23 matches found
Security update for kea
This update for kea fixes the following issues: Update to release 2.6.3 bsc1243240: CVE-2025-32801: Loading a malicious hook library can lead to local privilege escalation. CVE-2025-32802: Insecure handling of file paths allows multiple local attacks. CVE-2025-32803: Insecure file permissions can...
CVE-2023-29778
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread...
CVE-2020-28198
Summary: Multiple sources describe a stack buffer overflow in the IBM Tivoli Storage Manager components that expose the vulnerable behavior via the interactive use of the id parameter in dsmadmc.exe (Version 5 Release 2, and related IBM TSM/Operations Center variants). The flaw is triggered by an...
Mageia release 2 (32bit) sock_diag_handlers Local root exploit
Exploit for linux platform in category local exploits / Exploit Title: Mageia release 2 32bit sockdiaghandlers Local root exploit Date: 22-03-2013 Exploit Author: email protected | @y3dips Vendor Homepage: http://www.mageia.org/en/ Software Link: http://www.mageia.org/en/downloads/ Version: Magei...
Oracle Database Authentication Protocol Security Bypass
Oracle Database is prone to a remote security-bypass vulnerability that affects the authentication protocol. An attacker can exploit this issue to bypass the authentication process and gain unauthorized access to the database. This vulnerability affects Oracle Database 11g Release 1 and 11g Relea...
Oracle Database Authentication Protocol Security Bypass
Oracle Database Authentication Protocol CVE-2012-3137 Security Bypass Vulnerability Oracle Database is prone to a remote security-bypass vulnerability that affects the authentication protocol. An attacker can exploit this issue to bypass the authentication process and gain unauthorized access to...
Google SketchUp '.SKP' File Memory Corruption Vulnerability (Mac OS X)
This host is installed with Google SketchUp and is prone to to memory corruption vulnerability. OpenVAS Vulnerability Test $Id: gbgooglesketchupskpfilememcorruptionvulnmacosx.nasl 5999 2017-04-21 09:02:32Z teissa $ Google SketchUp '.SKP' File Memory Corruption Vulnerability Mac OS X Authors:...
Google SketchUp '.SKP' File Remote Code Execution Vulnerability - Windows
Google SketchUp is prone to a remote code execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google SketchUp '.SKP' File Remote Code Execution Vulnerability (Windows)
This host is installed with Google SketchUp and is prone to to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglesketchupskpfilecodeexecvulnwin.nasl 5963 2017-04-18 09:02:14Z teissa $ Google SketchUp '.SKP' File Remote Code Execution Vulnerability Windows Authors:...
JVN#50837839 Oracle Application Server vulnerable to cross-site scripting
Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...
Buffer overflow
Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a .M3U file with a long URI. NOTE: this might be the same issue as CVE-2004-1569...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
CVE-2007-3856
Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMPSYS, aka DB04...
CVE-2006-2505
The CVE-2006-2505 entry affects Oracle Database Server 10g Release 2. the issue arises in the DBMS_EXPORT_EXTENSION package, specifically the functions GET_DOMAIN_INDEX_TABLES and GET_V2_DOMAIN_INDEX_TABLES, where a reference to a malicious package in the TYPE_NAME argument can let local users ru...
CVE-2006-2081
CVE-2006-2081 affects Oracle Database Server 10g Release 2, where local users can trigger arbitrary SQL via the GET_DOMAIN_INDEX_METADATA function in DBMS_EXPORT_EXTENSION. The primary issue is insecure privileges that allow SQL to be introduced outside of a character-based injection, not a tradi...
CVE-2006-2081
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GETDOMAININDEXMETADATA function in the DBMSEXPORTEXTENSION package. NOTE: this issue was originally linked to DB05 CVE-2006-1870, but a reliable third party has claimed that it is not the same issue...
CVE-2006-0786
The CVE-2006-0786 entry concerns PHP-Kit prior to 1.6.1 Release 2, where include.php contains an incomplete blacklist vulnerability. When allow_url_fopen is enabled, an attacker can perform PHP remote file include attacks by passing a path parameter that points to a (1) UNC share or (2) ftps URL,...
CVE-2005-2888
CVE-2005-2888 affects MyBulletinBoard (MyBB) Preview Release 2. The vulnerability lies in two injection vectors: (1) the fid parameter of misc.php and (2) the Content-Disposition header in the HTTP request to newreply.php, due to improper sanitization of user-supplied input. An attacker remotely ...