CVE-2008-6299

This is an entry in the Common Vulnerability Index under number CVE-2008-6299. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-6299

Description: Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to “article submission.”

Continue Reading …

CVE-2008-6611

This is an entry in the Common Vulnerability Index under number CVE-2008-6611. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-6611

Description: SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2007-6719

This is an entry in the Common Vulnerability Index under number CVE-2007-6719. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2007-6719

Description: SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown;

Continue Reading …

CVE-2005-3253

This is an entry in the Common Vulnerability Index under number CVE-2005-3253. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2005-3253

Description: Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5,

Continue Reading …

CVE-2015-8341

This is an entry in the Common Vulnerability Index under number CVE-2015-8341. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-8341

Description: The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process,

Continue Reading …

CVE-2007-2683

This is an entry in the Common Vulnerability Index under number CVE-2007-2683. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2007-2683

Description: Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via “&” characters in the GECOS field, which triggers the overflow during alias expansion.

Continue Reading …

CVE-2006-0944

This is an entry in the Common Vulnerability Index under number CVE-2006-0944. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2006-0944

Description: Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2017-9526

This is an entry in the Common Vulnerability Index under number CVE-2017-9526. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2017-9526

Description: In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key.

Continue Reading …

CVE-2006-0230

This is an entry in the Common Vulnerability Index under number CVE-2006-0230. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2006-0230

Description: Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.

Continue Reading …