CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2002-1348

Malware in sbrugna...

7.2CVSS6.2AI score0.01658EPSS

Exploits1References7

OSV•added 2023/02/28 8:23 a.m.•1 views

USN-5899-1 awstats vulnerability

It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker could possibly use this issue to conduct cross-site scripting XSS attacks...

6.1CVSS5.7AI score0.00655EPSS

Exploits0References2

OSV•added 2022/09/12 7:45 a.m.•1 views

USN-5232-1 fail2ban vulnerability

Jakub Żoczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain mail actions like 'mail-whois' on a target system, a remote attacker who was able to control whois responses to this target system could possibly execute...

8.1CVSS7.5AI score0.03621EPSS

Exploits1References2

Cvelist•added 2004/09/01 4:0 a.m.•24 views

CVE-2002-1364

Buffer overflow in the getorigin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses...

7.6AI score0.01658EPSS

Exploits1References5

CVE•added 2004/09/01 4:0 a.m.•52 views

CVE-2002-1364

CVE-2002-1364 describes a buffer overflow in traceroute-nanog’s get_origin() function triggered by long WHOIS responses. This leads to arbitrary code execution and potential privilege escalation on affected systems. Public advisories (Debian DSA-254-1) note the issue was fixed in traceroute-nanog...

7.2CVSS7.6AI score0.01658EPSS

Exploits1References5Affected Software1