Lucene search
K

1285 matches found

Debian CVE
Debian CVE
added 2012/07/31 5:0 p.m.36 views

CVE-2012-3442

The 1 django.http.HttpResponseRedirect and 2 django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting XSS attacks via a data: URL...

4.3CVSS5.4AI score0.02072EPSS
Exploits1
Cvelist
Cvelist
added 2012/06/20 8:0 p.m.30 views

CVE-2012-2493

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows...

7.4AI score0.03885EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2012/06/12 12:0 a.m.58 views

kernel security update

kernel: 2.6.18-308.8.2.el5 - xen x8664: check address on trap handlers or guest callbacks Paolo Bonzini 813430 813431 CVE-2012-0217 - xen x8664: Do not execute sysret with a non-canonical return address Paolo Bonzini 813430 813431 CVE-2012-0217 - xen x86: prevent hv boot on AMD CPUs with Erratum...

7.2CVSS1AI score0.37212EPSS
Exploits6
0day.today
0day.today
added 2012/03/25 12:0 a.m.20 views

Form Builder CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: Form Builder CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/form-builder/21967/ Category:: webapps Demo : http://phpscriptz.net/guestbookdemo/cp/login.php Greetz: Inj3ct0r Exploit DataBase...

7.1AI score
Exploits0
Oracle linux
Oracle linux
added 2012/03/01 12:0 a.m.60 views

xorg-x11-server security and bug fix update

1.1.1-48.90.0.1.el5 - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file 1.1.1-48.90 - cve-2011-4028.patch: File existence disclosure vulnerability. 1.1.1-48.88 - cve-2011-4818.patch: Multiple input sanitization flaws in Render and GLX -...

7.1CVSS1.1AI score0.05351EPSS
Exploits2
xssed
xssed
added 2012/02/18 12:0 a.m.11 views

Unfixed Frame Redirect vulnerability at www.universinet.it

Security researcher r14nul, has submitted on 18/02/2012 a Frame Redirect vulnerability affecting www.universinet.it, which at the time of submission ranked 335584 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/08/2012. It is currently...

7.1AI score
Exploits0References1
OSV
OSV
added 2011/09/24 12:55 a.m.8 views

UBUNTU-CVE-2011-3825

Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files...

5CVSS5.8AI score0.01264EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/06/21 11:44 p.m.4 views

kernel: fs/partitions: Validate map_count in Mac partition tables

Buffer overflow in the macpartition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service panic or possibly have unspecified other impact via a malformed Mac OS partition table...

4.9CVSS6.2AI score0.00534EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2011/06/15 12:0 a.m.25 views

MyBloggie 2.1.6 - HTML Injection / SQL Injection

source: https://www.securityfocus.com/bid/48317/info myBloggie is prone to a SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data,...

7.4AI score
Exploits0
Oracle linux
Oracle linux
added 2011/05/31 12:0 a.m.31 views

gimp security update

2.0.5-7.0.7.el4.1 - unfuzz validate-size-values patch - don't use Prereq - fix various overflows 537356, 689831, 703403, 703407, 704512...

9.3CVSS3AI score0.16273EPSS
Exploits2
The Hacker News
The Hacker News
added 2011/05/25 7:5 a.m.11 views

Hashbot - Forensic web tool to acquire and validate the web pages !

What is hashbot? Hashbot is a forensic web tool to acquire and validate, over time, the status of an individual web page or web document. Feature : Acquire Follow these steps to acquire a web document: 1. Insert the document's URL ie: https://www.evilwebpage.com/image.jpg or...

6.9AI score
Exploits0
xssed
xssed
added 2011/05/13 12:0 a.m.9 views

Unfixed XSS vulnerability at www.itembank.co.kr

Security researcher d3vbit3, has submitted on 13/05/2011 a cross-site-scripting XSS vulnerability affecting www.itembank.co.kr, which at the time of submission ranked 2649417 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...

6.6AI score
Exploits0References1
xssed
xssed
added 2011/03/14 12:0 a.m.20 views

Unfixed XSS vulnerability at www.pikeplacemarket.org

Security researcher P0W3RFU7, has submitted on 14/03/2011 a cross-site-scripting XSS vulnerability affecting www.pikeplacemarket.org, which at the time of submission ranked 542873 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011. It i...

6.6AI score
Exploits0References1
xssed
xssed
added 2011/02/14 12:0 a.m.27 views

Unfixed XSS vulnerability at liberdadenautica.com.br

Security researcher Jinny, has submitted on 14/02/2011 a cross-site-scripting XSS vulnerability affecting liberdadenautica.com.br, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/01/2012. It is...

Exploits0References1
xssed
xssed
added 2011/01/06 12:0 a.m.10 views

Unfixed Redirect vulnerability at sossigns.com

Security researcher SeeMe, has submitted on 01/06/2011 a Redirect vulnerability affecting sossigns.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. It is currently unfixed. If you believe...

Exploits0References1
xssed
xssed
added 2010/07/23 12:0 a.m.11 views

Unfixed XSS vulnerability at www.alwaysangels.com

Security researcher Sony, has submitted on 23/07/2010 a cross-site-scripting XSS vulnerability affecting www.alwaysangels.com, which at the time of submission ranked 12096354 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 14/11/2010. It is...

Exploits0References1
OpenVAS
OpenVAS
added 2010/05/17 12:0 a.m.24 views

Fedora Update for mod_auth_shadow FEDORA-2010-6359

Check for the Version of modauthshadow OpenVAS Vulnerability Test Fedora Update for modauthshadow FEDORA-2010-6359 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6.8CVSS6.4AI score0.03766EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/05/17 12:0 a.m.18 views

Fedora Update for mod_auth_shadow FEDORA-2010-6323

Check for the Version of modauthshadow OpenVAS Vulnerability Test Fedora Update for modauthshadow FEDORA-2010-6323 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6.8CVSS6.4AI score0.03766EPSS
Exploits0References2
Fedora
Fedora
added 2010/05/13 7:28 p.m.29 views

[SECURITY] Fedora 12 Update: mod_auth_shadow-2.2-8.fc12

When performing this task one encounters one fundamental difficulty: The /etc/shadow file is supposed to be read/writeable only by root. However, the webserver is supposed to run under a non-root user, such as "nobody". modauthshadow addresses this difficulty by opening a pipe to an suid root...

6.8CVSS1.4AI score0.03766EPSS
Exploits0
securityvulns
securityvulns
added 2010/02/25 12:0 a.m.54 views

jQuery Validate 1.6.0 Demo Code Advisory

+----------------------------------------------+ ADVISORY – jQuery Validate 1.6.0 Demo Code AFFECTED PACKAGES jQuery Validate 1.6.0 SilverStripe 2.3.X to 2.3.5 Discovered By CodeScan.com +----------------------------------------------+ Vendor's Website:...

0.1AI score
Exploits0
Rows per page
Query Builder