Lucene search
K

1212 matches found

Cvelist
Cvelist
added 2007/09/24 12:0 a.m.19 views

CVE-2007-5042

Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via the 1 NtCreateKey, 2 NtDeleteFile, 3 NtLoadDriver, 4...

6.2AI score0.00306EPSS
Exploits0References5
NVD
NVD
added 2007/09/19 1:17 a.m.14 views

CVE-2007-4970

ProcessGuard 3.410 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including 1 NtCreateFile, 2...

4.4CVSS6.6AI score0.00284EPSS
Exploits0References5
Prion
Prion
added 2007/09/19 1:17 a.m.14 views

Code injection

Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for 1 NtOpenProcess and 2 NtOpenThread...

4.4CVSS7.1AI score0.00284EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/09/19 1:17 a.m.14 views

CVE-2007-4968

Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for 1 NtOpenProcess and 2 NtOpenThread...

4.4CVSS6.6AI score0.00284EPSS
Exploits0References5
CVE
CVE
added 2007/09/19 1:0 a.m.52 views

CVE-2007-4970

ProcessGuard 3.410 is vulnerable due to improper validation of parameters passed to System Service Descriptor Table (SSDT) function handlers. The issue enables local users to trigger a denial of service (crash) and potentially gain privileges by abusing kernel SSDT hooks targeting Windows Native ...

4.4CVSS6.6AI score0.00284EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/09/19 1:0 a.m.26 views

CVE-2007-4972

RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks to the 1 NtCreateKey and 2 NtOpenKey Windows Native API functions...

6.5AI score0.00284EPSS
Exploits0References5
NVD
NVD
added 2007/07/24 6:30 p.m.10 views

CVE-2007-3956

TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service CPU and memory consumption via long username and password parameters in a request to login.tscmd on TCP port 14534...

7.8CVSS6.9AI score0.08142EPSS
Exploits0References5
securityvulns
securityvulns
added 2007/02/13 12:0 a.m.36 views

Microsoft Windows Shell Hardware Detection privilege escalation

Parameter of function executed during hardware detection is not validated...

7.2CVSS3.2AI score0.02571EPSS
Exploits0References1
OSV
OSV
added 2007/01/16 11:28 p.m.3 views

DEBIAN-CVE-2007-0262

WordPress 2.0.6, and 2.1Alpha 3 SVN:4662, does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as th...

7.8CVSS7AI score0.02433EPSS
Exploits0References1
NVD
NVD
added 2006/12/29 11:28 a.m.17 views

CVE-2006-6821

myprofile.asp in Enthrallweb eNews does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...

3.5CVSS6.2AI score0.01662EPSS
Exploits0References4
CVE
CVE
added 2006/12/29 11:0 a.m.45 views

CVE-2006-6822

Vulnerability : In Enthrallweb eClassifieds, myprofile.asp does not properly validate the MM_recordId parameter during profile updates. This allows remote authenticated users to modify certain profile fields of another account by supplying that account’s username in a modified MM_recordId value. ...

3.5CVSS6.5AI score0.01652EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.36 views

Debian DSA-893-1 : acidlab - missing input sanitising

Remco Verhoef has discovered a vulnerability in acidlab, Analysis Console for Intrusion Databases, and in acidbase, Basic Analysis and Security Engine, which can be exploited by malicious users to conduct SQL injection attacks. The maintainers of Analysis Console for Intrusion Databases ACID in...

7.5CVSS5.7AI score0.0262EPSS
Exploits1References5
NVD
NVD
added 2006/09/01 11:4 p.m.19 views

CVE-2006-4527

includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magicquotesgpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks...

2.6CVSS6.8AI score0.0149EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2006/08/29 12:0 a.m.4 views

PT-2006-5229 · Jupiter · Jupiter Cms

Name of the Vulnerable Software and Affected Versions: Jupiter CMS version 1.1.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the template parameter in the index.php file. However, it's noted that the $template variable is defined as a static value...

9.8CVSS8AI score0.04338EPSS
Exploits1References9
securityvulns
securityvulns
added 2006/06/15 12:0 a.m.31 views

Patching system services at runtime

Patching system services at runtime Although KAV appears to use a filesystem filter, the standard Windows mechanism for intercepting accesses to files specifically designed for applications like anti-virus software, the implementors also used a series of API-level function hooks to intercept...

1.4AI score
Exploits0
NVD
NVD
added 2006/06/13 7:6 p.m.22 views

CVE-2006-2383

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a w...

9.3CVSS7.7AI score0.40296EPSS
Exploits0References15
Cvelist
Cvelist
added 2006/06/13 7:0 p.m.28 views

CVE-2006-2383

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a w...

7.7AI score0.40296EPSS
Exploits0References15
Packet Storm
Packet Storm
added 2006/05/09 12:0 a.m.23 views

OpenEngineTraverse.txt

OpenEngine is a PHP based CMS. The parameter "template" is not correctly checked, for this you can include other scripts which will be interpreted. All actual versions are vulnerable up to 1.8 Beta 2, which is the newest one, only the paths and consequences differ. For example you can browse the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/05/07 12:0 a.m.72 views

[NEWS] D-Link DSL-G604T Wireless Router Directory Traversal

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/03/15 12:0 a.m.355 views

Horde go.php url Parameter Arbitrary File Access

The version of Horde installed on the remote host fails to validate input to the 'url' parameter of the 'services/go.php' script before using it to read files and return their contents. An unauthenticated attacker may be able to leverage this issue to retrieve the contents of arbitrary files on t...

5CVSS5.7AI score0.12174EPSS
Exploits1References3
Rows per page
Query Builder