Lucene search
K

92 matches found

Positive Technologies
Positive Technologies
added 2009/01/01 12:0 a.m.6 views

PT-2009-21: CMS.Pilot SQL Injection Vulnerability

CMS.Pilot is a content management system CMS software, usually implemented as a Web application, for creating and managing HTML content. It is used to manage and control a large, dynamic collection of Web material HTML documents and their associated images. Vulnerability Description Positive...

8.4AI score
Exploits0References4
securityvulns
securityvulns
added 2006/02/06 12:0 a.m.91 views

SECURITY.NNOV: The Bat! 2.x message headers spoofing

Title: The Bat! 2.x message headers spoofing Author: 3APA3A [email protected] Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable:...

0.6AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.16 views

aeNovo Database Content Disclosure Vulnerability

Due to improper file permission settings on the database directory of aeNovo it is possible for a remote attacker to download the product SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7.3AI score
Exploits0References1
securityvulns
securityvulns
added 2005/02/14 12:0 a.m.42 views

[Full-Disclosure] Credit Card data disclosure in CitrusDB

Credit Card data disclosure in CitrusDB A group of students at our lab called RedTeam found an information disclosure vulnerability in CitrusDB which can result in disclosure of credit card information. Details ======= Product: CitrusDB Affected Version: = 0.3.5 Immune Version: =0.3.6 OS affected...

5CVSS0.1AI score0.07652EPSS
Exploits1
securityvulns
securityvulns
added 2004/12/10 12:0 a.m.66 views

KDE Security Advisory: kfax libtiff vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: kfax libtiff vulnerabilities Original Release Date: 2004-12-09 URL: http://www.kde.org/info/security/advisory-20041209-2.txt 0. References CAN-2004-0803 CAN-2004-0804 CAN-2004-0886 1. Systems affected: All KDE releases earlier...

7.5CVSS0.5AI score0.08268EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.31 views

GLSA-200405-09 : ProFTPD Access Control List bypass vulnerability

The remote host is affected by the vulnerability described in GLSA-200405-09 ProFTPD Access Control List bypass vulnerability ProFTPD 1.2.9 introduced a vulnerability that allows CIDR-based ACLs such as 10.0.0.1/24 to be bypassed. The CIDR ACLs are disregarded, with the net effect being similar t...

7.5CVSS5.6AI score0.09197EPSS
Exploits0References2
securityvulns
securityvulns
added 2004/08/30 12:0 a.m.26 views

[Full-Disclosure] iDEFENSE Security Advisory 08.25.04: Ipswitch WhatsUp Gold Remote Buffer Overflow Vulnerability

Ipswitch WhatsUp Gold Remote Buffer Overflow Vulnerability iDEFENSE Security Advisory 08.25.04 http://www.idefense.com/application/poi/display?type=vulnerabilities August 25, 2004 I. BACKGROUND Ipswitch WhatsUp Gold is a Microsoft Windows based network monitoring application. More information is...

7.5CVSS1.8AI score0.62577EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.23 views

GLSA-200408-01 : MPlayer: GUI filename handling overflow

The remote host is affected by the vulnerability described in GLSA-200408-01 MPlayer: GUI filename handling overflow The MPlayer GUI code contains several buffer overflow vulnerabilities, and at least one in the TranslateFilename function is exploitable. Impact : By enticing a user to play a file...

10CVSS6.4AI score0.15655EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2004/08/15 12:0 a.m.35 views

Tomcat: Insecure installation

Background Tomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. Description The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init scripts as tomcat:tomcat, but those scripts are executed with root privileges when the system is started...

