Page 9 of 69 results (0.010 seconds)

CVSS: 6.8EPSS: 2%CPEs: 27EXPL: 0

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en ht://dig (htdig) anteriores a 3.1.6r7 permite a atacantes remotos ejecutar script web de su elección o HTML mediante el parámetro config, que no es limpiado adecuamante antes de ser mostrado en le mensaje de error. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt http://secunia.com/advisories/14255 http://secunia.com/advisories/14276 http://secunia.com/advisories/14303 http://secunia.com/advisories/14795 http://secunia.com/advisories/15007 http://secunia.com/advisories/17414 http://secunia.com/advisories/17415 http://securitytracker.com/id?1013078 http://www.debian.org/security/2005/dsa-680 http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml http&# •

CVSS: 6.2EPSS: 0%CPEs: 147EXPL: 4

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://www.exploit-db.com/exploits/778 https://www.exploit-db.com/exploits/744 https://www.exploit-db.com/exploits/895 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://isec.pl/vulnerabilities/isec-0021-uselib.txt http://marc.info/?l=bugtraq&m=110512575901427&w=2 http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://www.debian.org/security •

CVSS: 5.0EPSS: 2%CPEs: 61EXPL: 0

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 http://secunia.com/advisories/13468 http://www.ciac.org/ciac/bulletins/p-061.shtml http://www.debian.org/security/2004/dsa-613 http://www.ethereal.com/appnotes/enpa-sa-00016.html http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:152 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/su •

CVSS: 5.0EPSS: 0%CPEs: 61EXPL: 0

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 http://secunia.com/advisories/13468 http://www.ciac.org/ciac/bulletins/p-061.shtml http://www.ethereal.com/appnotes/enpa-sa-00016.html http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:152 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html http://www.redhat.com/support/errata/RHSA-2005-037.html http://www.se •

CVSS: 5.0EPSS: 0%CPEs: 61EXPL: 0

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. • http://marc.info/?l=bugtraq&m=110356286722875&w=2 http://secunia.com/advisories/13586 http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml http://www.heise.de/security/dienste/browsercheck/tests/java.shtml http://www.kb.cert.org/vuls/id/420222 http://www.kde.org/info/security/advisory-20041220-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:154 http://www.redhat.com/support/errata/RHSA-2005-065.html https://exchange.xforce.ibmcloud.com/vulnera •