Lucene search
K

2319 matches found

Prion
Prion
added 2008/10/22 6:0 p.m.23 views

Code injection

The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors...

10CVSS6.6AI score0.02072EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2008/10/22 5:0 p.m.59 views

CVE-2008-4692

CVE-2008-4692 affects IBM DB2’s Native Managed Provider for .NET. When a definer cannot maintain objects, it preserves views and triggers without marking them inoperative or dropping them, giving an unknown impact. Remediation is provided via fixes: IBM DB2 9.1 FP6 and DB2 9.5 FP2 (and related pa...

10CVSS9.3AI score0.02072EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2008/10/22 5:0 p.m.29 views

CVE-2008-4692

The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors...

6.3AI score0.02072EPSS
Exploits0References9
seebug.org
seebug.org
added 2008/04/11 12:0 a.m.42 views

Microsoft VBScript和JScript脚本引擎远程溢出漏洞(MS08-022)

BUGTRAQ ID: 28551 CVECAN ID: CVE-2008-0083 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的VBScript和JScript脚本引擎在处理畸形数据时存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 Windows的VBScript和JScript脚本引擎在解码网页中的脚本时允许脚本加载到内存中运行,这可能导致缓冲区溢出。如果用户打开了特制文件或访问正在运行特制脚本的网站,则此漏洞可能允许远程执行代码。 Microsoft VBScript/JScript 5.1 - Microsoft Windows 2000...

9.3CVSS6.5AI score0.29963EPSS
Exploits1
Exploit DB
Exploit DB
added 2008/04/07 12:0 a.m.43 views

Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow

!-- aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 07-Apr-2008 Software: Tumbleweed Communications - SecureTransport FileTransfer http://www.tumbleweed.com/ Description: "Tumbleweed SecureTransport is the industry's most secure Managed File...

7.4AI score
Exploits0
NVD
NVD
added 2008/02/12 8:0 p.m.12 views

CVE-2008-0636

Level Platforms, Inc. LPI Managed Workplace Service Center 4.x, 5.x and 6.x allows remote attackers to obtain sensitive information via a direct request to About/SCAbout.htm, which provides version and patch information...

5CVSS6.2AI score0.02593EPSS
Exploits1References5
CVE
CVE
added 2008/02/12 7:0 p.m.34 views

CVE-2008-0636

Level Platforms, Inc. (LPI) Managed Workplace Service Center versions 4.x–6.x expose_version and patch information via a direct request to About/SC_About.htm, enabling information disclosure to remote attackers. The underlying vulnerability is an information-leak through an unprotected About page...

5CVSS6.2AI score0.02593EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2008/02/12 2:0 a.m.19 views

CVE-2008-0215

Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management SRM before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors...

10CVSS6.7AI score0.03739EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2008/02/08 12:0 a.m.29 views

Managed Workplace Service Center 4.x/5.x/6.x - Installation Information Disclosure

source: https://www.securityfocus.com/bid/27702/info Managed Workplace Service Center is prone to an information-disclosure vulnerability because the application fails to protect private information. Attackers may exploit this issue to retrieve sensitive information that may aid in further attack...

7.4AI score
Exploits0
NVD
NVD
added 2007/08/31 12:17 a.m.16 views

CVE-2007-4614

BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426...

7.5CVSS6.4AI score0.01195EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/08/31 12:0 a.m.23 views

CVE-2007-4614

BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426...

6.4AI score0.01195EPSS
Exploits0References3
seebug.org
seebug.org
added 2007/05/25 12:0 a.m.20 views

Avast! Managed Client CAB文件处理远程堆溢出漏洞

Avast!是一款反病毒应用程序。 Avast! Managed Client处理CAB文件存在堆溢出问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 Avast! Antivirus Managed Client 4.7.652 Avast! Antivirus Managed Client 4.6.394 厂商解决方案 升级到Avast! Managed Client 4.7.700版本: http://www.avast.com/eng/adnm-management-client-revision-history.html...

7.1AI score
Exploits0
Prion
Prion
added 2007/05/24 6:30 p.m.13 views

Heap overflow

Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around"...

9.3CVSS8.6AI score0.06275EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2007/02/23 2:28 a.m.13 views

Buffer overflow

Buffer overflow in the Configuration Checker ConfigChk ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method...

9.3CVSS8.5AI score0.0823EPSS
Exploits0References16Affected Software1
NVD
NVD
added 2007/02/23 2:28 a.m.22 views

CVE-2007-1083

Buffer overflow in the Configuration Checker ConfigChk ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method...

9.3CVSS7.8AI score0.0823EPSS
Exploits0References16
CVE
CVE
added 2007/02/23 12:0 a.m.73 views

CVE-2007-1083

The CVE-2007-1083 issue affects the VeriSign Configuration Checker ActiveX control (VSCnfChk.dll, version 2.0.0.2) used in VeriSign PKI products. The Nessus entry confirms a stack/buffer overflow in VerCompare() that can allow remote code execution when a user is tricked into loading a crafted we...

9.3CVSS7.8AI score0.0823EPSS
Exploits0References16Affected Software1
NVD
NVD
added 2007/01/23 12:28 a.m.28 views

CVE-2007-0426

BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Portal entitlements, does not properly propagate entitlement policy changes if the changes are made on a managed server while the Administrative Server is unavailable, which might allow attackers to...

6.8CVSS6.3AI score0.02568EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/01/23 12:0 a.m.25 views

CVE-2007-0426

BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Portal entitlements, does not properly propagate entitlement policy changes if the changes are made on a managed server while the Administrative Server is unavailable, which might allow attackers to...

6.3AI score0.02568EPSS
Exploits0References7
seebug.org
seebug.org
added 2006/12/13 12:0 a.m.22 views

Lanifex Database of Managed Objects Access_manager.PHP远程文件包含漏洞

Lanifex Database of Managed Objects是一款基于PHP的WEB应用程序。 Lanifex Database of Managed Objects不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Accessmanager.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Lanifex Lanifex 2.3 Beta Lanifex Lanifex 2.2 无 !/usr/bin/perl use LWP::UserAgent; / +...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/08/30 12:0 a.m.262 views

Lanifex DMO <= 2.3b (_incMgr) Remote File Include Exploit

Exploit for unknown platform in category web applications ========================================================= Lanifex DMO s...

7.1AI score
Exploits0
Rows per page
Query Builder