Lucene search
K

7974 matches found

securityvulns
securityvulns
added 2010/03/31 12:0 a.m.58 views

Secunia Research: Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow

====================================================================== Secunia Research 31/03/2010 - Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow - ====================================================================== Table of Contents Affected...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2010/03/31 12:0 a.m.40 views

Simple Machines Forum 1.1.11 Session Fixation

======================================================================================== | Title : Simple Machines Forum 1.1.11 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.sec-war.com | Web Site : http://www.simplemachines.org/ | Dork : Powered by SMF...

7.4AI score
Exploits0
Mozilla
Mozilla
added 2010/03/30 12:0 a.m.41 views

Dangling pointer vulnerability in nsPluginArray — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could resu...

9.3CVSS3.4AI score0.06995EPSS
Exploits1References2Affected Software2
Nmap
Nmap
added 2010/03/29 5:41 p.m.122 views

afp-path-vuln NSE Script

Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533. This script attempts to iterate over all AFP shares on the remote host. For each share it attempts to access the parent directory by exploiting the directory traversal vulnerability as described in CVE-2010-0533. The scrip...

10CVSS9AI score0.99448EPSS
Exploits33
exploitpack
exploitpack
added 2010/03/10 12:0 a.m.49 views

Employee TimeClock Software 0.99 - SQL Injection

Employee TimeClock Software 0.99 - SQL Injection source: http://www.securityfocus.com/archive/1/509995 ====================================================================== Secunia Research 10/03/2010 - Employee Timeclock Software SQL Injection Vulnerabilities -...

7.5CVSS0.5AI score0.02312EPSS
Exploits2
OpenVAS
OpenVAS
added 2010/03/09 12:0 a.m.24 views

PhpBB 'feed.php' Security Bypass Vulnerability

PhpBB is prone to a security-bypass vulnerability. Attackers may exploit the issue to bypass certain security restrictions, view restricted content, and perform unauthorized actions. PhpBB 3.0.7 is vulnerable; other versions may also be affected. OpenVAS Vulnerability Test $Id: gbphpbb38599.nasl...

0.3AI score
Exploits0References3
OpenVAS
OpenVAS
added 2010/03/05 12:0 a.m.39 views

RedHat Update for cups RHSA-2010:0129-01

Check for the Version of cups OpenVAS Vulnerability Test RedHat Update for cups RHSA-2010:0129-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

5CVSS7.9AI score0.03913EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2010/02/26 12:0 a.m.27 views

Apache Tomcat Directory Traversal

Vulnerability description: An input validation error can be exploited to download arbitrary files via directory traversal attacks. Successful exploitation requires that a context is configured with allowLinking="true" and that the connector is configured with URIEncoding="UTF-8". Affected version...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2010/02/22 12:0 a.m.34 views

Google Chrome Multiple Vulnerabilities - (Windows)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwin01.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Vulnerabilities - Windows Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...

9.3CVSS0.8AI score0.07458EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2010/02/22 12:0 a.m.65 views

Google Chrome Multiple Vulnerabilities - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.8AI score0.07458EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2009/12/21 12:0 a.m.228 views

TLS Renegotiation Exploit

!/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21 initial public release...

5.8CVSS0.2AI score0.87264EPSS
Exploits15
exploitpack
exploitpack
added 2009/12/21 12:0 a.m.297 views

TLS - Renegotiation

TLS - Renegotiation !/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21...

5.8CVSS7.9AI score0.87264EPSS
Exploits15
Exploit DB
Exploit DB
added 2009/12/21 12:0 a.m.483 views

TLS - Renegotiation

!/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21 initial public release...

9.8CVSS7.9AI score0.87264EPSS
Exploits15
Metasploit
Metasploit
added 2009/11/17 10:29 p.m.33 views

HTTPDX h_handlepeer() Function Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in HTTPDX HTTP server 1.4. The vulnerability is caused due to a boundary error within the "hhandlepeer" function in http.cpp. By sending an overly long HTTP request, an attacker can overrun a buffer and execute arbitrary code. This...

10CVSS10AI score0.63909EPSS
Exploits3
ThreatPost
ThreatPost
added 2009/11/16 6:12 p.m.11 views

OWASP Con Begets Top 10 Threats List

Injection attacks top the 2010 OWASP Top 10 list of Web application security threats, including SQL, OS, and LDAP injection, followed by cross-site scripting XSS, broken authentication and session management, insecure direct object references, cross-site request forgery CSRF, security...

0.9AI score
Exploits0References1
OSV
OSV
added 2009/10/29 2:30 p.m.1 views

DEBIAN-CVE-2009-3627

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

4.3CVSS6.8AI score0.01727EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2009/10/29 2:30 p.m.2 views

CVE-2009-1563

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and...

6.8AI score
Exploits21References2
OpenVAS
OpenVAS
added 2009/10/27 12:0 a.m.39 views

SLES9: Security update for Apache 2

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2 apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-worker libapr0 For more information, please visit the referenced security...

7.1CVSS7.9AI score0.17111EPSS
Exploits7References1
Packet Storm
Packet Storm
added 2009/10/23 12:0 a.m.37 views

Snort 2.8.5 IPv6 Remote Denial Of Service

============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffié - Severity: Low ============================================= I. VULNERABILITY ------------------------- Snort TCP 2 works x86,x64 /usr/bin/env python from scapy.all import z = "Q" 30...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/10/22 12:0 a.m.82 views

[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation

2009-016 Poppler, Xpdf integer overflows during heap allocation Description: Poppler and Xpdf are two popular open source projects for processing PDF files. Both projects are vulnerable to an integer overflow during heap memory allocation when processing a PDF file. In general, this results in...

9.3CVSS0.8AI score0.10228EPSS
Exploits1
Rows per page
Query Builder