Lucene search
+L

1274 matches found

Prion
Prion
added 2014/12/01 4:59 p.m.17 views

Code injection

The Notify module 7.x-1.x before 7.x-1.1 for Drupal does not properly restrict access to 1 new or 2 modified nodes or 3 their fields, which allows remote authenticated users to obtain node titles, teasers, and fields by reading a notification email...

4CVSS6.7AI score0.00937EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/12/01 4:0 p.m.46 views

CVE-2014-9154

The CVE-2014-9154 entry concerns the Drupal Notify module (7.x-1.x) prior to version 7.x-1.1. The vulnerability arises because the module does not properly restrict access to new or modified nodes and their fields, enabling remote authenticated users to view node titles, teasers, and fields by re...

4CVSS6.4AI score0.00937EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/12/01 4:0 p.m.24 views

CVE-2014-9154

The Notify module 7.x-1.x before 7.x-1.1 for Drupal does not properly restrict access to 1 new or 2 modified nodes or 3 their fields, which allows remote authenticated users to obtain node titles, teasers, and fields by reading a notification email...

6.2AI score0.00937EPSS
Exploits0References2
OSV
OSV
added 2014/10/25 12:55 a.m.4 views

UBUNTU-CVE-2014-6251

Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request...

6CVSS6.1AI score0.0102EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2014/09/12 12:0 a.m.4 views

PT-2016-7397 · Systemd +2 · Systemd +2

Name of the Vulnerable Software and Affected Versions: systemd affected versions not specified Description: The issue allows local users to cause a denial of service, resulting in a system hang. This occurs when a zero-length message is received over a notify socket, causing an error to be return...

5.5CVSS5.5AI score0.00855EPSS
Exploits1References43
Drupal
Drupal
added 2014/08/13 12:0 a.m.28 views

SA-CONTRIB-2014-078 - Notify - Access bypass

The notify module allows users to subscribe to periodic emails which include all new or revised content and/or comments of specific content types, much like the daily newsletters sent by some websites. The Notify module does not sufficiently check whether the user has access to recently added or...

4CVSS6.3AI score0.00937EPSS
Exploits0References10
Cvelist
Cvelist
added 2014/07/23 2:0 p.m.21 views

CVE-2014-4503

The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...

6.4AI score0.01219EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

HP OpenView Radia 2.0/3.1/4.0 Notify Daemon Multiple Remote Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13835/info HP OpenView Radia Notify Daemon RADEXECD is affected by multiple remote buffer overflow vulnerabilities. An attacker can craft a malicious request that can overflow a buffer and result in process memory...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2014/04/23 5:39 p.m.10 views

Ian Dunn: Xss in CampTix Event Ticketing

Xss present in tools -- Notify I have made small video poc please have a look : https://www.dropbox.com/s/smuy4lfjwt9fx1v/ticket.mp4 Looking forward Atul...

0.1AI score
Exploits0
Prion
Prion
added 2014/04/04 2:55 p.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 notify or 2 blog parameter...

4.3CVSS6.2AI score0.09239EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2014/03/18 12:0 a.m.25 views

PHPMYWIND Sql Injection #2

简要描述: 过滤不严。 详细说明: PHPMyWind\data\alipay\notifyurl.php中 $alipayNotify = new AlipayNotify$alipayconfig; $verifyresult = $alipayNotify-verifyNotify; if$verifyresult //验证成功...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/11/20 4:57 p.m.6 views

Kernel: net: information leak in AF_KEY notify

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

2.1CVSS7.1AI score0.00552EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/09/16 5:1 p.m.5 views

Kernel: net: information leak in AF_KEY notify

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

2.1CVSS7.1AI score0.00552EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/09/16 5:1 p.m.5 views

Kernel: net: af_key: initialize satype in key_notify_policy_flush

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

2.1CVSS7.3AI score0.00557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/08/27 7:18 p.m.4 views

Kernel: net: af_key: initialize satype in key_notify_policy_flush

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

2.1CVSS7.3AI score0.00557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/08/20 6:55 p.m.4 views

Kernel: net: information leak in AF_KEY notify

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

2.1CVSS7.1AI score0.00552EPSS
Exploits1References4
OSV
OSV
added 2013/07/04 9:55 p.m.2 views

DEBIAN-CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

2.1CVSS7.4AI score0.00557EPSS
Exploits1References1
OSV
OSV
added 2013/07/04 12:0 a.m.2 views

UBUNTU-CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

2.1CVSS7.2AI score0.00557EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2013/07/04 12:0 a.m.3 views

PT-2013-3612 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.9 Description: The issue concerns the key notify policy flush function in the Linux kernel, which fails to initialize a certain structure member. This allows local users to obtain sensitive information from...

6.9CVSS6.3AI score0.04707EPSS
Exploits6References101
Positive Technologies
Positive Technologies
added 2013/07/04 12:0 a.m.3 views

PT-2013-3611 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10 Description: The issue affects the Linux kernel, where the key notify sa flush and key notify policy flush functions in net/key/af key.c do not properly initialize certain structure members. This allows loc...

7.2CVSS6.7AI score0.04707EPSS
Exploits21References183
Rows per page
Query Builder