Page 3 of 52 results (0.013 seconds)

CVSS: 8.2EPSS: 2%CPEs: 5EXPL: 0

14 Nov 2019 — Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. Moodle versiones anteriores a 2.2.2, tiene un problema de contraseña y servicios web donde, cuando el perfil de usuario es actualizado, la contraseña de usuario se restablece si no es especificada. • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0

14 Nov 2019 — Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to Moodle posee un problema de permiso de exportación de la actividad de la base de datos donde la función de exportación del módulo de actividad de la base de datos exporta todas las entradas, incluso aquellas de grupos a los que el usuario no pertenece • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

07 Nov 2019 — OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. OpenTTD versiones anteriores a 1.1.5, contiene una Denegación de Servicio (ataque de lectura lenta) que impide que los usuarios se unan al servidor. • http://security.openttd.org/en/CVE-2012-0049 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 253EXPL: 0

25 Jul 2016 — (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Modul... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 1

30 Mar 2016 — Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow. Desbordamiento de entero en la función isofs_real_read_zf en isofs.c en FuseISO 20070708 podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto no especi... • http://www.debian.org/security/2016/dsa-3551 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 1

30 Mar 2016 — Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file. Desbordamiento de buffer basado en pila en la función isofs_real_readdir en isofs.c en FuseISO 20070708 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un nombre de ruta largo en un ... • http://www.debian.org/security/2016/dsa-3551 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 0

05 May 2014 — Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow. Error de superación de límite (off-by-one) en la función DecompressRTF en ytnef.c en Yerase's TNEF Stream Reader permite a atacantes remotos causar una denegación de servicio (caída) a través de un archivo TNEF manipulado, lo que provoca un desbordamiento de buffer. • http://sourceforge.net/p/ytnef/bugs/13 • CWE-189: Numeric Errors •

CVSS: 9.8EPSS: 0%CPEs: 23EXPL: 2

07 Apr 2014 — The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message. La función SetWiredProperty en la interfaz D-Bus en WICD anterior a 1.7.2 permite a usuarios locales escribir ajustes de configuración arbitrarios y ganar privilegios a través de un nombre de propiedad manipulado en un mensaje dbus. • https://www.exploit-db.com/exploits/18733 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

10 Feb 2014 — Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors. Múltiples vulnerabilidades de cade... • http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html • CWE-134: Use of Externally-Controlled Format String •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

02 Sep 2013 — xlockmore before 5.43 'dclock' security bypass vulnerability xlockmore versiones anteriores a 5.43, se presenta una vulnerabilidad de omisión de seguridad de "dclock". A buffer overflow in Xlockmore might allow remote attackers to cause a Denial of Service. Versions less than 5.43 are affected. • http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091108.html • CWE-20: Improper Input Validation •