Lucene search
K

8056 matches found

Tenable Nessus
Tenable Nessus
added 2010/12/15 12:0 a.m.18 views

MS10-100: Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)

The Consent User Interface UI component of the remote Windows host does not properly process a registry key that has been set to a specific value. An attacker who can log on locally to the affected system and has the 'Impersonate a client after authentication' user right SeImpersonatePrivilege ca...

7.2CVSS5.8AI score0.0153EPSS
Exploits0References2
securityvulns
securityvulns
added 2010/12/15 12:0 a.m.98 views

Microsoft Windows multiple security vulnerabilities

OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...

9.3CVSS4.1AI score0.30356EPSS
Exploits16References1Affected Software1
OpenVAS
OpenVAS
added 2010/12/15 12:0 a.m.30 views

Consent User Interface Privilege Escalation Vulnerability (2442962)

This host is missing a critical security update according to Microsoft Bulletin MS10-100. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS5.1AI score0.0153EPSS
Exploits0References3
Symantec
Symantec
added 2010/12/14 12:0 a.m.19 views

Microsoft Windows Consent User Interface Registry Key Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in Consent User Interface. An attacker can exploit this issue to execute arbitrary code with 'LocalSystem' privileges. Successful exploits will result in the complete compromise of affected computers...

Exploits0References1Affected Software7
OSV
OSV
added 2010/11/07 10:0 p.m.1 views

UBUNTU-CVE-2010-4208

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf...

4.3CVSS5.9AI score0.04427EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2010/08/23 12:0 a.m.37 views

Joomla Biblioteca 1.0 Beta SQL Injection

Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities Name Biblioteca Vendor http://www.cielostellato.info Versions Affected 1.0 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-08-21 X. IND...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2010/08/21 12:0 a.m.26 views

Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections

Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities Name Biblioteca Vendor http://www.cielostellato.info Versions Affected 1.0 Beta Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net...

0.4AI score
Exploits0
0day.today
0day.today
added 2010/08/11 12:0 a.m.31 views

Onpub web content management Multiple Vulnerabilty

Exploit for php platform in category web applications ================================================== Onpub web content management Multiple Vulnerabilty ================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/07/21 1:33 a.m.7 views

Mozilla nsTreeSelection dangling pointer remote code execution vulnerability

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-fre...

9.3CVSS7.8AI score0.06672EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2010/07/12 2:5 p.m.16 views

Pulling Back the Curtain on Rogue AV Tech Support

We’ve blogged a few times about rogue AV, explaining how search engines have been abused using Black Hat Search Engine Optimization techniques to redirect web surfers to rogue AV websites. Recently, we’ve noticed that the rogue AVs being spread are all equipped with an “Online Support” button. Se...

7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/07/12 12:0 a.m.21 views

Fedora Update for gv FEDORA-2010-10642

Check for the Version of gv OpenVAS Vulnerability Test Fedora Update for gv FEDORA-2010-10642 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

7.2CVSS9.6AI score0.00505EPSS
Exploits1References2
Cvelist
Cvelist
added 2010/06/22 8:24 p.m.26 views

CVE-2010-1757

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document...

7.5AI score0.03637EPSS
Exploits0References10
0day.today
0day.today
added 2010/06/12 12:0 a.m.16 views

CMS control panel v2.0 Edit File Vulnerability

Exploit for php platform in category web applications ============================================== CMS control panel v2.0 Edit File Vulnerability ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/09 12:0 a.m.33 views

iRealty PHP Real Estate Script SQL Injection

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: iRealty PHP Real Estate Script PHP Script SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.worksforweb.com Greetz to:Sid3^effects, MaYur, M4n0j and to all ICW members DESCRIPTION: iRealty Real Estate Script is a...

0.6AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2010/06/02 12:0 a.m.22 views

Newt: User-assisted execution of arbitrary code

Background Newt is a library for displaying text mode user interfaces. Description Miroslav Lichvar reported that Newt is prone to a heap-based buffer overflow in textbox.c. Impact A remote attacker could entice a user to enter a specially crafted string into a text dialog box rendered by Newt,...

4.6CVSS7.4AI score0.00497EPSS
Exploits0
NVD
NVD
added 2010/05/19 10:30 p.m.16 views

CVE-2010-1985

Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.8AI score0.01223EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2010/05/12 12:0 a.m.20 views

Solaris 9 (sparc) : 144323-01

SunOS 5.9: Resource Management User Interface Patch. Date this patch was last updated by Sun : May/03/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc...

7AI score
Exploits0References1
Prion
Prion
added 2010/04/14 5:30 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 allows remote attackers to affect integrity via unknown vectors...

4.3CVSS6.5AI score0.02083EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2010/03/17 1:4 p.m.5 views

firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

5CVSS7.4AI score0.01689EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/03/17 12:38 p.m.3 views

firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

5CVSS7.4AI score0.01689EPSS
Exploits1References4
Rows per page
Query Builder