Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2026-1745)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1745 advisory. Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the...

CVE-2022-31065

BigBlueButton is an open source web conferencing system. In affected versions an attacker can embed malicious JS in their username and have it executed on the victim's client. When a user receives a private chat from the attacker whose username contains malicious JavaScript, the script gets...

EUVD-2006-2255

Malware in sbrugna...

CVE-2018-16604

An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by double quotes e.g., "$phpinfo"...

Linux Distros Unpatched Vulnerability : CVE-2024-28820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the extractopenvpncr function in openvpn-cr.c in openvpn-auth-ldap aka the Three Rings Auth-LDAP plugin for OpenVPN 2.0.4 allows attackers wi...

CVE-2025-25184 Possible Log Injection in Rack::CommonLogger

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...

FoT Video scripti 1.1b - oyun SQL Injection

FoT Video scripti 1.1b - oyun SQL Injection Author : By CrackersChild Contact: [email protected] Greetz : biyosecurity.com & milw0rm.com & tryag.cc & All My Friends Script : FoT Video scripti V1.1 Beta Exploit : For username you can read username on title...

Apartment Search Script - 'listtest.php' SQL Injection

$ Script : Apartment Search Script SQL Injection Vulnerability $ Script Info : http://www.yourfreeworld.com/script/apartment.asp $ Script Price : Only $79 $ Demo : http://www.downlinegoldmine.com/apartment/ $ Author : CrackersChild $ Contact : [email protected] $ Note : Erbabi ile vurulduysak...

CVE-2004-2724

LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service server crash and client CPU consumption via a username beginning with percent % followed by a null character...

Crob FTP Server 2.50.4 - Remote Username Format String

Crob FTP Server 2.50.4 - Remote Username Format String source: https://www.securityfocus.com/bid/7776/info A vulnerability has been reported for Crob FTP Server. The problem occurs due to invalid format specifiers used when displaying a user-supplied username. As a result, it may be possible for ...

Stunnel format bug

Macaroon Advisory Hi, ppl We have recently discovered a format bug in stunnel= 3.8 in which the log function calls directly the syslog with only two parameters: sysloglevel, text. It should be sysloglevel, "s", text. If a user can pass any string that is written to the log file, he can exploit th...

CVE-2000-0831

Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username...

CVE-1999-0904

Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username...

Byte Fusion BFTelnet 1.1 - Long Username Denial of Service

Byte Fusion BFTelnet 1.1 - Long Username Denial of Service source: https://www.securityfocus.com/bid/771/info BFTelnet, a telnet server for Windows NT by Byte Fusion, will crash if a user name of 3090 or more characters is supplied. telnet victim.com Login: 3090 charcter string...

CVE-1999-0224

Denial of service in Windows NT messenger service through a long username...

DUO-PSA-2015-003: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2015-003 Original Publication Date: 2015-08-06 Revision Date: 2015-08-10 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue which, under certain configurations, could have enabled attackers to bypass...