Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2012/02/03 12:0 a.m.92 views

Mozilla Foundation Security Advisory 2012-06

Mozilla Foundation Security Advisory 2012-06 Title: Uninitialized memory appended when encoding icon images may cause information disclosure Impact: High Announced: January 31, 2012 Reporter: Tim Abraldes Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Thunderbird 10.0 SeaMonkey...

5CVSS1.4AI score0.01859EPSS
Exploits0
securityvulns
securityvulns
added 2012/01/20 12:0 a.m.92 views

[ MDVSA-2012:009 ] perl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:009 http://www.mandriva.com/security/ Package : perl Date : January 18, 2012 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in perl: Eval injection in the...

7.5CVSS9.9AI score0.13526EPSS
Exploits0
securityvulns
securityvulns
added 2011/12/05 12:0 a.m.92 views

Oxide M0N0X1D3 HTTP Server Directory Traversal Vulnerability

Title : Oxide M0N0X1D3 HTTP Server Directory Traversal Vulnerability Software : Oxide M0N0X1D3 HTTP Server Software Version : 20040223 Vendor: http://sourceforge.net/projects/oxide-ws/ Vulnerability Published : 2011-11-15 Vulnerability Update Time : Status : Impact : Medium Bug Description : Oxid...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/11/27 12:0 a.m.92 views

Valid tiny-erp <= 1.6 SQL Injection Vulnerability

Dear all, I have found a SQL injection vulnerability in Valid tiny-erp = 1.6. It seems to be version 1.6 as you can see in the 'project' section of www.valid.gr. Anyway there is not any specific number version in the sourceforge page. I reported the vulnerability to the vendor but no response as...

Exploits0
securityvulns
securityvulns
added 2011/11/25 12:0 a.m.92 views

Mozilla Foundation Security Advisory 2011-52

Mozilla Foundation Security Advisory 2011-52 Title: Code execution via NoWaiverWrapper Impact: Critical Announced: November 8, 2011 Reporter: mozbugra4 Products: Firefox, Thunderbird Fixed in: Firefox 8.0 Thunderbird 8.0 Description Mozilla security researcher mozbugra4 reported that an internal...

9.3CVSS1.4AI score0.01868EPSS
Exploits1
securityvulns
securityvulns
added 2011/10/31 12:0 a.m.92 views

ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability

ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-307 October 26, 2011 -- CVE ID: CVE-2011-3545 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle...

10CVSS0.8AI score0.05445EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.92 views

CVE-2011-2731: Spring Security privilege escalation when using RunAsManager

CVE-2011-2731: Spring Security privilege escalation when using RunAsManager Severity: Moderate Versions Affected: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Spring Security provides a mechanism RunAsManager to allow particular operations to run with a differe...

5.1CVSS1.1AI score0.01246EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.92 views

ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability

ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-273 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart -- TippingPointTM...

7.9CVSS0.4AI score0.02335EPSS
Exploits4
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.92 views

ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability

ZDI-11-244: 0day FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-244 July 28, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Flexera Software -- Affected Products: Flexera Software FlexNet License Serv...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.92 views

Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Avon Groups searchresult.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.avongroups.in/it/ Persian Gulf 4 Ever! Dork : "Powered By: Avon Enterprises Pvt. Ltd. "...

2.9AI score
Exploits0
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.92 views

Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web items.php?&catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web" "inurl:items.ph...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.92 views

ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability

ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-195 June 14, 2011 -- CVE ID: CVE-2011-1261 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Microsoft -- Affected Products: Microsoft Interne...

9.3CVSS0.6AI score0.16935EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.92 views

Mozilla Foundation Security Advisory 2011-13

Mozilla Foundation Security Advisory 2011-13 Title: Multiple dangling pointer vulnerabilities Impact: Critical Announced: April 28, 2011 Reporter: regenrecht Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description Security researcher regenrecht reported...

10CVSS1.4AI score0.73655EPSS
Exploits15
securityvulns
securityvulns
added 2011/04/19 12:0 a.m.92 views

VUPEN Security Research - Apple Safari Text Nodes Remote Use-after-free Vulnerability (CVE-2011-1344)

VUPEN Security Research - Apple Safari Text Nodes Remote Use-after-free Vulnerability CVE-2011-1344 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Apple Safari is a web browser developed by Apple. As of February 2010, Safari was the fourth most widely used browser,...

