386 matches found
Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08217)
Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...
Adobe Flash Player Memory Error Reference Memory Corruption Vulnerability (CNVD-2015-06310)
Adobe Flash Player is a Flash file processing program.Adobe AIR is a cross-operating system runtime library produced by Adobe, through which developers can take advantage of existing Web development technology. A memory misreference vulnerability exists in Adobe Flash Player that could allow an...
IBM WebSphere Application Server (WAS) elevation of privilege vulnerability (CNVD-2015-02799)
IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. An elevation of privilege vulnerability exists in IBM...
Internet Bug Bounty: Bad Write in TTF font parsing (win32k.sys)
This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here. The vulnerability reference numbers are MS15-010 CVE-2015-0059 The original bug report is...
CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix
It was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name CN field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially...
CVE-2013-6875
creationtimestamp| type| source ---|---|--- 2013-12-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38827...
ICEstate SQL Injection
'/ -.- ------------------------------oOO------OOo----------------------------------- | ICEstate Real Estate Marketplace SQL Injection Vulnerability | -------------------------------------------------------------------------------- ! Discovered: cr4wl3r ! Site: http://bastardlabs.info ! Download:...
CVE-2012-2138
creationtimestamp| type| source ---|---|--- 2012-07-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37487...
Viola DR VIO-4/1000 Directory Traversal
============================================================== Viola DVR VIO-4/1000 - Directory Traversal Vulnerability ============================================================== Software: Viola DVR VIO-4/1000 other products may be affected Vendor: http://www.videcon.co.uk/ Vuln Type: Directo...
Escort Directory CMS SQL injection vulnerability-vulnerability warning-the black bar safety net
Escort Directory CMS is a dedicated to the a+site-built CMS, Escort Directory CMS existsql injectionvulnerabilities that could lead to sensitive information disclosure. +info: Exploit Title: Escort Directory CMS SQL Injection Vunerability Google Dork: "Powered By Escort Web design" Platform: php...
CVE-2008-6483
creationtimestamp| type| source ---|---|--- 2008-11-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6975...
CVE-2008-3664
creationtimestamp| type| source ---|---|--- 2008-09-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32321 2008-09-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32322 2008-09-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32323 2008-09-04...
mysql server DoS
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service crash via a format string instead of a date as the first parameter to the dateformat function, which is later used in a formatted pri...
CVE-2008-1921
creationtimestamp| type| source ---|---|--- 2008-04-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5464...
CVE-2006-4216
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4159. Reason: This candidate is a duplicate of CVE-2006-4159. Notes: All CVE users should reference CVE-2006-4159 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
[Full-disclosure] Secunia Research: Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities
====================================================================== Secunia Research 31/05/2006 - Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities - ====================================================================== Table of Contents Affected...
Immunity Canvas: LINKSYS_APPLY_CGI
Name| linksysapplycgi ---|--- CVE| CVE-2005-2799 Exploit Pack| CANVAS Description| linksysapplycgi Notes| References: http://www.idefense.com/application/poi/display?id=305&type=vulnerabilities CVE Name: CVE-2005-2799 VENDOR: Linksys Date public: Sep 13, 2005 CVE Url:...
CVE-2025-22197
CVE-2025-22197 entry is rejected/not used per the Initial Description.
CVE-2023-5094
This CVE-2023-5094 entry is rejected/not used and does not represent an active vulnerability.
CVE-2025-34921
...