CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2012/06/22 12:0 a.m.•23 views

Mandriva Update for libxml2 MDVSA-2012:098 (libxml2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS8.6AI score0.01986EPSS

Exploits0References2

NVD•added 2012/06/19 8:55 p.m.•18 views

CVE-2009-0695

hagent.exe in Wyse Device Manager WDM 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action...

7.5CVSS6.6AI score0.64232EPSS

Exploits11References5

Prion•added 2012/06/19 8:55 p.m.•18 views

Null pointer dereference

chanskinny.c in the Skinny aka SCCP channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related...

4CVSS6.4AI score0.03932EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2012/06/19 8:55 p.m.•25 views

CVE-2012-3553

4CVSS5.9AI score0.00069EPSS

Exploits0References2

Packet Storm•added 2012/06/14 12:0 a.m.•33 views

Wyse Machine Remote Power Off Denial Of Service

require 'msf/core' class Metasploit3 'Wyse Machine Remote Power off DOS', 'Description' = %q This module exploits the Wyse Rapport Hagent service and cause remote power cycle Power off the wyse machine remotely. , 'Stance' = Msf::Exploit::Stance::Aggressive, 'Author' = '[email protected]',...

7.5CVSS0.5AI score0.64232EPSS

Exploits11

exploitpack•added 2012/06/14 12:0 a.m.•19 views

Wyse - Machine Remote Power Off (Denial of Service) (Metasploit)

Wyse - Machine Remote Power Off Denial of Service Metasploit require 'msf/core' class Metasploit3 'Wyse Machine Remote Power off DOS', 'Description' = %q This module exploits the Wyse Rapport Hagent service and cause remote power cycle Power off the wyse machine remotely. , 'Stance' =...

0.5AI score0.64232EPSS

Exploits11

0day.today•added 2012/06/13 12:0 a.m.•36 views

Wyse Machine Remote Power off (DOS) without any privilege

Exploit for hardware platform in category dos / poc require 'msf/core' class Metasploit3 'Wyse Machine Remote Power off DOS', 'Description' = %q This module exploits the Wyse Rapport Hagent service and cause remote power cycle Power off the wyse machine remotely. , 'Stance' =...

7AI score0.64232EPSS

Exploits11

OSV•added 2012/06/07 7:55 p.m.•1 views

DEBIAN-CVE-2011-2915

Off-by-one error in the CSoundFile::ReadAMS2 function in src/loadams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a crafted AMS file with a large number of instruments...

6.8CVSS7.8AI score0.08659EPSS

OSV•added 2012/06/07 7:55 p.m.•1 views

DEBIAN-CVE-2011-2913

Off-by-one error in the CSoundFile::ReadAMS function in src/loadams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service stack memory corruption and possibly execute arbitrary code via a crafted AMS file with a large number of samples...

NVD•added 2012/06/07 7:55 p.m.•20 views

CVE-2011-2913

Debian CVE•added 2012/06/07 7:0 p.m.•19 views

Exploits0References26

CVE-2011-2913

CVE•added 2012/06/07 7:0 p.m.•70 views

CVE-2011-2914

CVE-2011-2914 affects libmodplug’s DSM file handling: Off-by-one in CSoundFile::ReadDSM (src/load_dms.cpp) before 0.8.8.4 may allow a remote attacker to cause memory corruption, leading to denial of service and potential arbitrary code execution via crafted DSM files with many samples. Public rep...

Exploits0References26Affected Software1

OSV•added 2012/06/02 3:55 p.m.•2 views

DEBIAN-CVE-2012-2948

chanskinny.c in the Skinny aka SCCP channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash by closing a...

4CVSS6.2AI score0.03932EPSS

Debian CVE•added 2012/06/02 3:0 p.m.•22 views

CVE-2012-2948

4CVSS6AI score0.03932EPSS

OpenVAS•added 2012/05/31 12:0 a.m.•25 views

Debian: Security Advisory (DSA-2479-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.3AI score0.01986EPSS

Exploits0References3

Packet Storm•added 2012/05/27 12:0 a.m.•56 views

Santilga CMS 1.2.6.3 Cross Site Request Forgery / SQL Injection

============================= Vulnerable software: Santilga CMS version 1.2.6.3 $ head -n 10 Admin.php|less view-templateName = "admin"; parent::construct; $this-lang = SantilgaLanguage::getInstance-getLanguage; $this-view-lang = $this-lang; $this-view-showUploadForm = false; public function...

0.5AI score

0day.today•added 2012/05/27 12:0 a.m.•24 views

Santilga CMS 1.2.6.3 Cross Site Request Forgery / SQL Injection

Exploit for php platform in category web applications ============================= Vulnerable software: Santilga CMS version 1.2.6.3 $ head -n 10 Admin.php|less view-templateName = "admin"; parent::construct; $this-lang = SantilgaLanguage::getInstance-getLanguage; $this-view-lang = $this-lang;...

7.1AI score

Fedora•added 2012/05/26 7:23 a.m.•24 views

[SECURITY] Fedora 17 Update: pidgin-otr-3.2.1-1.fc17

This is a Pidgin plugin which implements Off-the-Record OTR Messaging. It is known to work at least under the Linux and Windows versions of Pidgin...

7.5CVSS4AI score0.02029EPSS