Lucene search
K

159 matches found

Zero Day Initiative
Zero Day Initiative
added 2012/08/17 12:0 a.m.19 views

EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsi...

10CVSS5.3AI score0.04754EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2010/08/13 12:0 a.m.21 views

SoftX FTP Client 3.3 Directory Traversal

Vulnerability ID: HTB22541 Reference: http://www.htbridge.ch/advisory/directorytraversalinsoftxftpclient.html Product: SoftX FTP Client Vendor: SoftX.Org http://www.softx.org/ftp.html Vulnerable Version: 3.3 for windows and Probably Prior Versions Vendor Notification: 27 July 2010 Vulnerability...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/08/05 12:0 a.m.29 views

Directory Traversal Vulnerability in TurboFTP 6 Client

Vulnerability ID: HTB22509 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinturboftp6client.html Product: TurboFTP 6 Client Vendor: TurboSoft, Inc http://www.turboftp.com/ Vulnerable Version: 6.30.806 32 and 64 bit and Probably Prior Versions Vendor Notification: 19 Jul...

1.2AI score
Exploits0
seebug.org
seebug.org
added 2009/09/23 12:0 a.m.68 views

PHP 5.2.11版本修复多个安全漏洞

BUGTRAQ ID: 36449 CVE ID: CVE-2009-3291,CVE-2009-3292,CVE-2009-3293,CVE-2009-3294 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的5.2.11之前版本的多个函数中存在安全漏洞,可能允许远程攻击者导致拒绝服务或完全入侵用户系统。 1 PHP的phpopensslapplyverificationpolicy函数没有正确的执行证书验证,可能允许攻击者通过伪造的证书执行欺骗攻击。 2 imagecolortransparent函数没有正确的对颜色索引执行过滤检查。 3...

7.5CVSS7.6AI score0.0291EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.12 views

FreeBSD : GNU libtool insecure temporary file handling (cacaffbc-5e64-11d8-80e3-0020ed76ef5a)

libtool attempts to create a temporary directory in which to write scratch files needed during processing. A malicious user may create a symlink and then manipulate the directory so as to write to files to which she normally has no permissions. This has been reported as a symlink vulnerability'',...

5.5AI score
Exploits0References3
Exploit DB
Exploit DB
added 2008/01/28 12:0 a.m.55 views

Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password)

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / exploit change system password / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 25, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/07/05 12:0 a.m.47 views

[Full-disclosure] Advisory 06/2005: Geeklog SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Geeklog SQL Injection Vulnerability Release Date: 2005/07/05 Last Modified: 2005/07/05 Author: Stefan Esser [email protected] Application: Geeklog = 1.3.11 Severity: An...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2005/04/17 12:0 a.m.37 views

PHPNukeXSS2.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PhpNuke 7.6=x Multiple vulnerabilities cXIb8O3.12 Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.3.2005 from securityreason.com TEAM - --- 0. For --- This adv. is only for John Poul II, Polish Pope. Peace! - --- 1.Description --- PHP-Nuke is a Web...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/04/17 12:0 a.m.36 views

PHPNuke76dl.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13 Author: Maksymilian Arciemowicz cXIb8O3 Date: 5.4.2005 from securityreason.com TEAM - --- 0.Description --- PHP-Nuke is a Web Portal System, storytelling software, news system, online...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/04/05 12:0 a.m.27 views

[SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PhpNuke 7.6=x Multiple vulnerabilities cXIb8O3.12 Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.3.2005 from securityreason.com TEAM - --- 0. For --- This adv. is only for John Poul II, Polish Pope. Peace! - --- 1.Description --- PHP-Nuke is a Web...

6.6AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-2125

Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value...

4.6CVSS7AI score0.0042EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2004/07/13 12:0 a.m.15 views

mozilla -- insecure permissions for some downloaded files

In a Mozilla bug report, Daniel Kleinsinger writes: I was comparing treatment of attachments opened directly from emails on different platforms. I discovered that Linux builds save attachments in /tmp with world readable rights. This doesn't seem like a good thing. Couldn't someone else logged on...

1.5AI score
Exploits0References2
exploitpack
exploitpack
added 2004/02/25 12:0 a.m.9 views

MTools 3.9.x - MFormat Local Privilege Escalation

MTools 3.9.x - MFormat Local Privilege Escalation source: https://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any...

0.1AI score
Exploits0
FreeBSD
FreeBSD
added 2004/01/30 12:0 a.m.12 views

GNU libtool insecure temporary file handling

libtool attempts to create a temporary directory in which to write scratch files needed during processing. A malicious user may create a symlink and then manipulate the directory so as to write to files to which she normally has no permissions. This has been reported as a symlink vulnerability'',...

7.5AI score
Exploits0References2
NVD
NVD
added 2002/10/11 4:0 a.m.27 views

CVE-2002-1139

The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target...

5CVSS6.4AI score0.04231EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/08/23 12:0 a.m.52 views

Security Bulletin MS02-044 : Unsafe Functions in Office Web Components (Q328130)

---------------------------------------------------------------------- Title: Unsafe Functions in Office Web Components Q328130 Date: 21 August 2002 Software: Office Web Components, Office, BackOffice Server, BizTalk Server, Commerce Server, ISA Server, Money, Microsoft Project, Microsoft Project...

Exploits0
securityvulns
securityvulns
added 2001/10/11 12:0 a.m.40 views

Security Bulletin MS01-051

---------------------------------------------------------------------- Title: Malformed Dotless IP Address Can Cause Web Page to be Handled in Intranet Zone Date: 10 October 2001 Software: Internet Explorer Impact: Three vulnerabilities: - Cause web page to render a web page using inappropriate...

0.6AI score
Exploits0
NVD
NVD
added 1999/12/12 5:0 a.m.21 views

CVE-1999-1009

The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system...

2.6CVSS6.5AI score0.01458EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.23 views

Security Update for Windows 7 for x64-based Systems (KB2690533)

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

2.4AI score
Exploits0
Rows per page
Query Builder