6.8CVSS9.5AI score0.05916EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/14 12:0 a.m.92 views

HTB22924: Arbitrary Command Execution in phpAlbum.net

Vulnerability ID: HTB22924 Reference: http://www.htbridge.ch/advisory/arbitrarycommandexecutioninphpalbumnet.html Product: phpAlbum.net Vendor: Patrik Jakab http://www.phpalbum.net/ Vulnerable Version: 0.4.1-14fix06 Vendor Notification: 31 March 2011 Vulnerability Type: Arbitrary Command Executio...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.92 views

HTB22917: XSS vulnerabilities in phpCollab

Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS Cross...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/03/10 12:0 a.m.92 views

VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0004 Synopsis: VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bin...

7.2CVSS6.8AI score0.17223EPSS
Exploits1
securityvulns
securityvulns
added 2011/02/15 12:0 a.m.92 views

ZDI-11-051: IBM Lotus Notes cai URI Handler Remote Code Execution Vulnerability

ZDI-11-051: IBM Lotus Notes cai URI Handler Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-051 February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/01/26 12:0 a.m.92 views

[DSECRG-11-005] Oracle Document Capture empop3.dll - insecure method

ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-005 internal DSECRG-00154 Application: Oracle Document Capture Versions Affected: Release 10gR3 Vendor URL: www.oracle.com Bugs: insecure method, File overwriting, File deleting Exploits: YES...

9.3CVSS0.11818EPSS
Exploits10
securityvulns
securityvulns
added 2011/01/26 12:0 a.m.92 views

[DSECRG-11-008] Open Edge RDBMS - Multiple architecture vulnerabilities (UNPATCHED)

Digital Security Research Group DSecRG Advisory DSECRG-11-008 Application: Progress OpenEdge Enterprise RDBMS Versions Affected: 10.2A and maybe others Vendor URL: http://web.progress.com Bug: Authentication bypass, UserID enumerate Exploits: YES Reported: 13.10.2009 Vendor response: 13.10.2009...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2011/01/26 12:0 a.m.92 views

[DSECRG-00145] SAP Crystal Reports 2008 - Directory Traversal

DSECRG-11-003 Internal DSECRG-00145 SAP Crystal Report Server 2008 - Directory Traversal Directory traversal vulnerability discovered in the module PerformanceManagement application SAP Crystal Report Server 2008, which allows you to read any file on the OS. Application: SAP Crystal Report Server...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2010/06/12 12:0 a.m.92 views

US-CERT Technical Cyber Security Alert TA10-162A -- Adobe Flash and AIR Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-162A Adobe Flash and AIR Vulnerabilities Original release date: June 11, 2010 Last revised: -- Source: US-CERT Systems Affected Adobe Flash Player 10.0.45.2 and earlier 10.x versions Adob...

9.3CVSS8.4AI score0.82365EPSS
Exploits22
securityvulns
securityvulns
added 2010/05/17 12:0 a.m.92 views

GVI-2010-01 Multiple vulnerabilities in Kapitalist/capitalist

GVI-2010-01 : Multiple vulnerabilities in Kapitalist/capitalist Overview ----------- Quote from http://kapitalist.sourceforge.net/ "Kapitalist is a Monopoly®-like board game for 2-8 players. Walk around the board, buy properties, receive rent from your competitors, try to get monopolies to build...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2010/04/30 12:0 a.m.92 views

Bonsai Information Security - OS Command Injection in Cacti <= 0.8.7e

OS Command Injection in Cacti ============================= http://www.bonsai-sec.com/en/research/vulnerability.php ============================= 1. Advisory Information Advisory ID: BONSAI-2010-0105 Date published: 2010-04-21 Vendors contacted: Cacti Release mode: Coordinated release 2...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/04/12 12:0 a.m.92 views

Secunia Research: Pulse CMS Cross-Site Request Forgery

====================================================================== Secunia Research 08/04/2010 - Pulse CMS Cross-Site Request Forgery - ====================================================================== Table of Contents Affected Software......................................................

6.8CVSS0.7AI score0.00581EPSS
Exploits1
securityvulns
securityvulns
added 2010/03/31 12:0 a.m.92 views

CVE-2010-0684: Apache ActiveMQ Persistent Cross-Site Scripting (XSS) Vulnerability

CVE-2010-0684: Apache ActiveMQ Persistent Cross-Site Scripting XSS Vulnerability ============================================================== Security Advisory 03.30.2010 I. BACKGROUND Apache ActiveMQ is the most popular and powerful open source messaging and Integration Patterns provider...

3.5CVSS1AI score0.04283EPSS
Exploits2
securityvulns
securityvulns
added 2010/03/15 12:0 a.m.92 views

Pars CMS SQL Injection Vulnerability

================= IUT-CERT ================= Title: Pars CMS SQL Injection Vulnerability Vendor: www.parscms.com Dork: Design by Virtual Develop Co Type: Input.Validation.Vulnerability SQL Injection Fix: N/A ================== nsec.ir ================= Description: ------------------ Pars CMS is ...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2010/02/10 12:0 a.m.92 views

[Full-disclosure] Windows SMB NTLM Authentication Weak Nonce Vulnerability

to get the scripts mentioned by this advisory please get the full version at http://www.hexale.org/advisories/OCHOA-2010-0209.txt; I did not include them here to reduce the size of this email Windows SMB NTLM Authentication Weak Nonce Vulnerability Security Advisory Hernan Ochoa [email protected] ...

10CVSS0.3AI score0.41262EPSS
Exploits5
securityvulns
securityvulns
added 2010/02/04 12:0 a.m.92 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.03373EPSS
Exploits0References16Affected Software7
securityvulns
securityvulns
added 2010/02/04 12:0 a.m.92 views

CORE-2009-0625: Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities 1. Advisory Information Title: Internet Explorer Dynamic OBJECT tag and URLMON sniffing...

4.3CVSS7.7AI score0.3703EPSS
Exploits5
securityvulns
securityvulns
added 2009/12/02 12:0 a.m.92 views

Vulnerability Note VU#261869

Vulnerability Note VU261869 Clientless SSL VPN products break web browser domain-based security models Overview Clientless SSL VPN products from multiple vendors operate in a way that breaks fundamental browser security mechanisms. An attacker could use these devices to bypass authentication or...

6.8CVSS6.6AI score0.05134EPSS
Exploits0
securityvulns
securityvulns
added 2009/08/20 12:0 a.m.92 views

iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Security Bypass Vulnerability

iDefense Security Advisory 07.28.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 28, 2009 I. BACKGROUND Microsoft's Component Object Model COM was designed to allow interoperability between disjointed software components. It is a standardized interface solution to the programming...

9.3CVSS0.43389EPSS
Exploits1
securityvulns
securityvulns
added 2009/08/11 12:0 a.m.93 views

Microsoft Security Bulletin MS09-039 - Critical Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

Microsoft Security Bulletin MS09-039 - Critical Vulnerabilities in WINS Could Allow Remote Code Execution 969883 Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service...

9.3CVSS2.2AI score0.24658EPSS
Exploits2
securityvulns
securityvulns
added 2009/08/07 12:0 a.m.92 views

Mozilla Firefox, Thunderbird, SeaMonkey, NSS multiple security vulnerabilities

Certificate spoofing, buffer overflow, code execution...

9.3CVSS4.2AI score0.05741EPSS
Exploits6References6Affected Software2
securityvulns
securityvulns
added 2009/05/21 12:0 a.m.92 views

Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities.

Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities. An advisory by EnableSecurity. Trustwave published a joint advisory named TWSL2009-001 ID: ES-20090500 Advisory URL: http://resources.enablesecurity.com/advisories/ES-20090500-profense.txt Affected Versions: versions prior...

7.5CVSS7.3AI score0.01507EPSS
Exploits0
securityvulns
securityvulns
added 2009/04/01 12:0 a.m.92 views

Mozilla Foundation Security Advisory 2009-13

Mozilla Foundation Security Advisory 2009-13 Title: Arbitrary code execution via XUL tree element Impact: Critical Announced: March 27, 2009 Reporter: Nils Products: Firefox Fixed in: Firefox 3.0.8 Description Security researcher Nils reported via TippingPoint's Zero Day Initiative that the XUL...

9.3CVSS0.4AI score0.0649EPSS
Exploits2
securityvulns
securityvulns
added 2009/02/10 12:0 a.m.92 views

[ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability

ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2009/02/05 12:0 a.m.92 views

Mozilla Foundation Security Advisory 2009-05

Mozilla Foundation Security Advisory 2009-05 Title: XMLHttpRequest allows reading HTTPOnly cookies Impact: Low Announced: February 3, 2009 Reporter: Wladimir Palant Products: Firefox, SeaMonkey Fixed in: Firefox 3.0.6 SeaMonkey 1.1.15 Description Developer and Mozilla community member Wladimir...

