Lucene search
K

2315 matches found

securityvulns
securityvulns
added 2005/03/17 12:0 a.m.53 views

Multiple KDE Security Advisories (2005-03-16)

Three KDE security advisories have been issued today. KDE Security Advisory: Local DCOP denial of service vulnerability Original Release Date: 20050316 URL: http://www.kde.org/info/security/advisory-20050316-1.txt 0. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0396 1. System...

5CVSS6.3AI score0.01634EPSS
Exploits1
0day.today
0day.today
added 2005/03/06 12:0 a.m.34 views

CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)

Exploit for unknown platform in category remote exploits ================================================================ CA License Server GETCONFIG Remote Buffer Overflow Exploit c ================================================================ / Computer-Associates, License Service Stack...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/02/10 12:0 a.m.29 views

[VulnWatch] Patch available for high risk IBM DB2 Universal Database flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Researchers at NGSSoftware have discovered a high risk vulnerability in IBM's DB2 Universal Database Version 8.1 and earlier. IBM has just released Fixpak 8 for DB2 UDB 8.1 which addresses the security flaw...

Exploits0
securityvulns
securityvulns
added 2005/01/23 12:0 a.m.35 views

Mac OS X 10.3 iSync Privilege Escalation

Hello everyone, a buffer overflow flaw has been discovered in the mRouter suid root binary installed by iSync in OS X 10.3 by default. Program: /System/Library/SyncServices/SymbianConduit.bundle/Contents/ Resources/mRouter Impact: Privilege Escalation root access euid=0 Discovered: 12th January,...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2004/12/12 12:0 a.m.36 views

hostingControl.txt

-= Security Advisory =- Advisory Information ------------------------- Software Package : Hosting Controller Vendor Homepage : http://www.hostingcontroller.com Platforms : Windows based servers Vulnerable Versions: All version Tested on: v.6.1 Hotfix 1.4 Vendor Contacted : 12/5/2004 Release Date:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/27 12:0 a.m.61 views

MS04-031: Vulnerability NetDDE Could Allow Code Execution (841533) (uncredentialed check)

The remote version of Windows is affected by a vulnerability in Network Dynamic Data Exchange NetDDE. An attacker may exploit this flaw to execute arbitrary code on the remote host with the SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid15572;...

7.5CVSS6.2AI score0.77002EPSS
Exploits8References2
securityvulns
securityvulns
added 2004/10/07 12:0 a.m.25 views

[Gosecure Adivsory] Neoteris IVE Vulnerability

Gosecure Advisory http://www.gosecure.ca Neoteris IVE changepassword.cgi Authentication Bypass Date Published: 2004-09-20 Date Discovered: 2004-07-23 Advisory ID: GOSECURE-2004-10 Class: Design Error Risk: Medium Vendor: Juniper Networks www.juniper.net Advisory URL:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2004/10/02 12:0 a.m.28 views

EEYE: RealPlayer pnen3260.dll Heap Overflow

RealPlayer pnen3260.dll Heap Overflow Release Date: October 1, 2004 Date Reported: August 09, 2004 Severity: High Remote Code Execution Vendor: RealNetworks Systems Affected: Windows: RealPlayer 10.5 6.0.12.1040 and earlier RealPlayer 10 RealPlayer 8 Local Playback RealOne Player V2 RealOne Playe...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.95 views

Debian DSA-086-1 : ssh-nonfree - remote root exploit

We have received reports that the 'SSH CRC-32 compensation attack detector vulnerability' is being actively exploited. This is the same integer type error previously corrected for OpenSSH in DSA-027-1. OpenSSH the Debian ssh package was fixed at that time, but ssh-nonfree and ssh-socks were not...

