Lucene search
+L

2852 matches found

Atlassian
Atlassian
added 2014/01/24 1:21 a.m.20 views

XSS on several select lists

Steps to reproduce: -Create a new issue type -Add "alert'Issue name' as Issue name mind the qoute at the beginning -Add "alert'Issue desc' as Issue Description -Add /images/icons/issuetypes/genericissue.png "alert'Issue icon' as Issue Icon -Make sure that this issue type is available on your...

1.3AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2014/01/07 12:0 a.m.40 views

Debian Security Advisory DSA 2837-1 (openssl - programming error)

Anton Johansson discovered that an invalid TLS handshake package could crash OpenSSL with a NULL pointer dereference. The oldstable distribution squeeze is not affected. OpenVAS Vulnerability Test $Id: deb2837.nasl 6663 2017-07-11 09:58:05Z teissa $ Auto-generated from advisory DSA 2837-1 using...

4.3CVSS0.3AI score0.11851EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/12/19 12:0 a.m.36 views

Debian Security Advisory DSA 2824-1 (curl - unchecked tls/ssl certificate host name)

Marc Deslauriers discovered that curl, a file retrieval tool, would mistakenly skip verifying the CN and SAN name fields when digital signature verification was disabled in the libcurl GnuTLS backend. The default configuration for the curl package is not affected by this issue since the digital...

4CVSS0.3AI score0.02761EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/12/05 12:0 a.m.12 views

Apple Deployed Software Version Detection

Binary data 8060.prm...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2013/12/04 12:0 a.m.56 views

Debian Security Advisory DSA 2810-1 (ruby1.9.1 - heap overflow)

Charlie Somerville discovered that Ruby incorrectly handled floating point number conversion. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execu...

6.8CVSS0.6AI score0.34968EPSS
Exploits3References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/03 12:0 a.m.86 views

JVN#23981867: Multiple cross-site scripting vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains multiple cross-site scripting vulnerabilities. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the...

4.3CVSS8.9AI score0.01792EPSS
Exploits0
Exploit DB
Exploit DB
added 2013/11/22 12:0 a.m.24 views

Light Alloy 4.7.3 - '.m3u' Local Buffer Overflow (SEH Unicode)

!/usr/bin/perl Exploit Title: Light Alloy 4.7.3 .m3u - SEH Buffer Overflow Unicode Date: 11-18-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Light Alloy v4.7.3 Vendor Site: http://www.light-alloy.ru/ Vulnerable Software Link:...

7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2013/11/13 3:55 p.m.4 views

CVE-2013-5568

The auto-update implementation in Cisco Adaptive Security Appliance ASA Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service device reload via crafted update data, aka Bug ID CSCui33308...

7.1CVSS5.6AI score0.01173EPSS
Exploits0References3
NVD
NVD
added 2013/10/13 10:20 a.m.33 views

CVE-2013-5508

The SQLNet inspection engine in Cisco Adaptive Security Appliance ASA Software 7.x before 7.25.12, 8.x before 8.25.44, 8.3.x before 8.32.39, 8.4.x before 8.46, 8.5.x before 8.51.18, 8.6.x before 8.61.12, 8.7.x before 8.71.6, 9.0.x before 9.02.10, and 9.1.x before 9.12 and Firewall Services Module...

7.1CVSS6.5AI score0.01531EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2013/10/09 12:0 a.m.7 views

PT-2013-5591 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 9.1 through 9.11.6 Description: The issue allows remote attackers to cause a denial of service, resulting in a device reload. This can be achieved by sending either an ICMP or ICMPv6...

7.1CVSS6.7AI score0.01174EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/09/26 12:0 a.m.23 views

Cisco Content Switching Module (CSM) Software Version

The remote host has a Cisco Content Switching Module CSM. It is possible to read the CSM software version by connecting to the switch using SSH. TRUSTED...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2013/09/03 12:0 a.m.35 views

Debian Security Advisory DSA 2750-1 (imagemagick - buffer overflow)

Anton Kortunov reported a heap corruption in ImageMagick, a program collection and library for converting and manipulating image files. Crafted GIF files could cause ImageMagick to crash, potentially leading to arbitrary code execution. The oldstable distribution squeeze is not affected by this...

4.3CVSS0.04688EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/08/13 12:0 a.m.216 views

HP Switch Identification

The remote host is an HP switch. It is possible to read the model, serial number, and/or software version by connecting to the switch via SSH or by using SNMP. TRUSTED...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/25 12:0 a.m.18 views

Cisco ONS Detection

Based on the SNMP sysDesc value returned from the remote host, it is a Cisco Optical Networking System device. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69058; scriptversion"1.4"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"Cisco ONS Detection";...

5.5AI score
Exploits0References1
OSV
OSV
added 2013/07/09 5:55 p.m.6 views

CVE-2013-2118

SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php...

6.6AI score
Exploits0References4
w3af
w3af
added 2013/06/10 11:2 p.m.12 views

favicon_identification

This plugin identifies software version using favicon.ico file. It checks MD5 of favicon against the MD5 database of favicons. See also: http://www.owasp.org/index.php/Category:OWASPFaviconDatabaseProject http://kost.com.hr/favicon.php Plugin type Infrastructure Options This plugin doesnt have an...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2013/05/09 10:0 a.m.28 views

CVE-2013-1223

The log viewer in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38372...

6.7AI score0.01482EPSS
Exploits0References1
NVD
NVD
added 2013/03/28 11:55 p.m.14 views

CVE-2012-5216

Cross-site request forgery CSRF vulnerability on HP ProCurve 1700-8 aka J9079A switches with software before VA.02.09 and 1700-24 aka J9080A switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.1AI score0.00968EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/03/17 12:0 a.m.30 views

Debian Security Advisory DSA 2650-2 (libvirt - files and device nodes ownership change to kvm group)

Bastian Blank discovered that libvirtd, a daemon for management of virtual machines, network and storage, would change ownership of devices files so they would be owned by user libvirt-qemu and group kvm , which is a general purpose group not specific to libvirt, allowing unintended write access ...

3.6CVSS6.5AI score0.00382EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/03/15 12:0 a.m.19 views

mnoGoSearch <= 3.3.12 Multiple Vulnerabilities - Active Check

mnoGoSearch is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01889EPSS
Exploits0References6
Rows per page
Query Builder