13 matches found
httpd: Apache HTTP Server: CGI environment variable override
A configuration override flaw has been discovered in the apache HTTP server. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server...
EUVD-2006-4864
Malware in sbrugna...
SUSE CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
CVE-2020-28397
A vulnerability has been identified in SIMATIC Drive Controller family All versions V2 V2.5 V2.5 V21.9, TIM 1531 IRC incl. SIPLUS NET variants Version V2.1. Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program...
Oracle Secure Backup Administration Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are...
CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
CVE-2006-6661
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the 1 f, 2 newmessage, 3 newusername, 4 adminuser, and ...
CVE-2006-6661
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the 1 f, 2 newmessage, 3 newusername, 4 adminuser, and ...
CVE-2006-4019
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users...
CVE-2006-4019
CVE-2006-4019 affects SquirrelMail up to version 1.4.7, where a dynamic variable evaluation flaw in compose.php can allow an attacker to overwrite variables used by the script and influence actions, potentially reading/writing attachments and other users’ preferences. The issue stems from unsafe ...
CVE-2006-4019
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users...
Buffer overflow in the principles of the vernacular of the draft-vulnerability warning-the black bar safety net
First of all,to be described herein to explain the appeal of merely vernacular. Just say some ideas, After all, I also feel trepidation. There is nothing any not understand of place,as long as you can adhere to after reading this article, It will preliminary understand the buffer overflow concept...