7.2CVSS4AI score0.0044EPSS
Exploits0
securityvulns
securityvulns
added 2003/10/23 12:0 a.m.30 views

Origo ASR-8100 ADSL router remote factory reset

Vulnerable device ----------------- Origo ASR-8100 ADSL router Firmware ETHADSLUSB110502REL10S Customer Software Version 110502REL10S ADSL Showtime Firmware Version: 3.21 device based on Conexant CX82310-14 chipset Vulnerability: Remote ADSL reset and permanent denial of service attack...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2003/02/17 12:0 a.m.21 views

[immune advisory] Mulitple vulnerabilities found in BisonFTP

immune advisory Mulitple vulnerabilities found in BisonFTP ================================================================================ BisonFTP is a FTP daemon used on Microsoft Windows 9x/NT systems. - DESCRIPTION ---------------------------------------------------------------- I BisonFTP i...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2003/01/30 12:0 a.m.17 views

BitchX 1.0 - RPL_NAMREPLY Denial of Service

BitchX 1.0 - RPLNAMREPLY Denial of Service // source: https://www.securityfocus.com/bid/6880/info It has been reported that BitchX does not properly handle some types of replies contained in the RPLNAMREPLY numeric. When a malformed reply is received by the client, the client crashes, resulting i...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/08/20 12:0 a.m.70 views

[Mantis Advisory/2002-05] Arbitrary code execution and file reading vulnerability in Mantis

Mantis Advisory/2002-05 Arbitrary code execution and file reading vulnerability in Mantis 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 5.1 Arbitrary code execution 5.2 Displaying local files 6. Credit 7...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2002/08/20 12:0 a.m.90 views

[Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis

Mantis Advisory/2002-04 Arbitrary code execution vulnerability in Mantis 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Credit 7. Contact details 1. Introduction Mantis is an Open Source web-based...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2002/04/12 12:0 a.m.29 views

IBM Informix Web DataBlade: Auto-decoding HTML entities

IBM Informix Web DataBlade: Auto-decoding HTML entities By Simon Lodal, Denmark Vendor status: Notified months ago, said they would be working on updates, never heard anything. Software: Web DataBlade 4.12, IDS 9.20/9.21, Linux 2.2/2.4, SunOS 5.7 OS, IDS and WDB versions seem to be irrelevant...

7.3AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2002/01/04 12:0 a.m.4 views

FreeBSD-SA-02:05.pine

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:05 Security Advisory FreeBSD, Inc. Topic: pine port insecure URL handling REVISED Category: ports Module: pine Announced: 2002-01-04 Revised: 2002-01-10 Credits: zen-pars...

5.9AI score
Exploits0
CERT
CERT
added 2002/01/04 12:0 a.m.17 views

Buffer overflow vulnerability in pwck command line utility

Overview The CERT/CC has received a public report of a local buffer overflow vulnerability in the pwck utility. Description The pwck utility performs syntax checking of /etc/password and /etc/shadow password information files. This utility contains a buffer overflow vulnerability in the section o...

8AI score
Exploits0References3
CERT
CERT
added 2002/01/04 12:0 a.m.20 views

Buffer overflow vulnerability in grpck command line utility

Overview The CERT/CC has received a public report of a local buffer overflow vulnerability in the grpck utility. Description The grpck utility performs syntax checking of /etc/group and /etc/gshadow group information files. This utility contains a buffer overflow vulnerability in the section of...

7.9AI score
Exploits0References3
FreeBSD Advisory
FreeBSD Advisory
added 2001/12/04 12:0 a.m.5 views

FreeBSD-SA-01:64.wu-ftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:64 Security Advisory FreeBSD, Inc. Topic: wu-ftpd port contains remote root compromise Category: ports Module: wu-ftpd Announced: 2001-12-04 Credits: CORE Security...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2001/10/16 12:0 a.m.43 views

Buffer overflow vulnerability in action argument of dtaction

r0ar Security Advisory October 5, 2001 Buffer overflow vulnerability in action argument of dtaction Desription The dtaction utility allows applications or shell scripts, which are otherwise not connected into the CDE development environment, to invoke action requests. The action called actionname...

7.5AI score
Exploits0
Rows per page
Query Builder