9 matches found
CVE-2026-14969
A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext block...
EUVD-2008-4171
Malware in sbrugna...
CVE-2024-7634
NGINX Agent's "configdirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory...
CVE-2024-7634
CVE-2024-7634 affects the NGINX Agent component (NGINX Agent) where the config_dirs restriction feature allows a highly privileged attacker to write/overwrite files outside the designated secure directory. Public sources (F5 advisory) indicate a path traversal-related issue with the affected rang...
PT-2013-3405
Name of the Vulnerable Software and Affected Versions Red Hat OpenStack PackStack versions 2012.2.3 Description The issue allows local users to modify deployed systems by changing the answer file, which can be created in insecure directories such as /tmp or the current working directory...
CVE-2008-4188
Unspecified vulnerability in the TYPO3 Secure Directory kwsecdir extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters."...
CVE-2008-4188
Unspecified vulnerability in the TYPO3 Secure Directory kwsecdir extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters."...
CVE-2007-4307
Multiple cross-site scripting XSS vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to 1 addaddress.php, 2 editshipdetails.php, 3 register.php, or 4 login.php in secure/...
Many vulnerabilities in LSF 4.0
Hello. Load Shareing Facility from Platform http://www.platform.com is a suite of application resource management products that schedule, monitor and analyze the workload for a network of computers. In April 2001 I discovered some security bugs in it. I posted my exploits with technical details t...