Lucene search
K

3729 matches found

Prion
Prion
added 2006/04/20 10:2 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormValprofile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability...

4.3CVSS6.2AI score0.01676EPSS
Exploits0References9Affected Software1
securityvulns
securityvulns
added 2006/03/23 12:0 a.m.44 views

KisMac MacOS sniffer buffer overflow

Buffer overflow on parsing SSID paramtere of Cisco vendor-specific tags...

4.9AI score
Exploits0References1Affected Software1
Prion
Prion
added 2006/03/22 2:2 a.m.19 views

Sql injection

Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the downloadid parameter in downloadclick.asp and 2 contentID parameter in news/NewsItem.asp; authenticated administrators can also conduct attacks via 3 userid...

7.5CVSS8.8AI score0.0427EPSS
Exploits1References21Affected Software1
Debian
Debian
added 2006/03/21 6:53 a.m.23 views

[SECURITY] [DSA 1011-1] New kernel-patch-vserver packages fix root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 1011-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...

7.5CVSS6.1AI score0.02094EPSS
Exploits0
Debian
Debian
added 2006/03/20 7:28 a.m.26 views

[SECURITY] [DSA 1009-1] New crossfire packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1009-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2006 http://www.debian.org/security/faq -...

7.5CVSS7.4AI score0.27396EPSS
Exploits4
Prion
Prion
added 2006/03/14 11:2 a.m.26 views

Design/Logic Flaw

Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how...

7.5CVSS5.8AI score0.01537EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2006/02/28 11:0 a.m.23 views

CVE-2006-0911

NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service CPU consumption via crafted requests to Login.asp, possibly involving the 1 "In" and 2 "b;tnLogIn" parameters, or 3 malformed btnLogIn parameters, possibly involving missing "" open bracket or...

6.8AI score0.15913EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2006/02/22 2:2 a.m.41 views

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

5CVSS5.9AI score0.01376EPSS
Exploits0References1
Prion
Prion
added 2006/02/18 2:2 a.m.17 views

Design/Logic Flaw

GUI display truncation vulnerability in ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...

5.1CVSS7.3AI score0.01159EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2006/02/13 11:0 a.m.29 views

CVE-2006-0658

Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the ConfigDeniedExtensionsFile, such as .php.txt...

6.9AI score0.06744EPSS
Exploits1References5
Debian
Debian
added 2006/02/13 5:53 a.m.19 views

[SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 968-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...

1.2CVSS0.3AI score0.00346EPSS
Exploits0
Debian
Debian
added 2006/01/20 2:35 p.m.27 views

[SECURITY] [DSA 948-1] New kdelibs packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 948-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20th, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.05999EPSS
Exploits0
Debian
Debian
added 2006/01/09 1:51 p.m.61 views

[SECURITY] [DSA 930-1] New smstools packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 930-1 [email protected] http://www.debian.org/security/ Steve Kemp Jan 9, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------...

4.6CVSS6.4AI score0.00456EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2005/12/31 5:0 a.m.32 views

CVE-2005-4789

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level...

2.1CVSS5.9AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2005/12/31 5:0 a.m.21 views

CVE-2005-2530

Unspecified vulnerability in Java 1.3.1 before 1.3.116 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions."...

10CVSS6.3AI score0.02461EPSS
Exploits0References7
securityvulns
securityvulns
added 2005/12/27 12:0 a.m.40 views

[Full-disclosure] [SECURITY] [DSA 928-1] New dhis-tools-dns packages fix insecure temporary file creation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 928-1 [email protected] http://www.debian.org/security/ Martin Schulze December 27th, 2005 http://www.debian.org/security/faq -...

2.1CVSS0.2AI score0.00362EPSS
Exploits0
Debian
Debian
added 2005/11/23 6:15 a.m.19 views

[SECURITY] [DSA 908-1] New sylpheed-claws packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 908-1 [email protected] http://www.debian.org/security/ Martin Schulze November 23rd, 2005 http://www.debian.org/security/faq -...

5.1CVSS0.3AI score0.03788EPSS
Exploits0
Debian
Debian
added 2005/11/21 11:11 a.m.23 views

[SECURITY] [DSA 903-1] New unzip packages fix unauthorised permissions modification

-------------------------------------------------------------------------- Debian Security Advisory DSA 903-1 [email protected] http://www.debian.org/security/ Martin Schulze November 21st, 2005 http://www.debian.org/security/faq -...

1.2CVSS5.8AI score0.00399EPSS
Exploits0
myhack58
myhack58
added 2005/11/09 12:0 a.m.13 views

Next injection infection-specific program-let the rookie broiler flocks-vulnerability warning-the black bar safety net

Online is often heard rookie yell: dear warrior, I how to own A your own chickens? Hey, also called the sad mournful cut, and to my listening heart strange sympathy, or I now give you side dishes a quick get-to-broiler method bar, and listen to Ranger know: as the saying goes, impatient to eat no...

Exploits0
Debian
Debian
added 2005/10/28 11:48 a.m.14 views

[SECURITY] [DSA 878-1] New netpbm-free packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 878-1 [email protected] http://www.debian.org/security/ Martin Schulze October 28th, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.04873EPSS
Exploits1
Rows per page
Query Builder