Lucene search
K

2534 matches found

Tenable Nessus
Tenable Nessus
added 2008/03/13 12:0 a.m.31 views

FreeBSD : qemu -- unchecked block read/write vulnerability (9cfbca7f-efb7-11dc-be01-0211060005df)

Ian Jackson reports on the debian-security mailinglist : When a block device read or write request is made by the guest, nothing checks that the request is within the range supported by the backend, but the code in the backend typically assumes that the request is sensible. Depending on the...

4.7CVSS7.4AI score0.00369EPSS
Exploits0References3
Fedora
Fedora
added 2008/02/16 2:9 a.m.33 views

[SECURITY] Fedora 8 Update: scponly-4.6-10.fc8

scponly is an alternative 'shell' for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications...

8.5CVSS4.2AI score0.04362EPSS
Exploits1
Cvelist
Cvelist
added 2007/10/29 7:0 p.m.22 views

CVE-2002-2353

tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests...

6.7AI score0.07015EPSS
Exploits1References5
CVE
CVE
added 2007/10/23 5:0 p.m.85 views

CVE-2007-5633

CVE-2007-5633 is a local-elevation vulnerability in SpeedFan (speedfan.sys) used on Windows Vista x64. The issue allows a local attacker to read/write MSRs and load unsigned drivers via IOCTL_RDMSR 0x9C402438 and IOCTL_WRMSR 0x9C40243C to \Device\speedfan (MSR_LSTAR shown in examples). The provid...

7.2CVSS8.1AI score0.00935EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2007/10/04 11:0 p.m.47 views

CVE-2007-5210

Arbor Networks Peakflow SP is affected. Infections concern remote authenticated users bypassing access restrictions to read or write unspecified data via unknown vectors, affecting releases earlier than 3.5.1 patch 14 and 3.6.x prior to 3.6.1 patch 5. Root cause details are not fully disclosed in...

6CVSS6.1AI score0.00947EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2007/09/25 3:42 p.m.23 views

[SECURITY] Fedora 7 Update: ntfs-3g-1.913-2.fc7

The ntfs-3g driver is an open source, GPL licensed, third generation Linux NTFS driver. It provides full read-write access to NTFS, excluding access to encrypted files, writing compressed files, changing file ownership, access right. Technically it=E2=80=99s based on and a major improvement to th...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/06/07 12:0 a.m.29 views

Mandrake Linux Security Advisory : lha (MDKSA-2007:117)

lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

4.9CVSS5.3AI score0.00355EPSS
Exploits0References1
Prion
Prion
added 2007/05/18 10:30 p.m.14 views

Information disclosure

The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...

9CVSS7AI score0.01734EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/05/18 10:30 p.m.15 views

CVE-2007-2760

The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...

9CVSS6.5AI score0.01734EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/05/18 10:0 p.m.15 views

CVE-2007-2760

The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...

6.5AI score0.01734EPSS
Exploits0References4
CVE
CVE
added 2007/05/18 10:0 p.m.43 views

CVE-2007-2760

The CVE concerns Adempiere prior to version 3.1.6. The canUpdate function in model/MRole.java fails to properly validate user roles, enabling remote authenticated read-only users to obtain read-write privileges. This behavioral flaw is the root cause described across sources, resulting in a high-...

9CVSS6.5AI score0.01734EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2007/05/11 12:0 a.m.23 views

TFTP Server TFTPDWin 0.4.2 - Directory Traversal

source: https://www.securityfocus.com/bid/23937/info TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to privileged directories and files. TFT...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2007/02/01 10:0 p.m.23 views

CVE-2007-0657

Unspecified vulnerability in Nexuiz 2.2.2 allows remote attackers to read and overwrite arbitrary files via the gamedir command...

7.5CVSS6.5AI score0.01644EPSS
Exploits0
NVD
NVD
added 2006/10/25 11:7 p.m.12 views

CVE-2006-5382

3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned...

7.5CVSS6.7AI score0.01674EPSS
Exploits0References6
CVE
CVE
added 2006/10/25 11:0 p.m.52 views

CVE-2006-5382

The CVE-2006-5382 entry affects 3Com Switch SS3 4400 switches, specifically firmware 5.11, 6.00, 6.10 and earlier. Affects remote confidentiality/integrity/availability by allowing remote attackers to read the SNMP Read-Write Community string and perform unauthorized actions via normally restrict...

7.5CVSS7.1AI score0.01674EPSS
Exploits0References6Affected Software1
myhack58
myhack58
added 2006/08/13 12:0 a.m.35 views

NTFS do a Ghost(break read-write privileges)-vulnerability warning-the black bar safety net

This machine is loaded with Windows 2 0 0 0, because the working relationship will be important information to put in the C:\studio, the C drive is NTFS format, and set the following permissions: Lostar is me full control The Everyone read-only After one day, and found where the file being...

6.6AI score
Exploits0
FreeBSD
FreeBSD
added 2006/08/11 12:0 a.m.35 views

squirrelmail -- random variable overwrite vulnerability

The SquirrelMail developers report: A logged in user could overwrite random variables in compose.php, which might make it possible to read/write other users' preferences or attachments...

6.4CVSS6.4AI score0.09234EPSS
Exploits4References1
Prion
Prion
added 2006/06/06 8:6 p.m.12 views

Directory traversal

Directory traversal vulnerability in PG Problem Editor module PGProblemEditor.pm in WeBWorK Online Homework Delivery System 2.2.0 and earlier allows remote attackers to read and write files outside of the templates directory...

6.4CVSS7.2AI score0.01731EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2006/05/30 12:0 a.m.37 views

[SA20285] Assetman Unspecified Script Insertion Vulnerabilities

TITLE: Assetman Unspecified Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA20285 VERIFY ADVISORY: http://secunia.com/advisories/20285/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Assetman 2.x http://secunia.com/product/10187/ DESCRIPTION: Nomenumbra...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2005/11/29 12:0 a.m.31 views

[SA17748] Sun Java JRE Sandbox Security Bypass Vulnerabilities

TITLE: Sun Java JRE Sandbox Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA17748 VERIFY ADVISORY: http://secunia.com/advisories/17748/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Sun Java SDK 1.4.x http://secunia.com/product/1661/ Sun Java SDK 1.3.x...

7.4AI score
Exploits0
Rows per page
Query Builder