CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

301 matches found

Tenable Nessus•added 2014/06/13 12:0 a.m.•32 views

openSUSE Security Update : thttpd (openSUSE-SU-2013:1862-1)

This update fixes the following security issue with thttpd : - fix CVE-2013-0348 bnc853381 - don't create a world readable logfile %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

2.1CVSS6.7AI score0.00037EPSS

Exploits0References3

Kitploit•added 2014/04/07 11:29 p.m.•19 views

Passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffes traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers...

7.2AI score

Exploits0References1

exploitpack•added 2013/05/06 12:0 a.m.•19 views

D-Link DSL-320B - Multiple Vulnerabilities

D-Link DSL-320B - Multiple Vulnerabilities Device: DSL-320B Firmware Version: EUDSL-320B v1.23 date: 28.12.2010 Vendor URL: http://www.dlink.com/de/de/home-solutions/connect/modems-and-gateways/dsl-320b-adsl-2-ethernet-modem ============ Vulnerability Overview: ============ Access to the Config...

0.2AI score

Exploits0

securityvulns•added 2013/05/04 12:0 a.m.•96 views

WowzaMediaServer SecureToken bypass (and worse)

Product: Wowza Media Server URL: http://www.wowza.com/ Description: WMS is a quite popular RTMP/HLS/HDS/RTSP streaming server Issue: By default all installations of WMS use four modules in their application's config file: base, properties, logging, flvplayback. I've found out that the properties...

0.2AI score

Exploits0

Exploit DB•added 2012/07/02 12:0 a.m.•22 views

WordPress Plugin Backup 2.0.1 - Information Disclosure

Exploit Title: WordPress Backup plugin exposes site data Google Dork: http://www.google.com/search?q=inurl:wp-content/backup.log Date: 01-jul-2012 Exploit Author: Stephan Knauss Vendor Homepage: http://wordpress.org/extend/plugins/backup/ Software Link:...

7.4AI score

Exploits0

Tenable Nessus•added 2012/02/03 12:0 a.m.•49 views

Debian DSA-2401-1 : tomcat6 - several vulnerabilities

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine : - CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 The HTTP Digest Access Authentication implementation performed insufficient countermeasures against replay attacks. - CVE-2011-2204 In rare setups passwords were...

7.5CVSS5.5AI score0.766EPSS

Exploits10References22

OSV•added 2012/02/02 12:0 a.m.•36 views

DSA-2401-1 tomcat6 - several

Bulletin has no description...

7.5CVSS6.1AI score0.766EPSS

Exploits10

seebug.org•added 2011/12/01 12:0 a.m.•50 views

IBM Lotus Domino Server Controller Authentication Bypass Vulnerability

No description provided by source. Exploit Title: IBM Lotus Domino Controller auth. bypass Date:30/11/2011 Author: Alexey Sintsov Software Link: http://www.ibm.com/ Version:8.5.3/8.5.2 FP3 0day Tested on: Windows 7 / Windows 2008 CVE : CVE-2011-1519 Application: IBM Lotus Domino Controller Versio...

10CVSS6.6AI score0.09065EPSS

Exploits4

The Hacker News•added 2011/06/18 7:17 a.m.•7 views

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

6.8AI score

Exploits0

The Hacker News•added 2011/06/18 7:17 a.m.•6 views

SAMHAIN v2.8.5 - intrusion detection system

7AI score

Exploits0

OpenVAS•added 2011/03/22 12:0 a.m.•26 views

Ruby on Rails Logfile Injection Vulnerability (Mar 2011)

Ruby on Rails is prone to a file injection vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

4.3CVSS7AI score0.08484EPSS

Exploits1References4

exploitpack•added 2010/11/02 12:0 a.m.•29 views

BroadWorks - Call Detail Record Security Bypass

BroadWorks - Call Detail Record Security Bypass source: https://www.securityfocus.com/bid/44597/info BroadWorks is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and to obtain sensitive information. Successful exploits will...

Exploits0

NVD•added 2010/03/19 7:0 p.m.•12 views

CVE-2010-1014

Cross-site scripting XSS vulnerability in the Reports Logfile View reportslogview extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00263EPSS

Exploits0References2

Prion•added 2010/03/19 7:0 p.m.•6 views

Cross site scripting

4.3CVSS6.2AI score0.00263EPSS

Exploits0References2Affected Software1

seebug.org•added 2009/09/22 12:0 a.m.•16 views

Snort < 2.8.5 Unified1 Output Denial of Service Exploit

No description provided by source. Advisory: ========= Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify Log: ==== 30/06/2009 Bug detected. 20/07/2009 First mail with snort team. 20/07/2009 Snort team answer they will fix it in the next release 2.8.5. 16/09/2009 Snort...

7.1AI score

Exploits0

seebug.org•added 2009/09/21 12:0 a.m.•15 views

Snort unified 1 IDS Logging Alert Evasion Logfile Corruption/Alert Falsify

7.1AI score

Exploits0

exploitpack•added 2009/09/21 12:0 a.m.•11 views

Snort unified 1 IDS Logging - Alert Evasion Logfile CorruptionAlert Falsify

Snort unified 1 IDS Logging - Alert Evasion Logfile CorruptionAlert Falsify Advisory: ========= Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify Log: ==== 30/06/2009 Bug detected. 20/07/2009 First mail with snort team. 20/07/2009 Snort team answer they will fix it in th...

7.4AI score

Exploits0

Exploit DB•added 2009/09/21 12:0 a.m.•24 views

Snort unified 1 IDS Logging - Alert Evasion & Logfile Corruption/Alert Falsify

Advisory: ========= Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify Log: ==== 30/06/2009 Bug detected. 20/07/2009 First mail with snort team. 20/07/2009 Snort team answer they will fix it in the next release 2.8.5. 16/09/2009 Snort release, bug fixed. Affected Versions...

7.4AI score

Exploits0

0day.today•added 2009/09/21 12:0 a.m.•15 views

Snort < 2.8.5 Unified1 Output Denial of Service Exploit

Exploit for multiple platform in category dos / poc ======================================================= Snort 2.8.5 Unified1 Output Denial of Service Exploit ======================================================= Advisory: ========= Snort unified 1 IDS Logging Alert Evasion, Logfile...

7.1AI score

Exploits0

CVE•added 2009/08/18 10:0 p.m.•46 views

CVE-2009-1873

Adobe JRun 4.x Management Console is affected by CVE-2009-1873: a directory traversal in logviewer.jsp that, when exploited by an authenticated remote attacker via the logfile parameter, allows reading arbitrary files on the server. Affected product is Adobe JRun Application Server 4 Updater 7. C...

4CVSS6.1AI score0.03693EPSS

Exploits5References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by