Lucene search
K

60 matches found

RedHat Linux
RedHat Linux
added 2016/09/12 7:54 p.m.13 views

libarchive: Undefined behavior / invalid shiftleft in TAR parser

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS5.7AI score0.02214EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/09/08 1:9 p.m.10 views

subversion: svn_repos_trace_node_locations() reveals paths hidden by authz

It was found that when an SVN server both svnserve and httpd with the moddavsvn module searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable for example, if it had been moved...

4CVSS7.3AI score0.06464EPSS
Exploits0References5
myhack58
myhack58
added 2015/04/23 12:0 a.m.276 views

IP. Board <= 3.4.7 SQL Injection analysis-vulnerability warning-the black bar safety net

IPB stands for Invision Power Board is a PHP Development Forum program, foreign used more widely. In its 3. 4. 7 version and the previous presence of a SQL injection vulnerability, this article to its analysis. poc link http://seclists.org/fulldisclosure/2014/Nov/20 !/ usr/bin/env python Sunday,...

8.3AI score
Exploits0
CNVD
CNVD
added 2015/03/23 12:0 a.m.4 views

X.Org libXfont bitmap/bdfread.c Null Pointer Reference Denial of Service Vulnerability

X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation and is open source free software. libXfont is an X font handling library for servers and utilities. A security vulnerability in the 'bdfReadCharacters' function in the bitmap/bdfread.c file in...

8.5CVSS7.6AI score0.04864EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/02/10 12:0 a.m.48 views

MS15-014: Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361)

The version of Windows running on the remote host is affected by a security downgrade vulnerability that affects workstations and servers configured to use Group Policy. A man-in-the-middle attacker, via modified domain controller responses sent to targeted systems, can cause the policy file to...

3.3CVSS5.5AI score0.08074EPSS
Exploits4References2
Hacker One
Hacker One
added 2015/02/06 10:47 p.m.28 views

HackerOne: Markdown code block sequence makes report unreadable

Proof of Concept Submitting a report/comment with an input like the following "Three backticks followed by a newline followed by -ddd/d" will cause the report to be unreadable I think it's because the parser is crashing? The attached file includes the input that I'm trying with difficulty to...

2AI score
Exploits0
Hacker One
Hacker One
added 2014/04/01 12:36 a.m.18 views

MS-DOS: CRITICAL BUG!

CRITICAL BUG! If you type in color followed by a space and 2 numbers it can potentially render the screen unreadable! So far, my extensive testing has led me to find that certain letters work as well, though without a real pattern I'm not sure which ones. So far I know the letters "AF" will rende...

1.3AI score
Exploits0
Prion
Prion
added 2013/03/26 9:55 p.m.17 views

Design/Logic Flaw

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to 1 write to a read-only share; 2 trigger...

4CVSS6.7AI score0.02981EPSS
Exploits0References7Affected Software3
UbuntuCve
UbuntuCve
added 2013/03/26 12:0 a.m.21 views

CVE-2013-0454

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to 1 write to a read-only share; 2 trigger...

4CVSS7.2AI score0.02981EPSS
Exploits0References6
OSV
OSV
added 2012/07/22 4:55 p.m.4 views

UBUNTU-CVE-2012-3357

The SVN revision view lib/vclib/svn/svnrepos.py in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain sensitive information, related to a "log msg leak."...

5CVSS5.8AI score0.01884EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/06/10 12:0 a.m.23 views

Debian DSA-2251-1 : subversion - several vulnerabilities

Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1752 The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. ...

5CVSS7.7AI score0.08483EPSS
Exploits2References8
0day.today
0day.today
added 2010/05/02 12:0 a.m.20 views

Acritum Femitter Server v1.03 Multiple Vulnerabilities

Exploit for windows platform in category remote exploits ====================================================== Acritum Femitter Server v1.03 Multiple Vulnerabilities ====================================================== --= Tested on: XP sp 2 Acritum Femitter Server v1.03 is a HTTP and FTP Serv...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2010/04/30 12:0 a.m.36 views

Mandriva Update for gdm MDVA-2010:133 (gdm)

Check for the Version of gdm OpenVAS Vulnerability Test Mandriva Update for gdm MDVA-2010:133 gdm Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.5CVSS0.43382EPSS
Exploits7References2
RedHat Linux
RedHat Linux
added 2007/06/25 5:50 p.m.9 views

core-dumping unreadable binaries via PT_INTERP

Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter PTINTERP functionality and triggering a core dump, a variant of CVE-2004-1073...

2.1CVSS5.8AI score0.00394EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/03/14 5:22 a.m.4 views

core-dumping unreadable binaries via PT_INTERP

Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter PTINTERP functionality and triggering a core dump, a variant of CVE-2004-1073...

2.1CVSS5.8AI score0.00394EPSS
Exploits0References4
NVD
NVD
added 2007/02/15 6:28 p.m.22 views

CVE-2007-0958

Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter PTINTERP functionality and triggering a core dump, a variant of CVE-2004-1073...

2.1CVSS7AI score0.00394EPSS
Exploits0References20
Cvelist
Cvelist
added 2007/02/15 6:0 p.m.27 views

CVE-2007-0958

Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter PTINTERP functionality and triggering a core dump, a variant of CVE-2004-1073...

7AI score0.00394EPSS
Exploits0References20
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.31 views

Subversion Module unreadeable path information disclosure

You are running a version of Subversion which is older than 1.0.8 or 1.1.0-rc4. A flaw exist in older version, in the apache module modauthzsvn, which fails to properly restrict access to metadata within unreadable paths. An attacker can read metadata in unreadable paths, which can contain...

5CVSS6.2AI score0.01457EPSS
Exploits0
OSV
OSV
added 2004/12/23 5:0 a.m.3 views

DEBIAN-CVE-2004-0749

The modauthzsvn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via 1 svn log -v, 2 svn propget, or 3 svn blame, and other commands that follow renames...

5CVSS7.1AI score0.01457EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.4 views

Security update 1970-01-01

...

5.3AI score
Exploits0
Rows per page
Query Builder