CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

172 matches found

Debian CVE•added 2010/08/02 8:0 p.m.•23 views

CVE-2009-4976

Removed by vendor...

4.3CVSS6.6AI score0.00254EPSS

Exploits0

RedHat Linux•added 2010/01/20 3:11 p.m.•4 views

BIND DNSSEC NSEC/NSEC3 validation code could cause bogus NXDOMAIN responses

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...

4.3CVSS7.2AI score0.02817EPSS

Exploits0References4

Cvelist•added 2009/07/02 10:0 a.m.•13 views

CVE-2009-2304

index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message...

6.2AI score0.00283EPSS

Exploits1References3

OSV•added 2008/07/28 5:41 p.m.•3 views

DEBIAN-CVE-2008-3350

dnsmasq 2.43 allows remote attackers to cause a denial of service daemon crash by 1 sending a DHCPINFORM while lacking a DHCP lease, or 2 attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214...

5CVSS7AI score0.0119EPSS

Exploits1References1

OSV•added 2008/07/28 5:41 p.m.•5 views

CVE-2008-3350

6.5AI score

Exploits0References6

Prion•added 2008/06/02 9:30 p.m.•21 views

Code injection

Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information user names by reading the error message produced upon access to a nonexistent blog...

5CVSS6AI score0.00457EPSS

Exploits1References7Affected Software2

UbuntuCve•added 2008/01/29 12:0 a.m.•30 views

CVE-2007-4770

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

6.8CVSS7.2AI score0.03259EPSS

Exploits0References2

Prion•added 2007/06/26 5:30 p.m.•10 views

Code injection

LiteWEB 2.7 allows remote attackers to cause a denial of service hang via a large number of requests for nonexistent pages...

5CVSS7.2AI score0.05003EPSS

Exploits0References5Affected Software1

CVE•added 2007/06/26 5:0 p.m.•40 views

CVE-2007-3398

CVE-2007-3398 affects LiteWEB 2.7. The issue allows a remote attacker to cause a denial of service (hang) by issuing a large number of requests for pages that do not exist. The connected documents do not provide explicit exploit details, impact beyond the hang, or remediation/patch information. N...

5CVSS6.7AI score0.05003EPSS

Exploits0References5Affected Software1

Cvelist•added 2007/06/26 5:0 p.m.•18 views

CVE-2007-3398

LiteWEB 2.7 allows remote attackers to cause a denial of service hang via a large number of requests for nonexistent pages...

6.6AI score0.05003EPSS

Exploits0References5

Prion•added 2007/06/21 10:30 p.m.•11 views

Null pointer dereference

BugHunter HTTP SERVER httpsv.exe 1.6.2 allows remote attackers to cause a denial of service application crash via a large number of requests for nonexistent pages...

7.8CVSS7.2AI score0.11519EPSS

Exploits0References7Affected Software1

NVD•added 2007/06/21 10:30 p.m.•14 views

CVE-2007-3340

BugHunter HTTP SERVER httpsv.exe 1.6.2 allows remote attackers to cause a denial of service application crash via a large number of requests for nonexistent pages...

7.8CVSS6.6AI score0.11519EPSS

Exploits0References7

OSV•added 2007/03/20 10:19 p.m.•1 views

DEBIAN-CVE-2007-1545

The AddResource function in server/dia/resource.c in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service server crash via a nonexistent client ID...

5CVSS6.8AI score0.083EPSS

Exploits1References1

UbuntuCve•added 2007/03/20 10:19 p.m.•17 views

CVE-2007-1545

The AddResource function in server/dia/resource.c in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service server crash via a nonexistent client ID...

5CVSS5.9AI score0.083EPSS

Exploits1References2

Debian CVE•added 2007/03/20 10:0 p.m.•18 views

CVE-2007-1545

The AddResource function in server/dia/resource.c in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service server crash via a nonexistent client ID...

5CVSS6.1AI score0.083EPSS

Exploits1

Prion•added 2007/01/29 5:28 p.m.•14 views

Design/Logic Flaw

KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service daemon hang via a large number of requests for nonexistent objects...

5CVSS7.1AI score0.18514EPSS

Exploits0References4Affected Software1

Cvelist•added 2007/01/29 5:0 p.m.•19 views

CVE-2007-0548

KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service daemon hang via a large number of requests for nonexistent objects...

6.6AI score0.18514EPSS

Exploits0References4

EUVD•added 2007/01/29 5:0 p.m.•3 views

EUVD-2007-0546

KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service daemon hang via a large number of requests for nonexistent objects...

5CVSS6.5AI score0.18514EPSS

Exploits0References4

NVD•added 2006/09/27 11:7 p.m.•8 views

CVE-2006-5035

Multiple cross-site scripting XSS vulnerabilities in Paul Smith Computer Services vCAP 1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the statusmsg parameter in RegisterPage.cgi or 2 a URI corresponding to a nonexistent file. NOTE: the provenance of this information is...

4.3CVSS5.6AI score0.00483EPSS

Exploits1References4