Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

335 matches found

Tenable Nessus
Tenable Nessusadded 2007/06/08 12:0 a.m.25 views

Debian DSA-1299-1 : ipsec-tools - missing input sanitising

It was discovered that a specially crafted packet sent to the racoon ipsec key exchange server could cause a tunnel to crash, resulting in a denial of service. The oldstable distribution sarge isn't affected by this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

4.3CVSS5.3AI score0.09807EPSS
Exploits0References2
Debian
Debianadded 2007/06/07 5:52 p.m.18 views

[SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of service

--------------------------------------------------------------------------- Debian Security Advisory DSA 1299-1 [email protected] http://www.debian.org/security/ dann frazier June 7th, 2007 http://www.debian.org/security/faq -...

4.3CVSS6AI score0.05802EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2007/06/01 12:0 a.m.23 views

Debian DSA-1298-1 : otrs2 - missing input sanitising

It was discovered that the Open Ticket Request System performs insufficient input sanitising for the Subaction parameter, which allows the injection of arbitrary web script code. The oldstable distribution sarge doesn't include otrs2. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

4.3CVSS5.6AI score0.05802EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2007/05/25 12:0 a.m.79 views

Debian DSA-1296-1 : php4 - missing input sanitising

It was discovered that the ftp extension of PHP, a server-side, HTML-embedded scripting language performs insufficient input sanitising, which permits an attacker to execute arbitrary FTP commands. This requires the attacker to already have access to the FTP server. %NASLMINLEVEL 70300 C Tenable...

2.6CVSS5.7AI score0.07583EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2007/03/18 12:0 a.m.29 views

Debian DSA-1267-1 : webcalendar - missing input sanitising

It was discovered that WebCalendar, a PHP-based calendar application, insufficiently protects an internal variable, which allows remote file inclusion. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

7.5CVSS5.4AI score0.02729EPSS
Exploits0References2
securityvulns
securityvulnsadded 2007/01/15 12:0 a.m.62 views

[SECURITY] [DSA 1248-1] New libsoup packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1248-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 12nd, 2007 http://www.debian.org/security/faq -...

7.8CVSS1AI score0.07492EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2006/10/14 12:0 a.m.47 views

Debian DSA-1010-1 : ilohamail - missing input sanitising

Ulf Harnhammar from the Debian Security Audit Project discovered that ilohamail, a lightweight multilingual web-based IMAP/POP3 client, does not always sanitise input provided by users which allows remote attackers to inject arbitrary web script or HTML. %NASLMINLEVEL 70300 C Tenable Network...

4.3CVSS5.6AI score0.00527EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2006/10/14 12:0 a.m.21 views

Debian DSA-953-1 : flyspray - missing input sanitising

Several cross-site scripting vulnerabilities have been discovered in flyspray, a lightweight bug tracking system, which allows attackers to insert arbitrary script code into the index page. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

4.3CVSS5.4AI score0.10245EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2006/10/14 12:0 a.m.24 views

Debian DSA-1066-1 : phpbb2 - missing input sanitising

It was discovered that phpbb2, a web-based bulletin board, does insufficiently sanitise values passed to the 'Font Colour 3' setting, which might lead to the execution of injected code by admin users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

6CVSS5.6AI score0.04788EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2006/10/14 12:0 a.m.15 views

Debian DSA-1144-1 : chmlib - missing input sanitising

It was discovered that one of the utilities shipped with chmlib, a library for dealing with Microsoft CHM files, performs insufficient sanitising of filenames, which might lead to directory traversal. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

5CVSS5.4AI score0.02096EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2006/10/14 12:0 a.m.24 views

Debian DSA-1130-1 : sitebar - missing input validation

A cross-site scripting vulnerability has been discovered in sitebar, a web-based bookmark manager written in PHP, which allows remote attackers to inject arbitrary web script or HTML. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

2.6CVSS5.1AI score0.01357EPSS
Exploits2References3
Debian
Debianadded 2006/08/01 8:20 p.m.33 views

[SECURITY] [DSA 1133-1] New mantis packages fix execution of arbitrary web script code

-------------------------------------------------------------------------- Debian Security Advisory DSA 1133-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 1st, 2006 http://www.debian.org/security/faq -...

10CVSS6.8AI score0.10749EPSS
Exploits2
Debian
Debianadded 2006/05/19 6:29 p.m.15 views

[SECURITY] [DSA 1061-1] New popfile packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1061-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 19th, 2006 http://www.debian.org/security/faq -...

5CVSS6.3AI score0.01271EPSS
Exploits0
Debian
Debianadded 2006/05/18 4:28 p.m.32 views

[SECURITY] [DSA 1058-1] New awstats packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1058-1 [email protected] http://www.debian.org/security/ Martin Schulze May 18th, 2006 http://www.debian.org/security/faq -...

5.1CVSS6.3AI score0.90596EPSS
Exploits10
Tenable Nessus
Tenable Nessusadded 2005/10/24 12:0 a.m.18 views

Debian DSA-869-1 : eric - missing input sanitising

The developers of eric, a full featured Python IDE, have fixed a bug in the processing of project files that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...

10CVSS5.6AI score0.00692EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2005/10/11 12:0 a.m.19 views

Debian DSA-847-1 : dia - missing input sanitising

Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

5.1CVSS5.8AI score0.02533EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2005/10/05 12:0 a.m.23 views

Debian DSA-820-1 : courier - missing input sanitising

Jakob Balle discovered that with 'Conditional Comments' in Internet Explorer it is possible to hide JavaScript code in comments that will be executed when the browser views a malicious email via sqwebmail. Successful exploitation requires that the user is using Internet Explorer. %NASLMINLEVEL...

4.3CVSS5.5AI score0.00648EPSS
Exploits0References3
securityvulns
securityvulnsadded 2005/09/26 12:0 a.m.39 views

[SECURITY] [DSA 820-1] New courier packages fix cross-site scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 820-1 [email protected] http://www.debian.org/security/ Martin Schulze September 24th, 2005 http://www.debian.org/security/faq -...

4.3CVSS0.1AI score0.00648EPSS
Exploits0
Debian
Debianadded 2005/08/23 9:47 a.m.19 views

[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 782-1 [email protected] http://www.debian.org/security/ Martin Schulze August 23rd, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.4AI score0.01141EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2005/08/23 12:0 a.m.16 views

Debian DSA-782-1 : bluez-utils - missing input sanitising

Henryk Plotz discovered a vulnerability in bluez-utils, tools and daemons for Bluetooth. Due to missing input sanitising it is possible for an attacker to execute arbitrary commands supplied as device name from the remote device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

7.5CVSS6AI score0.01141EPSS
Exploits0References3
Rows per page
Query Builder