mnogosearch common software vulnerabilities
vulnerabilities.aspcode.net
Searching mnogosearch common software vulnerabilities
Eastman Work Management 3.21 stores passwords i
Management
|
Eastman
|
Work
|
Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges.
Buffer overflows and other vulnerabilities in m
vulnerabilities
|
Environment
|
overflows
|
multiple
|
Desktop
|
Common
|
Buffer
|
other
|
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
Common Cryptographic Architecture (CCA) in IBM
Cryptographic
|
Architecture
|
Common
|
Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack to create a 3DES exporter key.
Safari 1.0 Beta 2 (v73) and earlier does not va
Safari
|
Beta
|
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.
Konqueror Embedded and KDE 2.2.2 and earlier do
Konqueror
|
Embedded
|
KDE
|
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
Buffer overflow in search.cgi for mnoGoSearch 3
mnoGoSearch
|
searchcgi
|
overflow
|
Buffer
|
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
Buffer overflow in search.cgi for mnoGoSearch 3
mnoGoSearch
|
searchcgi
|
overflow
|
Buffer
|
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
CiscoWorks Common Management Foundation (CMF) 2
Management
|
Foundation
|
CiscoWorks
|
Common
|
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
CiscoWorks Common Management Foundation (CMF) 2
Management
|
Foundation
|
CiscoWorks
|
Common
|
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.
Buffer overflow in the UdmDocToTextBuf function
UdmDocToTextBuf
|
mnoGoSearch
|
function
|
overflow
|
Buffer
|
Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
Multiple stack-based buffer overflows in Agent
stack-based
|
overflows
|
Services
|
Multiple
|
Common
|
buffer
|
Agent
|
Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code.
Computer Associates Unicenter Common Services 3
TndAddNspTmpbat
|
privileges
|
Associates
|
cleartext
|
Unicenter
|
database
|
password
|
Services
|
Computer
|
earlier
|
Common
|
stores
|
allow
|
local
|
users
|
which
|
could
|
"SA"
|
gain
|
file
|
Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.
Unknown vulnerability in common-lisp-controller
common-lisp-controller
|
vulnerability
|
Unknown
|
Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before.
Unspecified vulnerability in the "privilege man
vulnerability
|
management"
|
Unspecified
|
"privilege
|
Solaris
|
service
|
feature
|
denial
|
allows
|
cause
|
local
|
users
|
Sun
|
Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function.
E-Business Designer (eBD) 3.1.4 and earlier all
E-Business
|
Designer
|
E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. NOTE: this can also be used for cross-site scripting (XSS) attacks by uploading cascading style sheet (.CSS) files.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pUserID, (2) aid, (3) aname, (4) uid, and (5) m parameter in (a) common/galleries.asp; (6) aid, (7) aname, (8) uid, (9) m, (10) gp, and (11) g parameter in (b) common/pupload.asp; and (12) msg, (13) fn and (14) gp parameter in (c) common/upload.asp.
Multiple PHP remote file inclusion vulnerabilit
vulnerabilities
|
inclusion
|
Multiple
|
ATutor
|
remote
|
file
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) section parameter in (a) documentation/common/frame_toc.php and (b) documentation/common/search.php, the (2) req_lang parameter in documentation/common/search.php and (c) documentation/common/vitals.inc.php, the (3) row[dir_name] parameter in (d) include/classes/module/module.class.php, and the (4) lang_path parameter in (e) include/classes/phpmailer/class.phpmailer.php. NOTE: the print.php vector is already covered by CVE-2005-3404.
Unspecified vulnerability in ManageEngine Firew
authenticated
|
vulnerability
|
ManageEngine
|
Unspecified
|
Analyzer
|
Firewall
|
request
|
"access
|
direct
|
common
|
allows
|
remote
|
file"
|
users
|
URL
|
via
|
any
|
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request.
Unspecified vulnerability in Oracle E-Business
vulnerability
|
Unspecified
|
E-Business
|
11510CU2
|
unknown
|
vectors
|
remote
|
attack
|
impact
|
Oracle
|
Suite
|
has
|
Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02).
Software vulnerabilities results 1 to 20 of 73
Page:
1
2
3
4
►