10CVSS7.6AI score0.32416EPSS
Exploits1References3
securityvulns
securityvulns
added 2004/08/25 12:0 a.m.30 views

Hastymail security update

---Software--- Hastymail is a web based IMAP client written in PHP4 released under the GNU GPL. More information about Hastymail can be found at our homepage: http://hastymail.sourceforge.net ---Problem--- A problem was discovered yesterday regarding the use of the "download" link to download...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.28 views

Mandrake Linux Security Advisory : kde (MDKSA-2003:004-1)

Multiple instances of improperly quoted shell command execution exist in KDE 2.x up to and including KDE 3.0.5. KDE fails to properly quote parameters of instructions passed to the shell for execution. These parameters may contain data such as filenames, URLs, email address, and so forth; this da...

7.5CVSS6AI score0.03671EPSS
Exploits0References2
securityvulns
securityvulns
added 2004/07/14 12:0 a.m.79 views

[Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: PHP memorylimit remote vulnerability Release Date: 2004/07/14 Last Modified: 2004/07/14 Author: Stefan Esser [email protected] Application: PHP = 4.3.7 PHP5 = 5.0.0RC3 Severity: A...

6.4CVSS6.5AI score0.84784EPSS
Exploits2
securityvulns
securityvulns
added 2004/04/02 12:0 a.m.31 views

[Full-Disclosure] MondoSoft - User enumeration possible

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - User enumeration possible Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200404.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...

Exploits0
securityvulns
securityvulns
added 2004/04/02 12:0 a.m.28 views

[Full-Disclosure] MondoSoft - MsmHigh.exe - Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - MsmHigh.exe - Denial of Service Application : MondoSearch versions prior to 5.1b Author: Dennis Rand dra at protego.dk Advisory URL: http://www.protego.dk/advisories/200402.html Vendor Name: MondoSoft Vendor URL:...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/01/13 12:0 a.m.41 views

MS04-002: Exchange Privilege Escalation (832759)

The remote host is running an unpatched version of Microsoft Exchange that could allow an attacker with a valid Exchange account to access another user's mailbox using Outlook for Web Access C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11989; scriptversion"1.39";...

6CVSS5.5AI score0.08162EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2004/01/01 12:0 a.m.20 views

dosMac.txt

Advisory Name Local Denial Of Service Attack Against The SecurityServer Daemon In MacOS X, MacOS X Server, And Darwin. Release Date 12-30-03 Effected Platforms Apple MacOS X, MacOS X Server, and Darwin. Author Matt Burnett [email protected] Vendor Status No patch has been released as o...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/10/16 12:0 a.m.27 views

Buffer Overflow in AOL Instant Messager

DigitalPranksters Security Advisory http://www.DigitalPranksters.com AIM POP POP - Buffer Overflow in AOL Instant Messager's screenname parameter of getfile Risk: Medium Product: AIM 5.2.3292 for Windows Maybe others we only tested the latest version Product URL: http://www.aim.com Vendor...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/29 12:0 a.m.32 views

GuppY 2.4 - HTML Injection

source: https://www.securityfocus.com/bid/8717/info It has been reported that one of the scripts included with GuppY is vulnerable to an HTML injection attack. The script, "postguest.php", does not perform input validation to prevent the inclusion of HTML/script content in messages posted to the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/09/24 12:0 a.m.37 views

[Full-Disclosure] MondoSoft File Creation vulnerability

PROTEGO Security Advisory PSA200302 Topic: MondoSoft File Creation vulnerability Application : MondoSearch 4.4, 5.0, and 5.1 Author: Jens H. Christensen jhc at protego.dk Advisory URL: http://www.protego.dk/advisories/200302.html Identifiers: CERT: VU 756556 Vendor Name: MondoSoft Vendor URL:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/09/09 12:0 a.m.33 views

Escapade Scripting Engine XSS Vulnerability and Path Disclosure

Escapade Scripting Engine XSS Vulnerability and Path Disclosure Published: 9 September 2003 Released: 9 September 2003 Affected Systems: Escapade Scripting Engine Vendor: http://www.escapade.org , http://www.squishedmosquito.com Issue: Remote attackers can inject XSS script and know the path of t...

Exploits0
Rows per page
Query Builder