CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnerability Lab•added 2012/01/23 12:0 a.m.•17 views

Opera Website - Cross Site Scripting Vulnerability

Document Title: =============== Opera Website - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=369 Release Date: ============= 2012-01-23 Vulnerability Laboratory ID VL-ID: ==================================== 369 Comm...

7.1AI score

RedHat Linux•added 2011/09/01 7:54 p.m.•1 views

rsyslog: parseLegacySyslogMsg off-by-two buffer overflow

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG in a legacy syslog message...

5CVSS6AI score0.63906EPSS

Exploits2References5

myhack58•added 2011/08/25 12:0 a.m.•9 views

cuteeditor editor using the method of two-vulnerability and early warning-the black bar safety net

Method 1. Direct Download load. ashx configuration file /CuteSoftClient/CuteEditor/Load. ashx? type=image&file=../../../web. config Then view some of the sql configuration information from the sql database connection to start with connectionStrings add name=”ynncConnectionString”...

OSV•added 2011/03/22 5:55 p.m.•1 views

DEBIAN-CVE-2011-1006

Heap-based buffer overflow in the parsecgroupspec function in tools/tools-common.c in the Control Group Configuration Library aka libcgroup or libcg before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear wheth...

7.2CVSS7.6AI score0.00129EPSS

Exploits0References1

RedHat Linux•added 2011/03/11 12:35 a.m.•4 views

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

5CVSS6.1AI score0.39874EPSS

RedHat Linux•added 2011/03/03 11:15 p.m.•2 views

libcgroup: Heap-based buffer overflow by converting list of controllers for given task into an array of strings

7.2CVSS6AI score0.00129EPSS

Positive Technologies•added 2011/03/03 12:0 a.m.•2 views

PT-2011-1038 · Linux +1 · Libcgroup-Debuginfo +4

Name of the Vulnerable Software and Affected Versions: libcgroup versions prior to 0.37.1 libcgroup-pam version 0.36.1 libcgroup-devel version 0.36.1 libcgroup-debuginfo version 0.36.1 Description: The issue concerns multiple vulnerabilities in the libcgroup package, which can lead to a breach of...

7.2CVSS6.7AI score0.00129EPSS

Exploits0References35

OpenVAS•added 2011/02/23 12:0 a.m.•27 views

Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability

This host is installed with Microsoft Office Power Point and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-022.nasl OID:1.3.6.1.4.1.25623.1.0.902411. OpenVAS Vulnerability Test $Id: gbmspowerpointcodeexecvuln.nasl 6538 2017-07-05 11:38:27Z cfischer ...

9.3CVSS0.4AI score0.64025EPSS

Exploits0References2

RedHat Linux•added 2011/02/22 5:22 p.m.•1 views

JDK Double.parseDouble Denial-Of-Service

5CVSS6.1AI score0.39874EPSS

RedHat Linux•added 2011/02/10 7:30 p.m.•1 views

JDK Double.parseDouble Denial-Of-Service

5CVSS6.1AI score0.39874EPSS

RedHat Linux•added 2010/11/10 7:0 p.m.•1 views

Samba: Stack-based buffer overflow by processing specially-crafted SID records

Stack-based buffer overflow in the 1 sidparse and 2 domsidparse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Windows Security ID SID on a file share...

7.5CVSS7.2AI score0.15227EPSS

Check Point Advisories•added 2010/11/09 12:0 a.m.•3 views

Microsoft Office Excel Drawing Exception Handling Code Execution (MS10-087; CVE-2010-3335)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

9.3CVSS6.8AI score0.69003EPSS

Exploits5

Debian CVE•added 2010/11/05 5:0 p.m.•46 views

CVE-2010-3704

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code v...

6.8CVSS8AI score0.01262EPSS

UbuntuCve•added 2010/10/13 12:0 a.m.•49 views

CVE-2010-3704

6.8CVSS6.8AI score0.01262EPSS

Exploits0References2

Tenable Nessus•added 2010/10/11 12:0 a.m.•18 views

SuSE 10 Security Update : expat (ZYPP Patch Number 6765)

The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid49850;...

5CVSS6.3AI score0.03008EPSS

Exploits3References2

Tenable Nessus•added 2010/10/11 12:0 a.m.•29 views

SuSE 10 Security Update : poppler (ZYPP Patch Number 6743)

This update of poppler fixes two security issues : - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via ...

9.3CVSS6.3AI score0.12664EPSS

RedHat Linux•added 2010/10/07 3:27 p.m.•3 views

xpdf: array indexing error in FoFiType1::parse()

6.8CVSS7.1AI score0.01262EPSS

RedHat Linux•added 2010/10/07 3:2 p.m.•2 views

xpdf: array indexing error in FoFiType1::parse()

6.8CVSS7.1AI score0.01262EPSS