Lucene search
K

179 matches found

Fedora
Fedora
added 2014/12/03 1:0 a.m.25 views

[SECURITY] Fedora 20 Update: lsyncd-2.1.4-4.fc20.1

Lsyncd watches a local directory trees event monitor interface inotify. It aggregates and combines events for a few seconds and then spawns one or more processes to synchronize the changes. By default this is rsync. Lsyncd is thus a light-weight live mirror solution that is comparatively easy to...

7.5CVSS1.5AI score0.05236EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2011/12/22 8:55 p.m.31 views

CVE-2011-4634

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...

4.3CVSS7.3AI score0.0221EPSS
Exploits1References2
OSV
OSV
added 2011/12/22 8:55 p.m.1 views

DEBIAN-CVE-2011-4634

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...

4.3CVSS8.6AI score0.0221EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2011/12/20 12:0 a.m.67 views

phpMyAdmin 3.3.x / 3.4.x < 3.3.10.2 / 3.4.3.1 Multiple Vulnerabilities (PMASA-2011-5 - PMASA-2011-8)

The remote host contains a version of phpMyAdmin - 3.3.x less than 3.3.10.2 or 3.4.x less than 3.4.3.1 - that is affected by multiple vulnerabilities : - An error in the file 'libraries/auth/swekey/swekey.auth.lib.php' allows an attacker to modify the 'SESSION' superglobal array. CVE-2011-2505 - ...

7.5CVSS6.6AI score0.12879EPSS
Exploits18References9
FreeBSD
FreeBSD
added 2011/11/24 12:0 a.m.29 views

phpMyAdmin -- Multiple XSS

The phpMyAdmin development team reports: Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the vie...

4.3CVSS6.3AI score0.0221EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2011/11/14 12:0 a.m.32 views

Fedora 16 : phpMyAdmin-3.4.7-1.fc16 (2011-15460)

"Changes for 3.4.7.0 2011-10-23 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Fedora Security Advisory 2011-15460. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid56797;...

5CVSS5.2AI score0.02008EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2011/07/18 12:0 a.m.13 views

Fedora 15 : phpMyAdmin-3.4.3.1-1.fc15 (2011-9132)

Changes for 3.4.3.1 2011-06-07 - PMASA-2011-5 Possible session manipulation in Swekey authentication http://www.phpmyadmin.net/homepage/security/PMASA-2011 -5.php - PMASA-2011-6 Possible code injection in setup script in case session variables are compromised...

5.5AI score
Exploits0References6
NVD
NVD
added 2011/07/14 11:55 p.m.23 views

CVE-2011-2507

libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...

6.5CVSS6.7AI score0.02974EPSS
Exploits5References20
Prion
Prion
added 2011/07/14 11:55 p.m.25 views

Code injection

libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...

6.5CVSS7.2AI score0.02974EPSS
Exploits5References20Affected Software1
UbuntuCve
UbuntuCve
added 2011/07/14 11:55 p.m.28 views

CVE-2011-2507

libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...

6.5CVSS5.9AI score0.02974EPSS
Exploits5References1
CVE
CVE
added 2011/07/14 11:0 p.m.79 views

CVE-2011-2507

CVE-2011-2507 affects phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1. The vulnerability stems from improper quoting of regular expressions in libraries/server_synchronize.lib.php, allowing a remote authenticated user to inject a PCRE_EVAL modifier via a modified SESSION array and execute...

6.5CVSS6.3AI score0.02974EPSS
Exploits5References20Affected Software1
Cvelist
Cvelist
added 2011/07/14 11:0 p.m.33 views

CVE-2011-2507

libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...

6.4AI score0.02974EPSS
Exploits5References20
Debian CVE
Debian CVE
added 2011/07/14 11:0 p.m.42 views

CVE-2011-2507

libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...

6.5CVSS6.7AI score0.02974EPSS
Exploits5
phpMyAdmin
phpMyAdmin
added 2011/07/02 12:0 a.m.54 views

Regular expression quoting issue in Synchronize code.

PMASA-2011-7 Announcement-ID: PMASA-2011-7 Date: 2011-07-02 Updated: 2011-07-04 Summary Regular expression quoting issue in Synchronize code. Description Through a possible bug in PHP, a null byte can truncate the pattern string allowing an attacker to inject the /e modifier causing the pregrepla...

6.5CVSS5.9AI score0.02974EPSS
Exploits5Affected Software1
RedHat Linux
RedHat Linux
added 2009/04/22 1:40 a.m.5 views

Firefox 3 Layout engine crashes

The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to 1 nsAsyncInstantiateEvent::Run, 2...

5CVSS7.4AI score0.029EPSS
Exploits1References4
Prion
Prion
added 2007/10/01 5:17 a.m.16 views

Buffer overflow

Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service application crash or system crash and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing...

4.3CVSS8.9AI score0.16503EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/10/01 12:0 a.m.19 views

CVE-2007-5144

Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service application crash or system crash and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing...

8.1AI score0.16503EPSS
Exploits0References3
NVD
NVD
added 2007/08/18 9:17 p.m.20 views

CVE-2007-4410

ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops...

6CVSS6.2AI score0.01087EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 1997/11/01 12:0 a.m.4 views

PT-1997-1097 · Linux · Linux

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue allows for a denial of service of inetd on Linux systems through the use of SYN and RST packets. Recommendations: At the moment, there is no information about a newer version that...

5CVSS6.4AI score0.02572EPSS
Exploits0References2
Rows per page
Query Builder