Searching versions software vulnerabilities

In older versions of Sendmail, an attacker coul

character | attacker | commands | versions | Sendmail | execute | older | could | root | pipe | use |

In older versions of Sendmail, an attacker could use a pipe character to execute root commands.


super 3.11.6 and other versions have a buffer o

super |

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.


The default permissions of /dev/kmem in Linux v

permissions | /dev/kmem | versions | default | before | Linux |

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.


Buffer overflow in qpopper 3.0 beta versions al

privileges | versions | overflow | command | qpopper | Buffer | allows | users | local | long | LIST | gain | beta | via |

Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.


eEye SecureIIS versions 1.0.3 and earlier does

SecureIIS | versions | eEye |

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier.


Directory traversal vulnerability in HTTP serve

vulnerability | containing | attackers | arbitrary | traversal | Directory | commands | execute | request | Network | Alchemy | Monitor | allows | server | remote | HTTP | Eye | via |

Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10.


Vulnerability in wu-ftpd 2.6.0, and possibly ea

Vulnerability | wu-ftpd |

Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.


Vulnerability in Interchange 4.8.6, 4.8.3, and

Vulnerability | Interchange |

Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.


Buffer overflow in lscfg of unknown versions of

overflow | versions | unknown | impact | Buffer | lscfg | has | AIX |

Buffer overflow in lscfg of unknown versions of AIX has unknown impact.


Unspecified "security vulnerability" in Baby FT

vulnerability" | Unspecified | "security | November | versions | Server | before | Baby | FTP |

Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.


Multiple versions of Cisco ONS 15327, ONS 15454

versions | Multiple | Cisco | ONS |

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets.


betaparticle blog (bp blog) stores the database

betaparticle | blog |

betaparticle blog (bp blog) stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to (1) dbBlogMX.mdb for versions before 3.0, or (2) Blog.mdb for versions 3.0 and later.


FlatNuke 2.5.5 and possibly earlier versions al

FlatNuke |

FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php.


Unknown vulnerability in Parlano MindAlign 5.0

authentication | vulnerability | MindAlign | attackers | versions | Unknown | Parlano | vectors | bypass | allows | remote | later | via |

Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors.


Parlano MindAlign 5.0 and later versions uses w

encryption | MindAlign | versions | unknown | vectors | Parlano | impact | attack | later | uses | weak |

Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors.


The default index page in the HTTP server in Hi

Hitachi | default | server | IP5000 | index | Phone | WIFI | HTTP | page | VOIP |

The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive information such as software versions.


imake in NetBSD before 2.0.3, NetBSD-current be

before | NetBSD | imake |

imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.


Cross-site scripting (XSS) vulnerability in Lot

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.


The original distribution of MyBulletinBoard (M

MyBulletinBoard | distribution | original |

The original distribution of MyBulletinBoard (MyBB) to update from older versions to 1.0.2 omits or includes older versions of certain critical files, which allows attackers to conduct (1) SQL injection attacks via an attachment name that is not properly handled by inc/functions_upload.php (CVE-2005-4602), and possibly (2) other attacks related to threadmode in usercp.php.


Unspecified vulnerability in the utrace support

vulnerability | Unspecified | support | kernel | utrace | Linux |

Unspecified vulnerability in the utrace support for Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service


Software vulnerabilities results 1 to 20 of 833     
Page: 12345...42