Searching resources software vulnerabilities

Configuration error in Axent Raptor Firewall 6.

Configuration | httpnoproxy | attackers | resources | internal | Firewall | access | Raptor | remote | allows | error | Axent | proxy | Rule | set | not | use | web |

Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.


Vulnerability in CIFS/9000 Server (SAMBA) A.01.

Vulnerability | CIFS/9000 | Server |

Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.


Vulnerability in DECwindows Motif Server on Ope

Vulnerability | unauthorized | DECwindows | resources | through | OpenVMS | access | allows | Server | users | Motif | SEVMS | Alpha | local | gain | VAX |

Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.


Directory traversal vulnerability in WebID in R

vulnerability | ACE/Agent | Directory | traversal | Security | SecurID | Windows | WebID | used | RSA |

Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences.


Unknown vulnerability in Tomcat 3.2.1 running o

vulnerability | Unknown | Tomcat |

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.


Resin 2.1.1 allows remote attackers to cause a

Resin |

Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.


Unknown vulnerability in Java web start 1.0.1_0

vulnerability | Unknown | 101_01 | start | Java | web |

Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.


Unknown vulnerability in Apache 2.0.51 prevents

vulnerability | Unknown | Apache |

Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.


Soft3304 04WebServer before 1.41 allows remote

04WebServer | Soft3304 | before |

Soft3304 04WebServer before 1.41 allows remote attackers to cause a denial of service (resource consumption or crash) via certain data related to OpenSSL, which causes a thread to terminate but continue to hold resources.


Ingate Firewall 4.1.3 and earlier does not term

Firewall | Ingate |

Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.


Belkin 54G (F5D7130) wireless router allows rem

Belkin | 54G |

Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication.


Safari in Mac OS X 10.3 before 10.3.9 and 10.4

Safari | Mac |

Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.


Unspecified vulnerability in BEA WebLogic Porta

vulnerability | Unspecified | Services | WebLogic | Portlets | through | Portal | Remote | using | BEA | SP3 | SP5 | Web |

Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), allows remote attackers to access restricted web resources via crafted URLs.


Multiple SQL injection vulnerabilities in Scrip

vulnerabilities | unspecified | ScriptMate | components | Resources" | attackers | arbitrary | injection | commands | Multiple | possibly | "Manage | earlier | Manager | execute | remote | other | allow | User | via | SQL |

Multiple SQL injection vulnerabilities in ScriptMate User Manager 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via "Manage Resources" and possibly other unspecified components.


The (1) Activity Monitor.app/Contents/Resources


The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Resources/kcproxy, and (3) ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions (writable by admin group), which allows local admin users to gain root privileges by modifying a program and then performing permissions repair via diskutil.


Cross-site scripting (XSS) vulnerability in adm

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in admin/memberlist.php in Easebay Resources Login Manager 3.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.


SQL injection vulnerability in admin/memberlist

admin/memberlistphp | vulnerability | Resources | attackers | arbitrary | injection | parameter | commands | init_row | execute | Easebay | Manager | allows | remote | Login | SQL | via |

SQL injection vulnerability in admin/memberlist.php in Easebay Resources Login Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the init_row parameter.


Cross-site scripting (XSS) vulnerability in adm

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in admin/edit_member.php in Easebay Resources Paypal Subscription Manager allows remote attackers to inject arbitrary web script or HTML via the username parameter.


SQL injection vulnerability in admin/memberlist

admin/memberlistphp | vulnerability | Subscription | attackers | arbitrary | Resources | injection | parameter | commands | execute | keyword | Manager | Easebay | Paypal | remote | allows | SQL | via |

SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter.


PHP remote file inclusion vulnerability in reso

resources/includes/classSmartyphp | vulnerability | inclusion | Pixaria | Gallery | before | remote | file | PHP |

PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter.


Software vulnerabilities results 1 to 20 of 49     
Page: 123