CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

179 matches found

Joomla! Vulnerable Extensions List•added 2015/10/15 12:0 a.m.•107 views

[20151001] - Core - SQL Injection

Inadequate filtering of request data leads to a SQL Injection vulnerability...

7.5CVSS7.2AI score0.91612EPSS

Exploits10Affected Software1

RedHat Linux•added 2015/09/08 11:30 a.m.•0 views

haproxy: information leak in buffer_slow_realign()

An implementation error related to the memory management of request and responses was found within HAProxy's bufferslowrealign function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session...

5CVSS5.9AI score0.00094EPSS

Exploits0References4

CNVD•added 2015/04/02 12:0 a.m.•1 views

Inductive Automation Ignition Cross-Site Scripting Vulnerability

Ignition is an updated version of FactoryPMI, the HMI/SCADA product offered by Inductive Automation. Ignition has a security vulnerability that can be exploited by an attacker to execute malicious content in a vulnerable web application. The server reads data directly from the HTTP request and th...

4.3CVSS7.2AI score0.00535EPSS

Exploits0References1

NVD•added 2014/07/20 11:12 a.m.•25 views

CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

4.3CVSS4.9AI score0.41327EPSS

Exploits0References43

Prion•added 2014/07/20 11:12 a.m.•21 views

Design/Logic Flaw

4.3CVSS6.9AI score0.41327EPSS

Exploits0References43Affected Software3

Debian CVE•added 2014/07/20 10:0 a.m.•37 views

CVE-2014-0118

4.3CVSS5.5AI score0.41327EPSS

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•24 views

JBoss 3.x/4.0.2 Malformed HTTP Request Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13985/info JBoss is prone to a remote information-disclosure vulnerability. The issue occurs in the 'org.jboss.web.WebServer' class and is due to a lack of sufficient sanitization of user-supplied request data. Informatio...

7.1AI score

Exploits0

RedHat Linux•added 2013/01/10 8:39 p.m.•1 views

rubygem-activerecord: SQL injection when processing nested query paramaters

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query...

7.5CVSS7.2AI score0.00637EPSS

Exploits4References4

Debian CVE•added 2012/06/22 2:0 p.m.•49 views

CVE-2012-2661

5CVSS7.4AI score0.00627EPSS

Exploits2

securityvulns•added 2012/04/19 12:0 a.m.•57 views

SQLAlchemy SQL injection

SQL request data is not checked...

7.5CVSS2.5AI score0.02245EPSS

Exploits2References1Affected Software1

OSV•added 2009/07/28 12:0 a.m.•20 views

DSA-1843-1 squid3 - denial of service

Bulletin has no description...

5CVSS5.9AI score0.26189EPSS

Exploits0

Packet Storm•added 2008/06/13 12:0 a.m.•18 views

facilcms-lfi.txt

======================================================= Facil-CMS 0.1RC Local File Inclusion Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

7.4AI score

Exploits0

0day.today•added 2008/06/11 12:0 a.m.•18 views

FOG Forum 0.8.1 Multiple Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ============================================================= FOG Forum 0.8.1 Multiple Local File Inclusion Vulnerabilities ============================================================= =====================================================...

7.1AI score

Exploits0

Packet Storm•added 2008/06/11 12:0 a.m.•24 views

fogforum-lfi.txt

======================================================= FOG Forum 0.8.1 Local File Inclusion Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

7.4AI score

Exploits0

seebug.org•added 2008/01/18 12:0 a.m.•17 views

MS Windows Message Queuing Service RPC BOF Exploit (dnsname)

No description provided by source. / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 Mod of axis's code. CHANGELOG - added dnsname as a parameter, before it was hardcoded in the request data. Marcin Kozlowski Provided for legal security research and testing purposes ONLY Go throug...

7.1AI score

Exploits0

exploitpack•added 2005/06/17 12:0 a.m.•7 views

JBoss 3.x4.0.2 - HTTP Request Remote Information Disclosure

JBoss 3.x4.0.2 - HTTP Request Remote Information Disclosure source: https://www.securityfocus.com/bid/13985/info JBoss is prone to a remote information-disclosure vulnerability. The issue occurs in the 'org.jboss.web.WebServer' class and is due to a lack of sufficient sanitization of user-supplie...

7.3AI score

Exploits0

securityvulns•added 2005/04/13 12:0 a.m.•32 views

Oracle Forms SQL injection

Form request data is not validated...

2.4AI score

Exploits0References1