|
269661
|
- |
|
simple_machines
|
simple_machines_forum
|
Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vecto…
|
NVD-CWE-noinfo
CWE-189
Numeric Errors
|
CVE-2008-3072
|
2012-11-27 12:48 |
2008-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269662
|
- |
|
simple_machines
|
simple_machines_forum
|
Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13 has unknown impact and attack vectors, probably cross-site scripting (XSS), related to "use of the …
|
NVD-CWE-noinfo
|
CVE-2008-3073
|
2012-11-27 12:48 |
2008-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269663
|
- |
|
yacc
|
yacc
|
skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack poin…
|
CWE-399
Resource Management Errors
|
CVE-2008-3196
|
2012-11-27 12:48 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269664
|
- |
|
bouncycastle
|
legion-of-the-bouncy-castle-java-crytography-api
bouncy-castle-crypto-package
|
The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vu…
|
NVD-CWE-noinfo
|
CVE-2007-6721
|
2012-11-16 12:52 |
2009-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269665
|
- |
|
simon_brown
|
pebble
|
Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0736
|
2012-11-8 14:00 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269666
|
- |
|
freebsd
|
freebsd
|
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allo…
|
CWE-20
Improper Input Validation
|
CVE-2010-2020
|
2012-11-6 13:41 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269667
|
- |
|
ibm
|
aix
|
Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-200…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4791
|
2012-11-6 12:46 |
2007-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269668
|
- |
|
visionsoft
|
audit
|
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." command, which allows remote attackers to create or overwrite arbitrary …
|
NVD-CWE-Other
|
CVE-2007-4149
|
2012-11-6 12:44 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269669
|
- |
|
nonnoi_solutions
|
asp_barcode
|
The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows remote attackers to overwrite arbitrary files via an argument to the SaveBarcode function.
|
NVD-CWE-Other
|
CVE-2007-3660
|
2012-11-6 12:42 |
2007-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269670
|
- |
|
jelsoft
|
vbulletin
|
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x before 3.6.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the…
|
NVD-CWE-Other
|
CVE-2007-2909
|
2012-11-6 12:40 |
2007-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
