Lucene search
K

7141 matches found

NVD
NVD
added 2007/09/24 10:17 p.m.15 views

CVE-2007-5058

Cross-site scripting XSS vulnerability in the Web administration interface in Barracuda Spam Firewall before firmware 3.5.10.016 allows remote attackers to inject arbitrary web script or HTML via the username field in a login attempt, which is not properly handled when the Monitor Web Syslog scre...

4.3CVSS5.7AI score0.01569EPSS
Exploits0References10
Prion
Prion
added 2007/09/19 1:17 a.m.16 views

Design/Logic Flaw

Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including 1...

4.4CVSS7.2AI score0.00284EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/09/19 1:17 a.m.17 views

CVE-2007-4969

Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including 1...

4.4CVSS6.6AI score0.00284EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/09/19 1:0 a.m.25 views

CVE-2007-4969

Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including 1...

6.6AI score0.00284EPSS
Exploits0References5
CVE
CVE
added 2007/09/19 1:0 a.m.41 views

CVE-2007-4969

CVE-2007-4969 affects Process Monitor 1.22. The vulnerability stems from improper validation of parameters to System Service Descriptor Table (SSDT) function handlers, enabling local users to crash the system and potentially gain privileges via unspecified kernel SSDT hooks for Windows Native API...

4.4CVSS6.7AI score0.00284EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/08/13 9:17 p.m.12 views

CVE-2007-4305

Multiple race conditions in the 1 Sudo monitor mode and 2 Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing...

6.2CVSS6.4AI score0.00858EPSS
Exploits1References3
Cent OS
Cent OS
added 2007/08/07 9:12 p.m.59 views

libgtop2 security update

CentOS Errata and Security Advisory CESA-2007:0765 An updated libgtop2 package that fixes a security issue and a functionality bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libgtop2...

3.7CVSS5.9AI score0.00885EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2007/08/07 7:23 p.m.9 views

Stack overflow libgtop when pathname of mmap()-ed file is too long

Stack-based buffer overflow in the glibtopgetprocmaps function in libgtop before 2.14.6 libgtop2 allows local users to cause a denial of service crash and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in...

3.7CVSS6.4AI score0.00885EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/08/07 7:23 p.m.20 views

Moderate: Red Hat Security Advisory: libgtop2 security update

An updated libgtop2 package that fixes a security issue and a functionality bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libgtop2 package contains a library for obtaining information...

3.7CVSS5.9AI score0.00885EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2007/06/26 12:0 a.m.51 views

Important: xen security update

3.0.3-25.0.3.el5 - fix ethernet bonding in balanced-rr mode, respin rhbz215887 3.0.3-25.0.2.el5 - fix ethernet bonding in balanced-rr mode rhbz215887 3.0.3-25.0.1.el5 - disable qemu monitor mode, for security reasons rhbz230295 - fix IA64 shadow page table mode rhbz230459, rhbz230331...

4.3CVSS1.5AI score0.01896EPSS
Exploits0
Cvelist
Cvelist
added 2007/06/11 6:0 p.m.24 views

CVE-2005-4842

The System Monitor Source Properties control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

6.7AI score0.09274EPSS
Exploits0References1
CVE
CVE
added 2007/06/11 6:0 p.m.52 views

CVE-2005-4842

The CVE-2005-4842 entry describes a vulnerability in the System Monitor Source Properties control that can cause a denial-of-service (Internet Explorer crash) when a remote attacker creates a COM object of the control’s CLSID, which IE does not intend to use. Multiple sources (NVD, CVE list, Red ...

7.1CVSS7AI score0.09274EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2007/04/25 8:19 p.m.16 views

CVE-2007-2275

Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or addition of new users...

4.6CVSS6.4AI score0.00472EPSS
Exploits0References6
Prion
Prion
added 2007/04/03 4:19 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors...

5CVSS6.8AI score0.01252EPSS
Exploits0References6Affected Software5
CVE
CVE
added 2007/04/03 4:0 p.m.50 views

CVE-2007-1853

Technical details about CVE-2007-1853 are not publicly provided in the supplied documents; no affected products, root cause, vectors, or fixes are stated. Monitor for updates.

5CVSS6.3AI score0.01252EPSS
Exploits0References6Affected Software5
UbuntuCve
UbuntuCve
added 2007/03/20 10:19 a.m.26 views

CVE-2007-0998

The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE...

4.3CVSS5.9AI score0.01896EPSS
Exploits0References1
Prion
Prion
added 2007/03/20 10:19 a.m.26 views

Design/Logic Flaw

The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE...

4.3CVSS6.2AI score0.01896EPSS
Exploits0References16
Cvelist
Cvelist
added 2007/03/20 10:0 a.m.21 views

CVE-2007-0998

The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE...

3.5AI score0.01896EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2007/03/14 5:6 a.m.4 views

HVM guest VNC server allows compromise of entire host OS by any VNC console user

The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE...

4.3CVSS5.9AI score0.01896EPSS
Exploits0References4
0day.today
0day.today
added 2007/03/05 12:0 a.m.22 views

Links Management Application 1.0 (lcnt) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== Links Management Application 1.0 lcnt Remote SQL Injection Exploit ==================================================================== !/usr/bin/perl Script Name: Links...

7.1AI score
Exploits0
Rows per page
Query Builder