Page 5 of 61 results (0.013 seconds)

CVSS: 5.0EPSS: 2%CPEs: 19EXPL: 0

The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. El módulo mod_authz_svn en Subversion 1.0.7 y anteriores no restringe adecuadamente el acceso a todos los metadatos en rutas ilegibles, lo que podría permitir a atacantes remotos ganar información sensible mediante (1) svn log -v, (2) svn propget, o (3) svn blame, y otras órdenes que siguen cambios de de nombre. • http://fedoranews.org/updates/FEDORA-2004-318.shtml http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml http://www.securityfocus.com/bid/11243 https://exchange.xforce.ibmcloud.com/vulnerabilities/17472 •

CVSS: 7.5EPSS: 96%CPEs: 48EXPL: 2

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/968818 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •

CVSS: 6.8EPSS: 2%CPEs: 22EXPL: 0

Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000905 http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=110012133608004&w=2 http://voxel.dl.sourceforge.net/sourceforge/squirrelmail/sm143a-xss.diff http://www.gentoo.org/security/en/glsa/glsa-200411-25.xml http://www.squirrelmail.org https://exchange.xforce.ibmcloud.com/vulnerabilities/18031 https:/&#x •

CVSS: 7.5EPSS: 96%CPEs: 48EXPL: 2

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/968818 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •

CVSS: 10.0EPSS: 10%CPEs: 42EXPL: 0

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. • http://gaim.sourceforge.net/security/?id=9 http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml http://www.redhat.com/support/errata/RHSA-2004-604.html https://bugzilla.fedora.us/show_bug.cgi?id=2188 https://exchange.xforce.ibmcloud.com/vulnerabilities/17786 https://exchange.xforce.ibmcloud.com/vulnerabilities/17787 https://exchange.xforce.ibmcloud.com/vulnerabilities/17790 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790 https://www.ubuntu& •