CVE-2006-2997

This is an entry in the Common Vulnerability Index under number CVE-2006-2997. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2006-2997

Description: Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the raw parameter in the search field.

Continue Reading …

CVE-2013-6288

This is an entry in the Common Vulnerability Index under number CVE-2013-6288. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2013-6288

Description: Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to “Insecure Unserialize.”

Continue Reading …

CVE-2003-0046

This is an entry in the Common Vulnerability Index under number CVE-2003-0046. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2003-0046

Description: AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

Continue Reading …

CVE-2006-2180

This is an entry in the Common Vulnerability Index under number CVE-2006-2180. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2006-2180

Description: Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands,

Continue Reading …

CVE-2005-3985

This is an entry in the Common Vulnerability Index under number CVE-2005-3985. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2005-3985

Description: The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets,

Continue Reading …

CVE-2017-6327

This is an entry in the Common Vulnerability Index under number CVE-2017-6327. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2017-6327

Description: The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.

Continue Reading …

CVE-2006-6050

This is an entry in the Common Vulnerability Index under number CVE-2006-6050. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2006-6050

Description: Multiple SQL injection vulnerabilities in ClickTech Texas Rank’em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp.

Continue Reading …

CVE-2016-10196

This is an entry in the Common Vulnerability Index under number CVE-2016-10196. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2016-10196

Description: Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

Continue Reading …

CVE-2008-6550

This is an entry in the Common Vulnerability Index under number CVE-2008-6550. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-6550

Description: Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire 2.0 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown;

Continue Reading …

CVE-2014-3492

This is an entry in the Common Vulnerability Index under number CVE-2014-3492. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2014-3492

Description: Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter (1) name or (2) value related to the host.

Continue Reading …