CWE:
 

Topic
Date
Author
Med.
WordPress 3.6.1 PHP unserialization & Open Redirect & Privilege Escalation
12.09.2013
Andrew Nacin
Low
SmartSniff DLL Hijacking Exploit (wpcap.dll)
17.09.2012
anT!-Tr0J4n
Low
SEasyOfficeRecovery DLL Hijacking Exploit (dwmapi.dll)
17.09.2012
anT!-Tr0J4n
Med.
Google Chrome pkcs11.txt File Planting
03.11.2011
acros
Med.
VMware ESXi and ESX updates to third party libraries and ESX Service Console
26.10.2011
VMware Security Team
Med.
ibm db2 9.7 Exploiting the linker
26.10.2011
Tim Brown
High
linux kernel 2.6.39 cred->user_ns in key_replace_session_keyring
13.09.2011
Robert Swiecki
Low
linux kernel 2.6.38 related to O_DIRECT crash
07.09.2011
Ben Greear
Med.
multiple functions null pointer dereference uppon parameters injection
16.05.2011
Advisories Toucan-Syst...
High
kadmind invalid pointer free()
18.04.2011
Tom Yu
Low
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
18.03.2011
Maksymilian Arciemowic...
Med.
Plaintext injection in STARTTLS (multiple implementations)
18.03.2011
Wietse Venema
Med.
RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
22.02.2011
Eduardo
Med.
PHP 5.3.5 grapheme_extract() NULL Pointer Dereference
17.02.2011
Maksymilian Arciemowic...
Med.
KDC denial of service attacks
12.02.2011
Tom Yu
Low
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel
22.01.2011
th_decoder 126 com
High
Multiple Vendors (Internet Explorer, Mozilla etc) remote code execution
12.01.2011
Michal Zalewski
High
ImgBurn 2.4.0.0 DLL Hijack
06.01.2011
d3c0der
Med.
Apache Insecure mod_rewrite PCRE Resource Exhaustion
21.12.2010
Maksymilian Arciemowic...
Med.
Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability
07.12.2010
Mark Stanislav
Med.
Vtiger CRM 5.2.0 Multiple Vulnerabilities
30.11.2010
ascii
High
Linux Kernel \'sctp_outq_flush()\' Denial of Service Vulnerability
25.11.2010
Thomas Dreibholz
Med.
Mono \'loader.c\' Library Loading Local Privilege Escalation Vulnerability
20.11.2010
Richard Brooksby
Med.
VideoCharge Studio DLL Hijacking Exploit (dwmapi.dll , quserex.dll )
23.09.2010
anT!-Tr0J4n
Low
Microsoft Word 2003 MSO Null Pointer Dereference Vulnerability
22.09.2010
Aditya K Sood
High
PGP Desktop version 9.10.x-10.0.0 Insecure DLL Hijacking Vulnerability
17.09.2010
YGN Ethical Hacker Gro...
Med.
Tortoise SVN 1.6.10 build 19898 the Windows DLL hijacking vulnerability.
01.09.2010
Nikhil Mittal
High
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)
27.08.2010
glafkos astalavista co...
High
Remote Binary Planting in Apple iTunes for Windows
24.08.2010
Mitja Kolsek
Med.
OpenSSL \"ssl3_get_key_exchange()\" Use-after-free Vulnerability
20.08.2010
Georgi Guninski
Low
LibTIFF \'td_stripbytecount\' NULL Pointer Dereference Remote Denial of Service
10.08.2010
Tomas Hoger
Med.
KVIrc Failed DCC Handshake Notification Command Injection Vulnerability
04.08.2010
unic0rn
Med.
[Apache HTTP Server 2.2.16 Released multiple vulnerabilities
30.07.2010
Paul Querna &lt;pquern...
Med.
Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Vulnerability
05.07.2010
hushmail
Med.
TCExam 10.1.007 Arbitrary Upload
07.06.2010
Jjohn Leitch
Med.
GSS-API lib null pointer deref
24.05.2010
Tom Yu
Med.
IBM Datapower XS40 Denial of Service
03.05.2010
Erik
Med.
e107 Avatar/Photograph Image File Upload Vulnerability
22.04.2010
Secunia Research
Med.
Irssi Denial of Service and SSL Hostname Verification Security Bypass Vulnerabilities
19.04.2010
vendor
Med.
Lexmark Multiple Laser printer FTP Remote Denial of Services
26.03.2010
Francis Provencher
Med.
Safari 4.0.4 (531.21.10) - Stack Overflow/run
07.03.2010
John Cobb
High
DATEV ActiveX Control remote command execution
02.03.2010
NSO Research
Med.
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
19.02.2010
Mathias Krause
Med.
PHP 5.2.12/5.3.1 session.save_path safe_mode and open_basedir bypass
12.02.2010
Grzegorz Stachowiak
High
Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities
07.02.2010
Core
Med.
Windows Live Messenger 2009 ActiveX DoS Vulnerability
14.01.2010
hackattack
Med.
Cherokee Web Server 0.5.4 Denial Of Service
08.01.2010
usman
Med.
Zen Cart local file disclosure vulnerability
16.12.2009
Bogdan Calin
Med.
Cisco VPN Client Integer overflow (DOS) Proof Of Concept Code
03.12.2009
alt3kx
Med.
RTP s800i 1.3.0.4 Remote Crash Vulnerability
03.12.2009
Asterisk Security Team
Med.
PHP 5.3.0 \"multipart/form-data\" denial of service
27.11.2009
Bogdan Calin
Low
OpenX 2.8.1 remote code execution
26.11.2009
null
Low
Xerver 4.32 HTTP response splitting vulnerability
24.11.2009
sasquatch
Low
XM Easy Personal FTP Serve Remote Denial of Service Vulnerability
24.11.2009
zhangmc
Med.
DoS vulnerability in Internet Explorer
20.11.2009
MustLive
Med.
DoS vulnerability in Internet Explorer
18.11.2009
MustLive
High
Windows 7 and Windows Server 2008 remote dos
17.11.2009
Laurent Gaffi
Med.
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation
04.11.2009
Tavis Ormandy & and Ju...
Low
SharePoint 2007 ASP.NET Source Code Disclosure
03.11.2009
Daniel Martin
Med.
Snort 2.8.5.1 multiple vulnerabilities
30.10.2009
Laurent Gaffi
Low
GPG2/Kleopatra 2.0.11 - Malformed Certificate Crash PoC
29.10.2009
Dr_IDE
Med.
Websense Email Security v7.1 Web Administrator DoS
24.10.2009
NSO Research
High
PHP 5.2.11 libgd multiple vulnerabilities
22.10.2009
Tomas Hoger
Med.
Innovation Data Processing FDR Port Scan DoS
21.10.2009
Anonymous
Low
Missing initializations in dumped data
21.10.2009
Patrick McHardy & Davi...
High
Piwik Build 1357 2009-08-02 remote file upload vulnerability
20.10.2009
Braeden Thomas
Med.
ZoIPer v2.22 Call-Info Remote Denial Of Service
19.10.2009
Tomer Bitton
Med.
FileCOPA FTP Server Version 5.01 Remote DoS Exploit
12.10.2009
null
Low
OpenBSD patch: XMM exceptions incorrectly handled in i386 kernel
08.10.2009
Slava Pestov
Med.
XM Easy Personal FTP server 5.8 remote denial of service
03.10.2009
PLATEN
Med.
Half-Life CSTRIKE Server 1.6 Denial of Service Exploit (no-steam)
16.09.2009
Maxim Suhanov
Med.
Telephone Directory 2008 Arbitrary Delete Contact Exploit
08.09.2009
Stack
Med.
Eye-Fi 1.1.2 Multiple Vulnerabilities
02.09.2009
Seth Fogie (seth airsc...
High
MS Windows 2003 (EOT File) BSOD Crash Exploit
02.09.2009
webDEViL
Med.
Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit
25.08.2009
Metacortex
Med.
fhttpd 0.4.2 un64() Remote Denial of Service Exploit
24.08.2009
Jeremy Brown
Med.
aspWebAlbum 3.2 (Upload/SQL/XSS) Multiple Remote Vulnerabilities
20.08.2009
null
Med.
MS Internet Explorer 8.0.7100.0 Simple HTML Remote Crash PoC
17.08.2009
schnuddelbuddel
High
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Exploit
14.08.2009
Underz0ne Crew
High
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
13.08.2009
Nine:Situations:Group:...
Med.
BGP 4-byte ASN bug fixes
08.05.2009
Chris Caputo
Med.
FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit
31.01.2009
Houssamix
Med.
Siemens C450IP/C475IP DoS
25.11.2008
Martin Kluge
High
db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
29.10.2008
shinnai
High
Peachtree Accounting 2004 (PAWWeb11.ocx) ActiveX Insecure Method
23.10.2008
Jeremy Brown
High
Chilkat FTP ActiveX 2.0 (ChilkatCert.dll) Insecure Method Exploit
21.10.2008
darkl0rd
High
Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
19.10.2008
e.b.
Med.
Chilkat Mail ActiveX 7.8 (ChilkatCert.dll) Insecure Method Exploit
19.10.2008
anon
High
Macrovision FlexNet DownloadManager Insecure Methods Exploit
18.10.2008
e.b.
High
sctp: fix potential panics in the SCTP-AUTH API.
04.09.2008
Vlad Yasevich
High
Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
28.06.2008
BugReport.ir
Med.
Server freezed in Skulltag 0.97d2-RC2
17.06.2008
Luigi Auriemma
Med.
Nucleus CMS <= 3.22 arbitrary remote inclusion
27.05.2006
rgod


