verify software vulnerabilities
vulnerabilities.aspcode.net
Searching verify software vulnerabilities
AdLibrary.pm in AdCycle 0.78b allows remote att
AdLibrarypm
|
privileges
|
attackers
|
malformed
|
AdCycle
|
allows
|
remote
|
078b
|
gain
|
via
|
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.
ProFTPD 1.2.2rc2, and possibly other versions,
reverse-resolved
|
resolution
|
performing
|
hostnames
|
incorrect
|
attackers
|
hostname
|
properly
|
possibly
|
versions
|
forward
|
ProFTPD
|
remote
|
bypass
|
122rc2
|
allows
|
verify
|
logged
|
client
|
cause
|
which
|
other
|
does
|
ACLs
|
not
|
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
CMG WAP gateway does not verify the fully quali
man-in-the-middle
|
certificates
|
authorities
|
certificate
|
qualified
|
attackers
|
gateway
|
allows
|
remote
|
verify
|
attack
|
domain
|
spoof
|
fully
|
which
|
name
|
does
|
X509
|
root
|
via
|
CMG
|
SSL
|
URL
|
WAP
|
not
|
CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.
Openwave WAP gateway does not verify the fully
man-in-the-middle
|
certificates
|
certificate
|
authorities
|
attackers
|
qualified
|
Openwave
|
gateway
|
remote
|
allows
|
verify
|
domain
|
attack
|
which
|
spoof
|
fully
|
name
|
does
|
X509
|
root
|
via
|
not
|
URL
|
WAP
|
SSL
|
Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.
chuid 1.2 and earlier does not properly verify
attackers
|
ownership
|
properly
|
changed
|
earlier
|
remote
|
allows
|
change
|
verify
|
users
|
other
|
owned
|
chuid
|
files
|
which
|
such
|
root
|
does
|
not
|
chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.
PHProjekt 2.0 through 3.1 allows remote attacke
attackers
|
PHProjekt
|
requests
|
certain
|
through
|
scripts
|
verify
|
remote
|
allows
|
logged
|
modify
|
user
|
data
|
view
|
not
|
via
|
PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scripts that do not verify if the user is logged in.
The upload function in PHPProjekt 2.0 through 3
PHPProjekt
|
attackers
|
variables
|
arbitrary
|
properly
|
uploaded
|
function
|
process
|
related
|
through
|
certain
|
allows
|
remote
|
upload
|
verify
|
cause
|
files
|
which
|
data
|
does
|
not
|
The upload function in PHPProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHPProjekt to process arbitrary files.
ChaiVM EZloader for HP color LaserJet 4500 and
LaserJet
|
EZloader
|
ChaiVM
|
color
|
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
Database of Our Owlish Wisdom (DOOW) 0.1 throug
Database
|
Owlish
|
Wisdom
|
Our
|
Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities.
The LDAP name service (nsd) in IRIX 6.5.19 and
service
|
name
|
LDAP
|
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.
The STP protocol implementation in Linux 2.4.x
implementation
|
attackers
|
properly
|
protocol
|
certain
|
lengths
|
service
|
denial
|
verify
|
allow
|
cause
|
Linux
|
could
|
which
|
does
|
STP
|
not
|
24x
|
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
mod_digest for Apache before 1.3.31 does not pr
mod_digest
|
before
|
Apache
|
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
Format string vulnerability in the SSL_set_veri
SSL_set_verify
|
vulnerability
|
SSLtelnet
|
telnetdc
|
function
|
daemon
|
string
|
Format
|
Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.
Extcompose in metamail does not verify the outp
Extcompose
|
arbitrary
|
overwrite
|
metamail
|
writing
|
symlink
|
allows
|
before
|
verify
|
attack
|
output
|
files
|
users
|
which
|
local
|
does
|
file
|
not
|
via
|
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
ptrace in Linux kernel 2.6.8.1 does not properl
kernel
|
ptrace
|
Linux
|
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).
The Admin panel in PwsPHP 1.2.2 does not proper
PwsPHP
|
panel
|
Admin
|
The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files.
Website Baker Project does not properly verify
extensions
|
attackers
|
arbitrary
|
properly
|
uploaded
|
Project
|
execute
|
Website
|
allows
|
upload
|
remote
|
verify
|
Baker
|
which
|
files
|
code
|
does
|
file
|
PHP
|
not
|
Website Baker Project does not properly verify the file extensions of uploaded files, which allows remote attackers to upload and execute arbitrary PHP code.
Helpdesk software Hesk 0.92 does not properly v
software
|
Helpdesk
|
Hesk
|
Helpdesk software Hesk 0.92 does not properly verify usernames and passwords, which allows remote attackers to bypass authentication via a direct request to admin_main.php.
Almond Classifieds does not properly verify the
restrictions
|
Classifieds
|
attackers
|
password
|
properly
|
bypass
|
access
|
Almond
|
allows
|
verify
|
which
|
does
|
not
|
Almond Classifieds does not properly verify the password, which allows attackers to bypass access restrictions.
eXtremail 2.1.1 and earlier does not verify the
eXtremail
|
eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing.
Software vulnerabilities results 1 to 20 of 154
Page:
1
2
3
4
5
...
8
►