CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2010/12/08 12:19 a.m.•3 views

apr-util: high memory consumption in apr_brigade_split_line()

5CVSS6.2AI score0.28285EPSS

OSV•added 2010/10/04 9:0 p.m.•1 views

DEBIAN-CVE-2010-1623

5CVSS6.1AI score0.28285EPSS

Exploits0References1

Drupal•added 2010/05/19 12:0 a.m.•4 views

SA-CONTRIB-2010-052 - Multiple vulnerabilities in multiple contributed modules

Versions affected and proposed solutions Private Message versions for the 5.x versions of Drupal The Privatemsg also known as Private Message module enables messages to be sent internally on a site. The module is vulnerable to cross-site request forgeries CSRF via it's message delete form. This...

5.3AI score

Exploits0References25

exploitpack•added 2009/11/09 12:0 a.m.•34 views

Adobe Reader Acrobat - .U3D File Invalid Array Index Overflow

Adobe Reader Acrobat - .U3D File Invalid Array Index Overflow Felipe Andres Manzano [email protected] http://twitter/feliam doc=''' Title: U3D CLODProgressiveMeshContinuation Split Position Index arbitrary dereference. Product: Adobe Acrobat Reader Version: =8.1.6, =9.1.3 Product...

0.7AI score

Packet Storm•added 2009/06/11 12:0 a.m.•38 views

ModSecurity 2.5.9 Filter Bypass

======================================================================== ModSecurity Core Rules HPP Filter Bypass Vulnerability ======================================================================== Affected Software : ModSecurity = 2.5.9 using ModSecurity Core Rules = 2.5-1.6.1 Author :...

7.4AI score

Prion•added 2009/03/26 10:12 a.m.•30 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should reference CVE-2008-2360, CVE-2008-2361, and...

6.4AI score0.02076EPSS

Exploits1

OpenVAS•added 2009/03/07 12:0 a.m.•22 views

Fedora Core 10 FEDORA-2009-2231 (mediawiki)

The remote host is missing an update to mediawiki announced via advisory FEDORA-2009-2231. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

5.8CVSS6.3AI score0.00526EPSS

Exploits0References2

OpenVAS•added 2009/03/07 12:0 a.m.•24 views

Fedora Core 9 FEDORA-2009-2237 (mediawiki)

The remote host is missing an update to mediawiki announced via advisory FEDORA-2009-2237. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

5.8CVSS6.3AI score0.00526EPSS

Exploits0References2

Tenable Nessus•added 2009/03/03 12:0 a.m.•22 views

Fedora 9 : mediawiki-1.14.0-45.fc9 (2009-2237)

This update fixes the XSS vulnerabilities in 1.13.3 and splits the package into a non-math and a full package to allow for smaller installs where embedded math is not required. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

2.6CVSS5.4AI score0.00526EPSS

Exploits0References3

myhack58•added 2009/02/09 12:0 a.m.•30 views

Use the split function perfectly free to kill the marine to the top such as asp Trojan-vulnerability warning-the black bar safety net

We all know the“marine top”of the asp Trojan is very famous. But in fact really use it, but not much. The main reason is because it is too well known to be mollusc stare very tight, the feature code also many, so doingfree killis very difficult. A few days ago, in the Black anti-of on see hack214...

7.3AI score

Tenable Nessus•added 2008/05/22 12:0 a.m.•22 views

RHEL 5 : setroubleshoot (RHSA-2008:0061)

Updated setroubleshoot packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The setroubleshoot packages provide tools to help diagnose SELinux...

4.4CVSS5.9AI score0.00069EPSS

Exploits0References5

securityvulns•added 2008/01/17 12:0 a.m.•66 views

8e6 Technologies R3000 Internet Filter Bypass by Request Split

8e6 Technologies R3000 Internet Filter Bypass by Request Split Product: 8e6 Technologies R3000 Internet Filter http://www.8e6.com/network-security/internet-filtering/internet-filtering.html The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter can be bypassed by...

0.1AI score

ATTACKERKB•added 2007/11/08 8:46 p.m.•4 views

CVE-2006-7224

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All CVE users should consult CVE-2006-7227,...

6.8CVSS5.8AI score0.02318EPSS

Exploits0References1

RedHat Linux•added 2007/10/25 5:33 p.m.•2 views

php chunk_split integer overflow

Multiple integer overflows in the chunksplit function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service crash or execute arbitrary code via the 1 chunks, 2 srclen, and 3 chunklen arguments...

RedHat Linux•added 2007/10/23 3:56 p.m.•3 views

No title provided

The chunksplit function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is...

7.5CVSS6.1AI score0.25241EPSS

Exploits1References3

RedHat Linux•added 2007/10/23 3:54 p.m.•3 views

php chunk_split integer overflow

RedHat Linux•added 2007/09/26 8:34 a.m.•4 views

php chunk_split integer overflow

RedHat Linux•added 2007/09/20 1:10 p.m.•6 views

php chunk_split integer overflow