CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

SUSE CVE•added 2023/02/15 4:8 a.m.•1 views

SUSE CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

7.5CVSS7.6AI score0.05911EPSS

Exploits0References6

OSV•added 2019/09/09 3:15 p.m.•1 views

DEBIAN-CVE-2019-16159

7.5CVSS7.9AI score0.05911EPSS

Exploits0References1

Prion•added 2008/02/05 12:0 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message...

4.3CVSS5.7AI score0.01066EPSS

Exploits0References4Affected Software1

NVD•added 2008/02/05 12:0 a.m.•13 views

CVE-2008-0182

Cross-site request forgery CSRF vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message...

4.3CVSS6.5AI score0.00285EPSS

Exploits0References3

NVD•added 2008/02/05 12:0 a.m.•14 views

CVE-2008-0181

Cross-site scripting XSS vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message...

4.3CVSS5.3AI score0.01066EPSS

Exploits0References4

CVE•added 2008/02/04 11:0 p.m.•53 views

CVE-2008-0182

CVE-2008-0182 is a CSRF vulnerability in the Liferay Portal Admin portlet (pre-4.4.0). Remote authenticated users could cause actions as other authenticated users through the Shutdown message. Impact is partial integrity compromise; CVSS base score from NVD is 4.3 (Medium). The vulnerability is m...

4.3CVSS6.5AI score0.00285EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2005/10/05 12:0 a.m.•23 views

Mandrake Linux Security Advisory : proftpd (MDKSA-2005:140)

Two format string vulnerabilities were discovered in ProFTPD. The first exists when displaying a shutdown message containin the name of the current directory. This could be exploited by a user who creates a directory containing format specifiers and sets the directory as the current directory whe...

6.4CVSS5.5AI score0.01235EPSS

Exploits0References2

OSV•added 2005/09/01 12:0 a.m.•18 views

DSA-795-2 proftpd - format string error

Bulletin has no description...

6.4CVSS6.3AI score0.01235EPSS

Exploits0

Tenable Nessus•added 2005/08/02 12:0 a.m.•17 views

GLSA-200508-02 : ProFTPD: Format string vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200508-02 ProFTPD: Format string vulnerabilities 'infamous42md' reported that ProFTPD is vulnerable to format string vulnerabilities when displaying a shutdown message containing the name of the current directory, and when...

6.4CVSS6.1AI score0.01235EPSS

Exploits0References2