CVEMAP Search Results

CVE
Details
Description
2021-07-14
Medium
CVE-2021-20784

Vendor: Voidtools
Software: Everything
 

 
HTTP header injection vulnerability in Everything all versions except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product via unspecified vectors.

 
Low
CVE-2021-36374

Vendor: Apache
Software: ANT
 

 
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected.

 
Low
CVE-2021-36373

Vendor: Apache
Software: ANT
 

 
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected.

 
Medium
CVE-2021-25953

Vendor: Putil-merge project
Software: Putil-merge
 

 
Prototype pollution vulnerability in 'putil-merge' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution.

 
Low
CVE-2021-33689

Vendor: SAP
Software: Netweaver ap...
 

 
When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.

 
Low
CVE-2021-0604

Vendor: Google
Software: Android
 

 
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179910660

 
2021-07-13
Low
CVE-2021-1896

Updating...
 

 
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity

 
Low
CVE-2021-36123

Vendor: Echobh
Software: Sharecare
 

 
An issue was discovered in Echo ShareCare 8.15.5. The TextReader feature in General/TextReader/TextReader.cfm is susceptible to a local file inclusion vulnerability when processing remote input in the textFile parameter from an authenticated user, leading to the ability to read arbitrary files on the server filesystems as well any files accessible via Universal Naming Convention (UNC) paths.

 
2021-07-12
Low
CVE-2021-32680

Vendor: Nextcloud
Software: Nextcloud server
 

 
Nextcloud Server is a Nextcloud package that handles data storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is supposed to be logged. This issue is patched in versions 19.0.13, 20.0.11, and 21.0.3.

 
Medium
CVE-2021-21589

Vendor: DELL
Software: Emc unity op...
 

 
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top