Lucene search
K

163 matches found

ThreatPost
ThreatPost
added 2015/04/01 1:30 p.m.8 views

Verizon Allows Opt Out of UIDH Mobile Supercookie

Verizon Wireless has made a change that now allows customers to opt out of the ad-targeting program that relies on the so-called supercookie identifier that was inserted into Web requests users send. The use of the identifier, known as a UIDH, drew the ire of privacy advocates and users when it w...

0.5AI score
Exploits0References4
NVD
NVD
added 2014/11/15 9:59 p.m.13 views

CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

7.5CVSS9.4AI score0.03502EPSS
Exploits0References9
Prion
Prion
added 2014/11/15 9:59 p.m.18 views

Integer overflow

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

7.5CVSS7.1AI score0.03502EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2014/11/15 9:0 p.m.33 views

CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

9.4AI score0.03502EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2014/11/15 9:0 p.m.54 views

CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

7.5CVSS9.1AI score0.03502EPSS
Exploits0
OSV
OSV
added 2014/11/15 12:0 a.m.5 views

UBUNTU-CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

7.5CVSS7.5AI score0.03502EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2014/11/15 12:0 a.m.23 views

CVE-2014-3158

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...

7.5CVSS7.2AI score0.03502EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/12/16 12:0 a.m.32 views

Fedora 19 : nss-3.15.3-1.fc19 / nss-softokn-3.15.3-1.fc19 / nss-util-3.15.3-1.fc19 (2013-23301)

This update rebases the nss, nss-util, and nss-softokn packages to nss-3.15.3 and nspr to nspr-4.10.2 in order to address security-relevant bugs have been resolved in NSS 3.15.3. For further details please refer to the upstream release notes at...

7.5CVSS6AI score0.04399EPSS
Exploits0References6
NVD
NVD
added 2011/03/23 10:0 p.m.12 views

CVE-2010-4775

The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships...

5CVSS6.8AI score0.01489EPSS
Exploits0References7
Prion
Prion
added 2011/03/23 10:0 p.m.10 views

Code injection

The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships...

5CVSS7.3AI score0.01489EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2011/03/23 9:0 p.m.39 views

CVE-2010-4775

CVE-2010-4775 affects Drupal’s Relevant Content module (5.x prior to 5.x-1.4 and 6.x prior to 6.x-1.5). The issue is improper node access logic, enabling remote attackers to discover restricted node titles and relationships. No exploitation details or patches are provided in the connected documen...

5CVSS7AI score0.01489EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2011/03/23 9:0 p.m.18 views

CVE-2010-4775

The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships...

6.8AI score0.01489EPSS
Exploits0References7
Drupal
Drupal
added 2010/11/17 12:0 a.m.13 views

SA-CONTRIB-2010-104 - Relevant Content - Information Disclosure

The Relevant Content module provides a block and CCK field which contain links to other nodes on the site which are considered "relevant" to the current nodes based on number of shared taxonomy terms. The Relevant Content module does not implement node access logic properly, resulting in the...

6.8AI score
Exploits0References9
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.10 views

Debian: Security Advisory (DSA-638-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.02965EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2007/03/28 12:19 a.m.48 views

CVE-2007-1717

The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...

5CVSS5.9AI score0.0465EPSS
Exploits2References1
NVD
NVD
added 2007/03/28 12:19 a.m.24 views

CVE-2007-1717

The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...

5CVSS6.2AI score0.0465EPSS
Exploits2References14
Prion
Prion
added 2007/03/28 12:19 a.m.23 views

Code injection

The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...

5CVSS6.3AI score0.0465EPSS
Exploits2References14Affected Software1
UbuntuCve
UbuntuCve
added 2006/06/14 11:2 p.m.42 views

CVE-2006-3017

zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...

9.3CVSS5.9AI score0.0406EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/06/14 11:0 p.m.27 views

CVE-2006-3017

zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...

6AI score0.0406EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2006/03/15 7:6 p.m.27 views

CVE-2006-1244

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including a pdfkit.framework, b gpdf, c pdftohtml, and d libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in 1 gmem.c, 2 SplashXPathScanner.cc, 3 JBIG2Stream.c...

7.6CVSS5.9AI score0.02139EPSS
Exploits0References2
Rows per page
Query Builder