Lucene search
K

242 matches found

ThreatPost
ThreatPost
added 2012/05/24 11:45 a.m.9 views

Yahoo Includes Private Key in Source File For Axis Chrome Extension

Yahoo on Wednesday launched a new browser called Axis and researchers immediately discovered that the company had mistakenly included its private signing key in the source file, a serious error that would allow an attacker to create a malicious, signed extension for a browser that the browser wil...

0.4AI score
Exploits0References3
myhack58
myhack58
added 2011/12/01 12:0 a.m.12 views

Discuz x2 source/function/function_connect.php leakage of the server's physical path-vulnerability warning-the black bar safety net

Affected version: Discuz x2 vulnerability description: source/function/functionconnect.php The file header is not added: if! defined‘INDISCUZ’ exit‘Access Denied’; And at the head of the pack The letter the other file: requireonce libfile‘function/cloud’; reference...

0.8AI score
Exploits0
OSV
OSV
added 2010/11/09 9:0 p.m.1 views

DEBIAN-CVE-2010-4221

Multiple stack-based buffer overflows in the prnetiotelnetgets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a 1 FTP or 2 FTPS server...

10CVSS8.1AI score0.91303EPSS
Exploits10References1
Tenable Nessus
Tenable Nessus
added 2009/06/02 12:0 a.m.37 views

IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities

IBM WebSphere Application Server 6.0.2 before Fix Pack 35 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - A login using the LPTAToken cookie may result in extending LTPAToken expiration...

10CVSS5.4AI score0.04254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2008/06/30 3:33 p.m.4 views

openmotif libUil buffer overflows

Multiple buffer overflows in libUil libUil.so in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the 1 diagissuediagnostic function in UilDiags.c and 2 opensourcefile function in UilSrcSrc.c...

7.5CVSS6.3AI score0.04591EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/01/08 11:46 a.m.30 views

CVE-2007-6672

Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' slash characters in the URI...

5CVSS7.1AI score0.03832EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/01/08 11:0 a.m.29 views

CVE-2007-6672

Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' slash characters in the URI...

7.8AI score0.03832EPSS
Exploits0References9
Cvelist
Cvelist
added 2007/05/09 10:0 p.m.28 views

CVE-2005-4836

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information...

7.4AI score0.03503EPSS
Exploits0References5
myhack58
myhack58
added 2007/05/09 12:0 a.m.22 views

Attack BI chat the 1 4 method-vulnerability warning-the black bar safety net

Summary of attack blue chat 1 4 ways 1. How in the blue sea Silver sand sitechat roomwith the hair background of the word? ^O^believe it is everyone's interest!!! First look at the example:we are the super invincible curse of the Legion we have the strongest technical The method is as follows:...

6.5AI score
Exploits0
OSV
OSV
added 2007/01/29 5:28 p.m.4 views

DEBIAN-CVE-2007-0539

The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...

7.8CVSS6.8AI score0.03384EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2006/10/31 12:0 a.m.25 views

Thepeak-v1.3.txt

Thepeak File Upload v1.3 : Read file vulneability Discovered By: Phạm Đức Hải Pham Duc Hai Email: duchaikhtn at gmail dot com YIM : kikicoco1985vn Website: http://blog.ajaxviet.com ------------------------- Description: file upload manager 1.3 written by thepeak adam medici copyright c 2003 thepe...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/12/02 12:0 a.m.23 views

[Full-disclosure] [xfocus-SD-051202]openMotif libUil Multiple vulnerability

Title: xfocus-SD-051202openMotif-libUil-Multiplevulnerability Affected version : openmotif 2.2.3not got 2.2.4,so not test in openmotif 2.2.4 Product: http://www.motifzone.net/ xfocus http://www.xfocus.org have discovered multiple vulnerability in openmotif libUil library. details following: 1:...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.27 views

Oracle 9iAS Jsp Source File Reading

In a default installation of Oracle 9iAS it is possible to read the source of JSP files. When a JSP is requested it is compiled 'on the fly' and the resulting HTML page is returned to the user. Oracle 9iAS uses a folder to hold the intermediate files during compilation. These files are created in...

5CVSS9AI score0.07035EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.30 views

Oracle 9i Application Server Jsp Source File Reading Information Disclosure Vulnerability - Active Check

In a default installation of Oracle 9i Application Server AS it is possible to read the source of JSP files. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5CVSS5.3AI score0.05651EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2005/05/18 1:10 a.m.52 views

USN-128-1: nasm vulnerability

Josh Bressers discovered a buffer overflow in the ieeeputascii function of nasm. If an attacker tricked a user into assembling a malicious source file, they could exploit this to execute arbitrary code with the privileges of the user that runs nasm...

4.6CVSS5.8AI score0.00507EPSS
Exploits0
OSV
OSV
added 2005/05/02 4:0 a.m.8 views

CVE-2005-0837

IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . dot...

6.9AI score0.0245EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2005/02/12 12:0 a.m.32 views

lighttpd -- script source disclosure vulnerability

The lighttpd website reports: In lighttpd 1.3.7 and below it is possible to fetch the source files which should be handled by CGI or FastCGI applications. The vulnerability is in the handling of urlencoded trailing NUL bytes. Installations that do not use CGI or FastCGI are not affected...

5CVSS6.4AI score0.01716EPSS
Exploits0References3
OSV
OSV
added 2005/01/10 5:0 a.m.6 views

DEBIAN-CVE-2004-1297

Buffer overflow in the processfonttable function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file...

10CVSS8.2AI score0.05954EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2003/06/24 12:0 a.m.24 views

Tripbit Secure Code Analizer 1.0 - &#039;fgets()&#039; Local Buffer Overrun

// source: https://www.securityfocus.com/bid/8028/info A buffer overrun has been discovered in Tripbit Secure Code Analizer when reading data from source files. The problem occurs due to an insecure use of the fgets function. This vulnerability could be triggered by a malicious source file...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/11/25 12:0 a.m.49 views

MondoSearch MsmMask.exe Arbitrary Script Source Disclosure

The msmmask.exe CGI is installed. Some versions allow an attacker to read the source of any file in your web server's directories by using the 'mask' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Affected: MondoSearch 4.4.5147 and below. MondoSearch 4.4.5156 and above are NOT...

5CVSS5.4AI score0.02342EPSS
Exploits1References1
Rows per page
Query Builder