Searching function software vulnerabilities

IIS has the #exec function enabled for Server S

function | enabled | Include | Server | #exec | Side | has | IIS |

IIS has the #exec function enabled for Server Side Include (SSI) files.


The imap_header function in the IMAP functional

functionality | imap_header | function | before | IMAP | PHP |

The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.


The prescan function in Sendmail 8.12.9 allows

Sendmail | function | prescan |

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.


Multiple stack-based buffer overflows in (1) th

stack-based | overflows | Multiple | buffer |

Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames.


Multiple format string vulnerabilities in GNU A

vulnerabilities | Multiple | Anubis | format | string | GNU |

Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c.


Format string vulnerability in the msg function

vulnerability | function | daemon | string | Format | rlpr | msg |

Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.


Unknown vulnerability in the passwd_check funct

vulnerability | passwd_check | function | Unknown | Shadow |

Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.


Multiple buffer overflows in the (1) write_head

overflows | Multiple | buffer |

Multiple buffer overflows in the (1) write_heading function in subs.cpp or (2) trim_title function in parse.cpp for abctab2ps 1.6.3 allow remote attackers to execute arbitrary code via crafted ABC files.


Multiple buffer overflows in (1) the getline fu

overflows | Multiple | buffer |

Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file.


Memory leak in the ip_options_get function in t

ip_options_get | function | kernel | Memory | before | Linux | leak |

Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.


Format string vulnerability in the LogMsg funct

vulnerability | function | before | LogMsg | Format | string | sercd |

Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attachers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function.


Buffer overflow in the spa_base64_to_bits funct

spa_base64_to_bits | function | overflow | before | Buffer | Exim |

Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.


Buffer overflow in the wsprintf function in W32

wsprintf | function | overflow | W32Dasm | Buffer |

Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.


The php_handle_iff function in image.c for PHP

php_handle_iff | function | imagec | PHP |

The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.


Multiple SQL injection vulnerabilities in the D

vulnerabilities | Downloads | attackers | arbitrary | injection | PHP-Nuke | Multiple | inject | remote | script | module | allow | HTML | via | web | SQL |

Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function.


Multiple SQL injection vulnerabilities in the W

vulnerabilities | Web_Links | attackers | arbitrary | injection | commands | PHP-Nuke | Multiple | execute | remote | module | allow | via | SQL |

Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min parameters in the viewlink function, (4) the orderby, min, or show parameters in the search function, or (5) the ratenum parameter in the MostPopular function.


Multiple SQL injection vulnerabilities in MySQL

vulnerabilities | injection | Multiple | Eventum | MySQL | SQL |

Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.


SQL injection vulnerability in Mambo 4.5.3, 4.5

vulnerability | injection | Mambo | SQL |

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/mambo.php; and (3) the $filter variable to the showCategory function in the com_content component (content.php).


Integer overflow in the envwrite function in th

Alcatel-Lucent | demonstrated | addresses | overwrite | argument | function | envwrite | overflow | certain | Integer | memory | allows | kernel | large | users | local | Labs | Bell | Plan | via |

Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions.


ImageMagick before 6.3.5-9 allows context-depen

context-dependent | ImageMagick | attackers | triggers | crafted | service | denial | allows | before | image | 635-9 | cause | file | via |

ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.


Software vulnerabilities results 1 to 20 of 1855     
Page: 12345...93