Lucene search
K

7307 matches found

CVE
CVE
added 2008/04/04 7:0 p.m.68 views

CVE-2008-1154

The CVE-2008-1154 issue affects Cisco Unified Communications products featuring Disaster Recovery Framework (DRF). The DRF Master server accepts network requests without authentication, allowing a remote, unauthenticated attacker to perform DRF tasks and, per the sources, potentially execute arbi...

10CVSS7.9AI score0.05139EPSS
Exploits1References6Affected Software4
securityvulns
securityvulns
added 2008/03/22 12:0 a.m.47 views

webutil.pl is still vulnerable against Remote Command Execution.

Webutil is a collection of networking tools by "The Puppet Master". Access the following url and type in the form field "$cat$IFS/etc/passwd": http://server/cgi-bin/webutil.pl?dig http://server/cgi-bin/webutil.pl?whois Version 2.3 only Type in the following url Version 2.7 only:...

2.6AI score
Exploits0
Packet Storm
Packet Storm
added 2008/03/21 12:0 a.m.20 views

webutil-exec.txt

Webutil is a collection of networking tools by "The Puppet Master". Access the following url and type in the form field "$cat$IFS/etc/passwd": http://server/cgi-bin/webutil.pl?dig http://server/cgi-bin/webutil.pl?whois Version 2.3 only Type in the following url Version 2.7 only:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/24 12:0 a.m.30 views

RHEL 4 : autofs5 (RHSA-2007:1177)

Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of the automount daemon, which...

6.2CVSS5.5AI score0.00355EPSS
Exploits0References3
seebug.org
seebug.org
added 2007/12/13 12:0 a.m.16 views

Fastpublish CMS 1.9999 config[fsBase] RFI Vulnerability

No description provided by source. Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...

7.1AI score
Exploits0
Cent OS
Cent OS
added 2007/12/12 2:56 p.m.61 views

autofs security update

CentOS Errata and Security Advisory CESA-2007:1128 Updated autofs packages are now available to fix a security flaw for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of th...

6.9CVSS5.8AI score0.00479EPSS
Exploits1References7
OSV
OSV
added 2007/12/06 2:46 a.m.3 views

DEBIAN-CVE-2007-5972

Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...

9CVSS7.2AI score0.02676EPSS
Exploits0References1
Snyk
Snyk
added 2007/12/06 2:46 a.m.2 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores...

9CVSS7.2AI score0.02676EPSS
Exploits0References2
OSV
OSV
added 2007/12/06 2:46 a.m.10 views

CVE-2007-5972

Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...

6.2AI score0.02676EPSS
Exploits0References13
Cvelist
Cvelist
added 2007/12/06 2:0 a.m.25 views

CVE-2007-5972

Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...

6.2AI score0.02676EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2007/12/05 12:0 a.m.30 views

CVE-2007-5972

Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...

9CVSS7.2AI score0.02676EPSS
Exploits0References3
myhack58
myhack58
added 2007/07/25 12:0 a.m.36 views

The world invincible! Flash game modifier cheat Raiders-vulnerability warning-the black bar safety net

Now online there are many flash games, these games, although compact, has simple operation, resistant to play is popular in the network, and some large game compared favorably. They are in our stressful life life add unlimited fun. In these game world ride, will inevitably encounter some of the...

0.2AI score
Exploits0
Debian CVE
Debian CVE
added 2007/06/20 10:0 p.m.42 views

CVE-2007-3304

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

4.7CVSS6.2AI score0.03298EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2007/04/22 12:0 a.m.4 views

PT-2007-3317 · Bmc · Bmc Performance Manager

Name of the Vulnerable Software and Affected Versions: BMC Performance Manager affected versions not specified Description: The issue concerns a lack of authentication requirement for requests to modify configuration files. This could potentially allow remote attackers to execute arbitrary code b...

7.5CVSS8.2AI score0.03968EPSS
Exploits0References8
securityvulns
securityvulns
added 2007/04/16 12:0 a.m.112 views

Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities

Sitebar = 3.3.5 Remote File Include Vulnerabilities D.Script: http://scripts.ringsworld.com/bookmark-management/sitebar-3.3.5.zip -::AUTHOR: VerY-SecReT Homepage: http://www.sniper-sa.com Exploit: :- target/sitebar/index.php?writerFile=Shell target/sitebar/Integrator.php?file=Shell $Includer:...

1.2AI score
Exploits0
0day.today
0day.today
added 2007/03/19 12:0 a.m.31 views

NetVios Portal (page.asp) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================ NetVios Portal page.asp Remote SQL Injection Vulnerability ============================================================ Title : NetVios Portal page.asp Remote SQL Injection...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/03/14 5:2 a.m.5 views

NSS: SSLv2 protocol buffer overflows

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...

6.8CVSS8AI score0.5036EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/03/14 12:24 a.m.4 views

NSS: SSLv2 protocol buffer overflows

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...

6.8CVSS8AI score0.5036EPSS
Exploits0References4
NVD
NVD
added 2007/03/10 12:19 a.m.14 views

CVE-2006-7163

DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master password is set, which allows attackers with physical access to read the database contents via an unspecified authentication bypass. NOTE: the provenance of this information is unknown; the details are...

6.9CVSS6.3AI score0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/03/10 12:0 a.m.19 views

CVE-2006-7163

DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master password is set, which allows attackers with physical access to read the database contents via an unspecified authentication bypass. NOTE: the provenance of this information is unknown; the details are...

6.3AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder