check software vulnerabilities
vulnerabilities.aspcode.net
Searching check software vulnerabilities
The Check It Out shopping cart application allo
information
|
application
|
sensitive
|
purchase
|
shopping
|
modify
|
remote
|
hidden
|
fields
|
allows
|
Check
|
users
|
form
|
cart
|
via
|
Out
|
The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Check Point FireWall-1 allows remote attackers
FireWall-1
|
attackers
|
service
|
denial
|
remote
|
allows
|
Check
|
Point
|
cause
|
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastm
VPN-1/FireWall-1
|
restrictions
|
fragmented
|
malformed
|
attackers
|
Fastmode
|
packets
|
enabled
|
access
|
bypass
|
allows
|
remote
|
Point
|
Check
|
via
|
SP2
|
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets.
Buffer overflow in Berkeley parallel make (pmak
Berkeley
|
parallel
|
overflow
|
Buffer
|
make
|
Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition.
The Log Viewer function in the Check Point Fire
FireWall-1
|
existence
|
function
|
through
|
Solaris
|
saving
|
allows
|
Viewer
|
'log'
|
files
|
Point
|
Check
|
which
|
does
|
30b
|
GUI
|
SP2
|
not
|
Log
|
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
Masquerading code for Linux kernel before 2.2.1
Masquerading
|
kernel
|
before
|
Linux
|
code
|
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
Check Point FireWall-1 SecuRemote/SecuClient 4.
SecuRemote/SecuClient
|
"authentication
|
configuration
|
FireWall-1
|
modifying
|
to_expire
|
client's
|
timeout"
|
clients
|
values
|
usersC
|
expire
|
bypass
|
allows
|
Check
|
Point
|
file
|
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.
The library feature for Adobe Content Server 3.
downloadasp
|
parameter
|
arbitrary
|
modified
|
attacker
|
loanMin
|
feature
|
library
|
Content
|
length
|
Server
|
allows
|
remote
|
check
|
Adobe
|
eBook
|
time
|
out
|
via
|
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp.
The spell checker plugin (check_me.mod.php) for
checker
|
plugin
|
spell
|
The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter.
SQL injection vulnerability in ASP Client Check
vulnerability
|
injection
|
Client
|
Check
|
SQL
|
ASP
|
SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.
Kdbg 1.1.0 through 1.2.8 does not check permiss
Kdbg
|
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands.
saned in sane-backends 1.0.7 and earlier does n
sane-backends
|
saned
|
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
OpenCA before 0.9.1.4 does not use the correct
before
|
OpenCA
|
OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.
Extremail 1.5.9 does not check passwords correc
Extremail
|
Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges.
Buffer overflow in Check Point SmartDashboard i
SmartDashboard
|
authenticated
|
overflow
|
service
|
allows
|
remote
|
Buffer
|
denial
|
users
|
cause
|
Check
|
Point
|
R54
|
R55
|
Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker.
PostgreSQL 8.0.0 and earlier allows local users
PostgreSQL
|
PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.
The integrity check feature in OpenPGP, when ha
encrypted
|
integrity
|
handling
|
feedback
|
feature
|
message
|
OpenPGP
|
cipher
|
check
|
using
|
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.
setup.php in phpStat 1.5 allows remote attacker
authentication
|
administrator
|
privileges
|
attackers
|
setupphp
|
variable
|
setting
|
phpStat
|
$check
|
allows
|
bypass
|
remote
|
gain
|
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
Check Point SofaWare Safe@Office, with firmware
Safe@Office
|
firmware
|
Embedded
|
SofaWare
|
before
|
Point
|
Check
|
NGX
|
Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, has a certain default password.
Unspecified vulnerability in netInvoicing befor
vulnerability
|
netInvoicing
|
Unspecified
|
before
|
Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, related to "security check soap".
Software vulnerabilities results 1 to 20 of 303
Page:
1
2
3
4
5
...
16
►