13 matches found
log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map MDC input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution RCE in a limited number of environments...
Null pointer dereference
The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool allows remote attackers to cause a denial of service NULL pointer dereference and Internet Explorer 6.0 crash via a large negative integer argument to the GetEntryPointForThread method. NOTE: this...
CVE-2008-4800
The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool allows remote attackers to cause a denial of service NULL pointer dereference and Internet Explorer 6.0 crash via a large negative integer argument to the GetEntryPointForThread method. NOTE: this...
Remote code execution
The GdPicture 1 Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control gdpicture4s.ocx 4.7.0.1 and 2 Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control gdpicturepro5s.ocx 5.7.0.1 allows remote attackers to create, overwrite, and modify arbitrary files via the SaveAsPDF method...
Remote code execution
The Chilkat XML ChilkatUtil.CkData.1 ActiveX control ChilkatUtil.dll 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the 1 SaveToFile, 2 SaveToTempFile, or 3 AppendBinary method. NOTE: this issue might only be exploitable in...
Design/Logic Flaw
PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backupphpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments...
CVE-2007-6211
Send ICMP Nasty Garbage sing on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L output log file option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to overrid...
Spoofing
Send ICMP Nasty Garbage sing on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L output log file option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to overrid...
CVE-2007-6211
Send ICMP Nasty Garbage sing on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L output log file option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to overrid...
CVE-2007-6211
The CVE-2007-6211 issue affects Debian GNU/Linux’s sing utility. It allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. The vulnerability is noted as limited in scope because sing is not installed setuid by default, so exploitation requires ove...
CVE-2007-4596
The perl extension in PHP does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments...
Code injection
The perl extension in PHP does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments...
CVE-2007-4596
The perl extension in PHP does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments...