Lucene search
K

290 matches found

UbuntuCve
UbuntuCve
added 2011/10/03 12:0 a.m.14 views

CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...

4.3CVSS5.9AI score0.02507EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2010/10/14 3:26 p.m.7 views

kernel: drivers/net/cxgb3/cxgb3_main.c reading uninitialized stack memory

The cxgbextensionioctl function in drivers/net/cxgb3/cxgb3main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIOGETQSETNUM ioctl call...

2.1CVSS6.1AI score0.00432EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2010/04/14 12:0 a.m.29 views

PHP 6.0 Dev str_transliterate() Buffer Overflow

whoami whoami nt authority\system / errorreporting0; $bases = $GET'poss'; $basee = $GET'pose'; $offs = $GET'offs'; $offe = $GET'offe'; ifinigetbool'unicode.semantics' $buff = strrepeat"\u4141", 32; $tbp = "\u2650\u6EE5"; // 6EE52650 ADDRESS TO BE PATCHED BY WPM $ptw = "\u2FE0\u6EE5"; // 6EE52FE0...

0.8AI score
Exploits0
Prion
Prion
added 2008/07/25 1:41 p.m.14 views

Sql injection

SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magicquotesgpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter...

6CVSS8.6AI score0.02181EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2008/03/21 12:0 a.m.40 views

PostNuke 0.764 - Blind SQL Injection

!/usr/bin/python ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2007/10/18 10:0 a.m.23 views

CVE-2002-2296

Cross-site scripting XSS vulnerability in YaBB.pl in Yet Another Bulletin Board YaBB 1 Gold SP 1 allows remote attackers to inject arbitrary web script or HTML via the num parameter...

5.7AI score0.01436EPSS
Exploits1References3
OSV
OSV
added 2006/11/30 11:28 p.m.3 views

DEBIAN-CVE-2006-4514

Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...

7.5CVSS8.2AI score0.04065EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2006/07/18 12:37 p.m.3 views

security flaw

Buffer overflow in the xcfloadvector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property...

5.1CVSS6.2AI score0.05044EPSS
Exploits0References4
OSV
OSV
added 2006/07/06 8:5 p.m.2 views

DEBIAN-CVE-2006-3404

Buffer overflow in the xcfloadvector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property...

5.1CVSS8AI score0.05044EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/12/20 2:52 p.m.3 views

security flaw

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as 1 Poppler, 2 teTeX, 3 KDE kpdf, and 4 pdftohtml, 5 KOffice KWord, 6 CUPS, and 7 libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps number o...

7.5CVSS6.4AI score0.0614EPSS
Exploits0References4
Rows per page
Query Builder