5CVSS0.3AI score0.0156EPSS
Exploits0
securityvulns
securityvulns
added 2009/01/28 12:0 a.m.92 views

ACROS Security: HTML Injection in BEA (Oracle) WebLogic Server Console (ASPR #2009-01-27-1)

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2009-01-27-1 ------------------------------------------------------------------------- ASPR 2009-01-27-1: HTML Injection in BEA WebLogic Server Console...

Exploits0
securityvulns
securityvulns
added 2008/10/02 12:0 a.m.92 views

[MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues

MajorSecurity Advisory 56moziloWiki - Directory Traversal, XSS and SessionFixation Issues Details ======= Product: moziloWiki Security-Risk: High Remote-Exploit: yes Vendor-URL: http://www.mozilo.de/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2008/07/10 12:0 a.m.92 views

iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability

iDefense Security Advisory 07.08.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 08, 2008 I. BACKGROUND SQL Server is Microsoft's database server product. It supports the restoration and inspection of backups via SQL statements. For more information see the vendor's website found at...

9CVSS0.5AI score0.34539EPSS
Exploits1
securityvulns
securityvulns
added 2008/05/22 12:0 a.m.92 views

CORE-2008-0126: Multiple vulnerabilities in iCal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple vulnerabilities in iCal Advisory Information Title: Multiple vulnerabilities in iCal Advisory ID: CORE-2008-0126 Advisory URL:...

8.5CVSS0.1AI score0.10124EPSS
Exploits9
securityvulns
securityvulns
added 2008/02/12 12:0 a.m.92 views

Microsoft Security Bulletin MS08-005 – Important Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)

Microsoft Security Bulletin MS08-005 – Important Vulnerability in Internet Information Services Could Allow Elevation of Privilege 942831 Published: February 12, 2008 Version: 1.0 General Information Executive Summary This important update resolves a privately reported vulnerability in Internet...

7.2CVSS1.1AI score0.05405EPSS
Exploits1
securityvulns
securityvulns
added 2008/01/21 12:0 a.m.92 views

BLOG:CMS 4.2.1.c (DIR_PLUGINS) Multiple Remote File Include

Name : BLOG:CMS 4.2.1.c DIRPLUGINS Multiple Remote File Include Download From : http://dfn.dl.sourceforge.net/sourceforge/blogcms/blogcms.4.2.1.c.7z Or Here http://blogcms.com Found By : RoMaNcYxHaCkEr We Are H-T TeaM Houssamix - ToXiC Home Page : Not Yet : Tryag.cc/cc No-Hack.net V99x.com/vb...

Exploits0
securityvulns
securityvulns
added 2008/01/02 12:0 a.m.92 views

Bitweaver source code disclosure, arbitrary file upload

WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: Bitweaver is...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/12/05 12:0 a.m.92 views

PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection

PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection Vulnerabilities found: 16 November 2007 Vendor informed: 19 November 2007 Vulnerability fixed: 28 November 2007 Severity: High Description: Multiple vulnerabilities were found on Absolute...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2007/09/19 12:0 a.m.92 views

b1gmail Cross Site Scripting

b1gmail Cross Site Scripting ============================ Version: 6.3.1 site: http://www.b1gmail.de Profile: Cross Site Scripting Method: POST location:hilfe.php strings: "+onmouseover=alert1898233298+ http://site.com/hilfe.php?chapter="+onmouseover=alert1898233298+ credits: malibu.r...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/08/10 12:0 a.m.92 views

[ECHO_ADV_83$2007] PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability

ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2007/08/01 12:0 a.m.92 views

Mozilla Foundation Security Advisory 2007-27

Mozilla Foundation Security Advisory 2007-27 Title: Unescaped URIs passed to external programs Impact: Critical Announced: July 30, 2007 Reporter: Jesper Johansson Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.6 Thunderbird 2.0.0.6 Thunderbird 1.5.0.13 SeaMonkey 1.1.4...

9.3CVSS0.6AI score0.05699EPSS
Exploits0
securityvulns
securityvulns
added 2007/06/26 12:0 a.m.92 views

Ingres stack overflow in uuid_from_char function

======= Summary ======= Name: Stack overflow in uuidfromchar function Release Date: 25 June 2007 Reference: NGS00388 Discover: Chris Anley [email protected] Vendor: Ingres Vendor Reference: Ingres bug 115911, CVE-2007-3338, CAID 35452 Systems Affected: Ingres 2006 9.0.4 and prior Risk: High...

10CVSS0.1AI score0.06673EPSS
Exploits8
Total number of security vulnerabilities5000