reads software vulnerabilities
vulnerabilities.aspcode.net
Searching reads software vulnerabilities
Directory traversal vulnerability in ans.pl in
vulnerability
|
Avenger's
|
Directory
|
traversal
|
System
|
anspl
|
News
|
Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a .. (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl's eval function.
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows
OpenLDAP2
|
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.
lv reads a .lv file from the current working di
directories
|
directory
|
malicious
|
arbitrary
|
commands
|
placing
|
execute
|
current
|
working
|
allows
|
files
|
other
|
which
|
reads
|
users
|
local
|
into
|
file
|
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
Memory leak in the seq_file implemenetation in
implemenetation
|
interface
|
seq_file
|
procfs
|
Memory
|
leak
|
SCSI
|
Memory leak in the seq_file implemenetation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.
Text Rider 2.4 allows attackers to bypass authe
authentication
|
attackers
|
providing
|
obtaining
|
password
|
without
|
upload
|
allows
|
bypass
|
valid
|
Rider
|
files
|
hash
|
Text
|
MD5
|
Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtaining the MD5 hash of the password (possibly via another vulnerability that reads it from a data file), then including the hash in a cookie.
The HTML rendering engine in Mozilla Thunderbir
application
|
Thunderbird
|
attachments
|
information
|
sensitive
|
rendering
|
attackers
|
messages"
|
external
|
properly
|
accessed
|
Mozilla
|
loading
|
address
|
enabled
|
version
|
obtain
|
inline
|
remote
|
images
|
engine
|
"Block
|
email
|
reads
|
could
|
which
|
block
|
image
|
allow
|
HTML
|
user
|
does
|
mail
|
such
|
not
|
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.
Multiple buffer overflows in Firebird 2.1 allow
unspecified
|
corruption
|
attackers
|
processed
|
overflows
|
possibly
|
Multiple
|
Firebird
|
certain
|
trigger
|
impact
|
buffer
|
memory
|
input
|
other
|
allow
|
have
|
via
|
Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE.
cgi-bin/cgi-lib/instantmessage.pl in web-app.or
cgi-bin/cgi-lib/instantmessagepl
|
web-apporg
|
before
|
WebAPP
|
cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the (1) imview2 or (2) imview3 function reads (a) an internal IM, or a message from a (b) guest or (c) removed member, which has unknown impact and remote attack vectors.
The snd_mem_proc_read function in sound/core/me
sound/core/memallocc
|
snd_mem_proc_read
|
Architecture
|
Advanced
|
function
|
Sound
|
Linux
|
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Software vulnerabilities results 1 to 10 of 10
Page:
1