Lucene search
K

987 matches found

CVE
CVE
added 2011/11/22 11:0 a.m.48 views

CVE-2011-4503

The CVE-2011-4503 issue affects Broadcom Linux on the Sitecom WL-111, specifically the UPnP IGD implementation. The vulnerability allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request toward the WAN interface, tied to an “external f...

7.5CVSS7AI score0.02094EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2011/11/22 11:0 a.m.23 views

CVE-2011-4503

The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability...

6.8AI score0.02094EPSS
Exploits0References2
Cvelist
Cvelist
added 2011/11/22 11:0 a.m.24 views

CVE-2011-4505

The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability...

7AI score0.01309EPSS
Exploits0References2
Cvelist
Cvelist
added 2011/11/22 11:0 a.m.34 views

CVE-2011-4499

The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMappi...

6.9AI score0.01309EPSS
Exploits0References2
Cvelist
Cvelist
added 2011/11/22 11:0 a.m.20 views

CVE-2011-4501

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers...

6.9AI score0.04201EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/11/22 11:0 a.m.29 views

CVE-2011-4506

The UPnP IGD implementation on the Thomson aka Technicolor TG585 with firmware 7.x before 7.4.3.2 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability...

6.9AI score0.01309EPSS
Exploits0References2
CVE
CVE
added 2011/11/22 11:0 a.m.41 views

CVE-2011-4504

The CVE-2011-4504 entry concerns the UPnP IGD implementation in the Pseudo ICS UPnP software used by ZyXEL P-330W. The vulnerability arises in the UPnP AddPortMapping action processed on the WAN interface, related to an “external forwarding” issue, enabling remote attackers to establish arbitrary...

7.5CVSS7AI score0.01428EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2011/11/22 11:0 a.m.55 views

CVE-2011-4501

The CVE-2011-4501 entry describes a flaw in the UPnP IGD implementation (Edimax EdiLinux) on devices including Edimax BR-6104K (firmware <3.25), Edimax 6114Wg, Canyon-Tech CN-WF512 (fw 1.83), Canyon-Tech CN-WF514 (fw 2.08), Sitecom WL-153 (fw

10CVSS7.1AI score0.04201EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2010/10/24 12:0 a.m.26 views

Ubuntu 10.04 LTS : libvirt update (USN-1008-3)

USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04 LTS reverted a recent bug fix update. This update fixes the problem. We apologize for the inconvenience. It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A...

4.4CVSS7.3AI score0.00423EPSS
Exploits0References5
OSV
OSV
added 2010/08/19 6:0 p.m.2 views

DEBIAN-CVE-2010-2242

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...

2.1CVSS7.2AI score0.00423EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/06/22 1:54 p.m.5 views

libspice: Insufficient guest provided memory mappings boundaries validations

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor aka RHEV-H or rhev-hypervisor before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings...

7.4CVSS5.9AI score0.00486EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.37 views

RedHat Update for kernel RHSA-2007:1049-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2007:1049-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

4.9CVSS0.6AI score0.00431EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/02/19 12:0 a.m.14 views

Internet Gateway Device WAN Interface UPnP Access

Nessus was able to add 'port mappings' to the remote IGD router by sending a SOAP request to its external interface. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid35710; scriptversion"$Revision: 1.8 $"; scriptcvsdate"$Date: 2016/10/13 15:15:41 $";...

5.5AI score
Exploits0
CVE
CVE
added 2008/11/06 11:0 a.m.53 views

CVE-2008-4984

The CVE-2008-4984 issue affects scratchbox2 version 1.99.0.24, where local users can overwrite arbitrary files via a symlink attack on temporary files (e.g., /tmp/dpkg.#####.tmp, /tmp/missing_deps.#####, /tmp/sb2-pkg-chk.$tstamp.#####) related to the dpkg-checkbuilddeps and sb2-check-pkg-mappings...

6.9CVSS6.4AI score0.00318EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2008/07/18 12:0 a.m.31 views

Arbitrary code execution in Netrw version 127, Vim 7.2b

Summary Product : Vim -- Vi IMproved, Netrw Version : Tested with Vim 7.2b, Netrw 127 Impact : Arbitrary code execution Wherefrom: Local, possibly remote Original : http://www.rdancer.org/vulnerablevim-netrw.v5.html http://www.rdancer.org/vulnerablevim-latest.tar.bz2 Lack of sanitization...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/04 12:0 a.m.52 views

CentOS 3 : kernel (CESA-2007:1049)

Updated kernel packages that fix several security issues and a bug in the Red Hat Enterprise Linux 3 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

4.9CVSS5.7AI score0.00431EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2007/12/04 12:0 a.m.41 views

RHEL 3 : kernel (RHSA-2007:1049)

Updated kernel packages that fix several security issues and a bug in the Red Hat Enterprise Linux 3 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

4.9CVSS5.7AI score0.00431EPSS
Exploits0References11
Cvelist
Cvelist
added 2005/11/16 9:17 p.m.19 views

CVE-2002-2142

An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper...

6.5AI score0.01283EPSS
Exploits0References3
CVE
CVE
added 2005/11/16 9:17 p.m.43 views

CVE-2002-2142

Technical details (affected products, versions, root cause, remediation) are not publicly provided in the connected documents; monitor for updates.

7.5CVSS6.9AI score0.01283EPSS
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.53 views

Microsoft IIS IDA/IDQ Path Disclosure Vulnerability (MS00-006) - Active Check

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. SPDX-FileCopyrightText: 2000 Filipe Custodio Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

5CVSS6.5AI score0.7843EPSS
Exploits0References4
Rows per page
Query Builder