tables software vulnerabilities
vulnerabilities.aspcode.net
Searching tables software vulnerabilities
A hidden SNMP community string in HP OpenView a
information
|
attackers
|
community
|
sensitive
|
OpenView
|
modify
|
obtain
|
tables
|
string
|
hidden
|
allows
|
remote
|
SNMP
|
MIB
|
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
Windows 95, 98, and NT 4.0 allow remote attacke
attackers
|
spoofing
|
messages
|
redirect
|
service
|
Windows
|
routing
|
router
|
causes
|
change
|
denial
|
remote
|
tables
|
cause
|
allow
|
which
|
ICMP
|
its
|
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
upgrade.php3 in Phorum 3.0.7 could allow remote
upgradephp3
|
Phorum
|
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.
Multiple buffer overflows in purity 1-16 allow
privileges
|
overflows
|
Multiple
|
scores
|
modify
|
buffer
|
purity
|
tables
|
local
|
allow
|
users
|
1-16
|
gain
|
high
|
Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables.
IBM UniVerse with UV/ODBC allows attackers to c
attackers
|
UniVerse
|
UV/ODBC
|
service
|
denial
|
allows
|
cause
|
IBM
|
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.
Buffer overflow in Links 2.0 pre4 allows remote
attackers
|
arbitrary
|
browsers
|
possibly
|
overflow
|
execute
|
Buffer
|
images
|
16-bit
|
tables
|
remote
|
client
|
allows
|
gamma
|
large
|
crash
|
Links
|
code
|
pre4
|
via
|
PNG
|
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.
Firewalls from multiple vendors empty state tab
attackers
|
Firewalls
|
flooding
|
multiple
|
attacks
|
vendors
|
allows
|
filled
|
packet
|
remote
|
slowly
|
tables
|
empty
|
flood
|
state
|
which
|
such
|
more
|
than
|
they
|
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
The jail system call in FreeBSD 4.x before 4.10
410-RELEASE
|
manipulate
|
originated
|
non-jailed
|
attempt
|
process
|
routing
|
FreeBSD
|
tables
|
modify
|
system
|
verify
|
before
|
local
|
allow
|
table
|
users
|
could
|
which
|
does
|
call
|
jail
|
not
|
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table.
Vcard 2.9 and possibly other versions does not
authorization
|
uninstallphp
|
uninstall
|
attackers
|
database
|
possibly
|
versions
|
request
|
require
|
remote
|
direct
|
delete
|
tables
|
Vcard
|
other
|
which
|
allow
|
could
|
does
|
via
|
run
|
not
|
Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php.
PHP remote file inclusion vulnerability in tabl
tables_updateincphp
|
vulnerability
|
phpGroupWare
|
inclusion
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter.
phpMyAdmin 2.6.1 does not properly grant permis
phpMyAdmin
|
phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.1
MySQL
|
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
inflate.c in the zlib routines in the Linux ker
routines
|
inflatec
|
kernel
|
before
|
Linux
|
zlib
|
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
Aenovo products (1) aeNovo, (2) aeNovoShop, and
products
|
Aenovo
|
Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.
BusyBox 1.1.1 does not use a salt when generati
BusyBox
|
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
Oracle Database Server 10g Release 2 allows loc
arbitrary
|
malicious
|
reference
|
TYPE_NAME
|
argument
|
Database
|
queries
|
package
|
execute
|
Release
|
allows
|
Oracle
|
Server
|
local
|
users
|
SQL
|
via
|
10g
|
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPE_NAME argument in the (1) GET_DOMAIN_INDEX_TABLES or (2) GET_V2_DOMAIN_INDEX_TABLES function in the DBMS_EXPORT_EXTENSION package.
Unspecified vulnerability in MkPortal allows re
vulnerability
|
Unspecified
|
attackers
|
possibly
|
"Tables"
|
MkPortal
|
affects
|
Message
|
certain
|
content
|
corrupt
|
related
|
Urlobox
|
impact
|
allows
|
remote
|
other
|
site
|
long
|
have
|
via
|
web
|
Unspecified vulnerability in MkPortal allows remote attackers to corrupt web site content, and possibly have other impact, via a certain long Message that affects "Tables," related to the Urlobox.
Apache Derby before 10.2.1.6 does not determine
before
|
Apache
|
Derby
|
Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
Cross-site scripting (XSS) vulnerability in Med
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript."
MySQL before 5.1.18 allows remote authenticated
before
|
MySQL
|
MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
Software vulnerabilities results 1 to 20 of 27
Page:
1
2
►