CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

50 matches found

Positive Technologies•added 2012/08/29 12:0 a.m.•3 views

PT-2012-5107 · Mozilla +1 · Firefox +1

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 15.0 on Android Description: The issue is related to the improper implementation of unspecified callers of the android log print function in Mozilla Firefox on Android. This allows remote attackers to execute...

6.8CVSS7.8AI score0.01884EPSS

Exploits1References6

seebug.org•added 2012/08/08 12:0 a.m.•28 views

Discuz! X2.5最新版本日志功能存在XSS漏洞

简要描述： Discuz! X2.5最新版本日志功能存在XSS漏洞详细说明： Discuz! X2.5最新版本日志功能存在XSS漏洞日志发表没有过滤代码漏洞证明：从Discuz全新下载的X2.5安装包进行全新安装发表一篇日志写入XSS代码日志源码编辑没有进行XSS代码过滤...

7.1AI score

Exploits0

Prion•added 2008/01/08 2:46 a.m.•8 views

Buffer overflow

Multiple buffer overflows in Georgia SoftWorks SSH2 Server GSWSSHD 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a 1 a long username, which triggers an overflow in the log function; or 2 a long password...

7.5CVSS8.7AI score0.09238EPSS

Exploits0References5Affected Software1

Gentoo Linux•added 2006/08/10 12:0 a.m.•30 views

Net::Server: Format string vulnerability

Background Net::Server is an extensible, generic Perl server engine. It is used by several Perl applications like Postgrey. Description The log function of Net::Server does not handle format string specifiers properly before they are sent to syslog. Impact By sending a specially crafted datastrea...

5CVSS6.3AI score0.02698EPSS

Exploits0

CVE•added 2005/06/28 4:0 a.m.•48 views

CVE-2002-1904

CVE-2002-1904 describes a buffer overflow in the Log function of GazTek ghttpd 1.4–1.4.3 (util.c) that can be triggered by a long HTTP GET request, enabling remote code execution. The vulnerability is risk-labeled as high (CVSS base score 7.5) with network access, no authentication, and the poten...

7.5CVSS8.3AI score0.05629EPSS

Exploits1References4Affected Software1

Cvelist•added 2005/06/28 4:0 a.m.•15 views

CVE-2002-1904

Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request...

7.9AI score0.05629EPSS

Exploits1References4

Positive Technologies•added 2005/04/03 12:0 a.m.•2 views

PT-2005-1982 · Mtftpd · Mtftpd

Name of the Vulnerable Software and Affected Versions: mtftpd version 0.0.3 Description: The issue is related to a format string vulnerability in the log do function in log.c. This vulnerability can be exploited when the statistics option is enabled, allowing remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.04434EPSS

Exploits1References6

Cvelist•added 2005/02/13 5:0 a.m.•20 views

CVE-2004-1469

Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog...

7.2AI score0.0062EPSS

Exploits1References6

OSV•added 2004/07/07 4:0 a.m.•8 views

CVE-2004-0423

The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...

6.6AI score

Exploits0References1

NVD•added 2001/12/06 5:0 a.m.•10 views

CVE-2001-0820

Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to 1 the Log function in util.c, or 2 serveconnection in protocol.c...

7.5CVSS7.5AI score0.12697EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by