6 results (0.009 seconds)

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2

PHP remote file inclusion vulnerability in include/database.php in SourceForge (aka alexandria) 1.0.4 allows remote attackers to execute arbitrary PHP code via the sys_dbtype parameter. Vulnerabilidad PHP de inclusión remota de archivo en include/database.php en SourceForge (también conocido como alexandria) 1.0.4 permite a un atacante remoto ejecutar código PHP de su elección a través del parámetro sys_dbtype. • https://www.exploit-db.com/exploits/2623 http://www.securityfocus.com/bid/20692 https://exchange.xforce.ibmcloud.com/vulnerabilities/29751 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users. • http://bugzilla.opengroupware.org/bugzilla/show_bug.cgi?id=1060 http://securitytracker.com/id?1013553 http://www.osvdb.org/14675 https://exchange.xforce.ibmcloud.com/vulnerabilities/19820 •

CVSS: 10.0EPSS: 85%CPEs: 12EXPL: 0

Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. Vulnerabilidad de doble liberación de memora en dtlogin de CDE sobre Solaris, y posiblemente otros sistemas operativos, permite a atacantes remotos ejecutar código arbitrario mediante cierto paquete UDP. • ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0064.html http://lists.immunitysec.com/pipermail/dailydave/2004-March/000402.html http://secunia.com/advisories/11210 http://secunia.com/advisories/11214 http://secunia.com/advisories/11495 http://secunia.com/advisories/11614 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101478-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57539-1&se • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 25%CPEs: 6EXPL: 2

Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. • https://www.exploit-db.com/exploits/16323 https://www.exploit-db.com/exploits/9923 ftp://patches.sgi.com/support/free/security/advisories/20011107-01-P ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.30 http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/214 http://www.cert.org/advisories/CA-2001-31.html http://www.cert.org/advisories/CA-2002-01.html http://www.kb. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 1

libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. • http://marc.info/?l=bugtraq&m=96146116627474&w=2 http://www.securityfocus.com/bid/1409 https://exchange.xforce.ibmcloud.com/vulnerabilities/4996 •