CVE-2010-10012

A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specially crafted GET request containing a sequence of URL-encoded backslashes and directory traversal...

CVE-2010-10012

Affected product: httpdasm 0.92 (Windows HTTP server). Issue: path traversal via a crafted GET containing URL-encoded backslashes and directory traversal patterns allows unauthenticated read of arbitrary host files, escaping the web root. Root cause: directory traversal flaw enabling access outsi...

Japheth httpdASM 安全漏洞

Japheth httpdASM is a lightweight server from the German individual developers of Japheth. A security vulnerability exists in Japheth httpdASM version 0.92, which stems from a path traversal flaw that could allow an unauthenticated attacker to read arbitrary files on the host system...

Design/Logic Flaw

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

CVE-2012-0955

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

CVE-2012-0955 software-properties incorrectly validated TLS certificates

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

Design/Logic Flaw

An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolveobjectrefvector in decode.c...

GNU LibreDWG Excessive Memory Allocation Vulnerability

GNU LibreDWG is a GNU Project C library for working with DWG files. A security vulnerability exists in the 'dwgdecodeLWPOLYLINEprivate' function of dwg.spec in GNU LibreDWG version 0.92. An attacker can exploit this vulnerability to cause a denial of service large memory consumption with the help...

GNU LibreDWG Excessive Memory Allocation Vulnerability (CNVD-2020-03561)

LibreDWG is a free C library for reading and writing DWG files. An excessive memory allocation vulnerability exists in dwgdecodeHATCHprivate in dwg.spec in GNU LibreDWG 0.92. An attacker can exploit this vulnerability via specially crafted input to cause an attempt to allocate too much memory,...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2020-03560)

GNU LibreDWG is a GNU Project C library for working with DWG files. A buffer overflow vulnerability exists in the 'decodeR13R2000' function of the decode.c file in GNU LibreDWG version 0.92. The vulnerability stems from a networked system or product performing operations in memory without properl...

LIVE555 RTSP Server Buffer Overflow Vulnerability

LIVE555 RTSP Server is a command line program for viewing, transmitting, receiving and recording media streams specified by RTSP URLs. A stack buffer overflow vulnerability exists in the HTTP packet parsing feature of the library in LIVE555 RTSP Server version 0.92. An attacker can exploit this...

PT-2018-2503 · Live555 +2 · Live555 Rtsp Server Library +2

Name of the Vulnerable Software and Affected Versions: LIVE555 RTSP server library version 0.92 Description: The issue is related to a buffer overflow error in the HTTP packet parser implementation of the LIVE555 RTSP server library. This can be exploited by a remote attacker using a specially...

CVE-2014-9217

Graylog2 before 0.92 allows remote attackers to bypass LDAP authentication via crafted wildcards...

WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...

WarpSpeed 4nAlbum Module 0.92 nmimage.php z Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...

bbzl PHP 0.92 Remote File Inclusion

| | | ||\ || || || | \ // | | | || \ || || || | |\ //| | | \ | | |/ / | | || \ || || || | | \ // | | | \ | | / / | | || \ || || || | | \ // | | | | | | | /'\ / / | | || \ || || || | | \ // | | | | | \ \ / / / | | || \ || |||| | | \// | | | | | | | \ \ / / | | || \|| || || / || |/...

BbZL.PhP File Inclusion Exploit

Exploit for php platform in category web applications Exploit Title: BbZL.PhP File Inclusion Exploit Google Dork: intitle:"BbZL.PhP 0.92 CSS²" Date: 06/07/2011 Author: Number 7 Software Link: http://www.easy-script.com/scripts-dl/bbzlPhP092.zip Version: 0.92 CSS² Tested on: linux/Windows NT Exp...

SynCE Remote Command Injection

SynCE Remote Command Injection Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Advisory Information Title: SynCE Remote Command Injection Advisory ID: CORE-2007-1106 Advisory URL: http://www.coresecurity.com/?action=item&id=2070 Date published: 2008-01-07 Date...

WarpSpeed 4nAlbum Module 0.92 - nmimage.php?z Cross-Site Scripting

WarpSpeed 4nAlbum Module 0.92 - nmimage.php?z Cross-Site Scripting source: https://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information...

WarpSpeed 4nAlbum Module 0.92 - displaycategory.php?basepath Remote File Inclusion

WarpSpeed 4nAlbum Module 0.92 - displaycategory.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is...