256EPSS
Exploits0References9
OSV
OSV
added 2024/10/31 8:50 a.m.17 views

SUSE-SU-2024:3843-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn for dsidm commands bsc1231462 - Update to version 2.2.10git18.20ce9289: RFE: Use previously extracted key path Update dsidm to...

7.5CVSS7.2AI score0.01256EPSS
Exploits0References6
OSV
OSV
added 2024/09/02 2:44 p.m.15 views

SUSE-SU-2024:3082-1 Security update for 389-ds

This update for 389-ds fixes the following issues: Security issues fixed: - CVE-2024-3657: Fixed potential denial of service via specially crafted kerberos AS-REQ request bsc1225512 - CVE-2024-5953: Fixed a denial of service caused by malformed userPassword hashes bsc1226277 - CVE-2024-2199: Fixe...

7.5CVSS6.9AI score0.01256EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.32 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2024:2910-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2910-1 advisory. Security issues fixed: - CVE-2024-3657: Fixed potential denial of service via specially crafted kerberos AS-REQ request bsc1225512 ...

7.5CVSS6.6AI score0.01256EPSS
Exploits0References11
Openbugbounty
Openbugbounty
added 2018/06/27 10:18 a.m.15 views

postaisde.pt XSS vulnerability

Open Bug Bounty ID: OBB-637343 Description| Value ---|--- Affected Website:| postaisde.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/03/13 3:58 p.m.16 views

codes.iarc.fr XSS vulnerability

Open Bug Bounty ID: OBB-579540 Description| Value ---|--- Affected Website:| codes.iarc.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/24 1:31 p.m.14 views

entresaoneetsalon.fr XSS vulnerability

Open Bug Bounty ID: OBB-567289 Description| Value ---|--- Affected Website:| entresaoneetsalon.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
NVD
NVD
added 2014/07/26 3:55 p.m.11 views

CVE-2014-2966

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism...

5CVSS6AI score0.01665EPSS
Exploits0References2
Prion
Prion
added 2014/07/26 3:55 p.m.16 views

Design/Logic Flaw

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism...

5CVSS6.4AI score0.01665EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/07/26 3:0 p.m.58 views

CVE-2014-2966

CVE-2014-2966 affects Resin Pro before 4.0.40. The ISO-8859-1 encoder does not perform Unicode transformations correctly, allowing crafted characters to bypass restrictions and the XSS protection mechanism in HTTP responses. The primary affected component is Resin Pro’s ISO-8859-1 output handling...

5CVSS6.1AI score0.01665EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/07/26 3:0 p.m.20 views

CVE-2014-2966

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism...

6AI score0.01665EPSS
Exploits0References2
CERT
CERT
added 2014/07/23 12:0 a.m.19 views

Resin Pro improperly performs Unicode transformations

Overview Resin Pro 4.0.39 and possibly earlier versions improperly performs Unicode transformations. Description CWE-20:Improper Input Validation Resin Pro 4.0.39 and possibly earlier versions perform incorrect Unicode transformations on output to HTTP responses for ISO-8859-1. This allows an...

5CVSS6.2AI score0.01665EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

GPG4Win GNU - Privacy Assistant PoC

No description provided by source. GPG4Win - GNU Privacy Assistant - GPA.EXE - Crash PoC Found By: DrIDE Tested On: 7RC, XPSP3 Usage: Paste this into GPA Clipboard, Verify. ''' -----BEGIN PGP MESSAGE----- Charset: ISO-8859-1 Version: GnuPG v1.4.9 GNU/Linux Comment: If you Verify me in Clipboard...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/10/10 12:0 a.m.32 views

ACDSee FotoSlate - '.PLP' File 'id' Local Overflow (Metasploit)

$Id: acdseefotoslatestring.rb 13853 2011-10-10 16:47:33Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS7AI score0.6128EPSS
Exploits8
exploitpack
exploitpack
added 2011/07/04 12:0 a.m.52 views

Adobe Reader 5.1 - XFDF Buffer Overflow (SEH)

Adobe Reader 5.1 - XFDF Buffer Overflow SEH Exploit Title: Adobe Reader 5.1 XFDF Buffer Overflow Vulnerability SEH Google Dork: N/A or filtype ".xfdf" Date: 04/01/2011 Author: [email protected] / http://extraexploit.blogspot.com Software Link: http://www.oldversion.com/download/acrobat51.exe...

7.5CVSS1.6AI score0.11074EPSS
Exploits4
Rows per page
Query Builder