Lucene search
K

6776 matches found

CVE
CVE
added 2005/06/28 4:0 a.m.57 views

CVE-2002-1935

Pingtel Xpressa versions 1.2.5 through 2.0.1 are affected by CVE-2002-1935 due to predictable Call-ID, CSeq, and To/From SIP URL values in SIP requests, which can let remote attackers avoid registering with the SIP registrar. The root cause is the lack of randomness in SIP identifiers, enabling a...

5CVSS7AI score0.01351EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.16 views

CVE-2002-1730

ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true"...

6.7AI score0.01351EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/06/01 1:24 p.m.6 views

security flaw

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."...

7.5CVSS5.8AI score0.02045EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/05/18 1:59 p.m.30 views

Low: Red Hat Security Advisory: glibc security update

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by applications. It was discovered that the use of LDDEBUG...

2.1CVSS5.8AI score0.00364EPSS
Exploits0References11
CVE
CVE
added 2005/05/17 4:0 a.m.40 views

CVE-2005-1638

The vulnerability CVE-2005-1638 affects the SafeHTML library, with the _writeAttrs function failing to properly quote attribute values. This mis-handling can enable cross-site scripting (XSS) in applications that rely on SafeHTML for protection. Affected: SafeHTML prior to 1.3.2. Root cause: insu...

4.3CVSS6.2AI score0.01195EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/05/17 4:0 a.m.18 views

CVE-2005-1638

The writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting XSS vulnerabilities in applications that rely on SafeHTML for protection...

6AI score0.01195EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2005/05/16 12:0 a.m.33 views

Mozilla Suite And Firefox - DOM Property Overrides Code Execution

source: https://www.securityfocus.com/bid/13645/info Mozilla Suite and Mozilla Firefox are affected by a code-execution vulnerability. This issue is due to a failure in the application to properly verify Document Object Model DOM property values. An attacker may leverage this issue to execute...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.19 views

CVE-2003-1169

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle...

6.4AI score0.00819EPSS
Exploits1References3
NVD
NVD
added 2005/05/03 4:0 a.m.16 views

CVE-2005-1409

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."...

7.5CVSS6.2AI score0.02045EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2005/04/21 4:0 a.m.27 views

CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

7.2CVSS4.8AI score0.01115EPSS
Exploits1
Cvelist
Cvelist
added 2005/04/21 4:0 a.m.14 views

CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

6.6AI score0.01115EPSS
Exploits1References5
Mozilla
Mozilla
added 2005/04/15 12:0 a.m.14 views

Privilege escalation via DOM property overrides — Mozilla

mozbugra4 reported several exploits giving an attacker the ability to install malicious code or steal data, requiring only that the user do commonplace actions like click on a link or open the context menu. The common cause in each case was privileged UI code "chrome" being overly trusting of DOM...

6.8AI score
Exploits0References3Affected Software2
Exploit DB
Exploit DB
added 2005/02/21 12:0 a.m.21 views

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun

source: https://www.securityfocus.com/bid/12603/info The Bontago game server is reported to be affected by a remote buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on client-supplied 'nickname' values. It is conjectured that a...

7.4AI score
Exploits0
0day.today
0day.today
added 2005/01/26 12:0 a.m.15 views

/usr/bin/trn Local Exploit (not suid)

Exploit for linux platform in category local exploits ===================================== /usr/bin/trn Local Exploit not suid ===================================== / /usr/bin/trn local root exploit By ZzagorR - http://www.rootbinbash.com / / sh-2.05b$ ./trn usage : ./trn ret buf example : ./trn...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2005/01/14 12:0 a.m.65 views

OpenBSD TCP Retransmission Timeout Calculation Denial of Service

Packets with specially crafted timestamp value can lead to denial of service...

3.5AI score
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2005/01/10 5:0 a.m.12 views

CVE-2004-1187

Heap-based buffer overflow in the pnmgetchunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNATAG values, a different vulnerability than CVE-2004-1188...

10CVSS6.5AI score0.05178EPSS
Exploits0References1
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-0931

MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service crash via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function...

5CVSS6.5AI score0.01831EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2004/12/22 5:0 a.m.29 views

CVE-2004-1187

Heap-based buffer overflow in the pnmgetchunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNATAG values, a different vulnerability than CVE-2004-1188...

10CVSS7.8AI score0.05178EPSS
Exploits0
Cvelist
Cvelist
added 2004/12/22 5:0 a.m.24 views

CVE-2004-1187

Heap-based buffer overflow in the pnmgetchunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNATAG values, a different vulnerability than CVE-2004-1188...

7.7AI score0.05178EPSS
Exploits0References5
0day.today
0day.today
added 2004/12/20 12:0 a.m.30 views

Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit

Exploit for ultrix platform in category local exploits ==================================================== Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit ==================================================== / Ultrix 4.5/MIPS dxterm exploit by ztion in 2004 Greets to: Stok, sidez It wasn't...

6.8AI score
Exploits0
Rows per page
Query Builder