|
313741
|
7.5 |
HIGH
Network
|
grandstream
|
bt-100_firmware
|
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spo…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2005-2182
|
2024-02-9 05:45 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313742
|
9.8 |
CRITICAL
Network
|
sgi
|
irix
|
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a pass…
|
CWE-346
Origin Validation Error
|
CVE-2003-0174
|
2024-02-9 05:45 |
2003-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313743
|
6.5 |
MEDIUM
Network
|
ubbcentral
|
ubb.threads
|
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow …
|
CWE-352
Origin Validation Error
|
CVE-2005-2059
|
2024-02-9 05:44 |
2005-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313744
|
4.3 |
MEDIUM
Network
|
invisioncommunity
|
gallery
|
Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user via a link or IMG tag to the (1) albums or (2) del…
|
CWE-352
Origin Validation Error
|
CVE-2005-1947
|
2024-02-9 05:44 |
2005-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313745
|
9.8 |
CRITICAL
Network
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without ha…
|
CWE-459
Incomplete Cleanup
|
CVE-2005-1744
|
2024-02-9 05:35 |
2005-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313746
|
7.5 |
HIGH
Network
|
accessdata
|
secureclean
|
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be …
|
CWE-459
Incomplete Cleanup
|
CVE-2002-2070
|
2024-02-9 05:35 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313747
|
7.5 |
HIGH
Network
|
microsoft
|
windows_nt
|
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-1999-1127
|
2024-02-9 05:35 |
1999-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313748
|
7.5 |
HIGH
Network
|
tolvanen
|
eraser
|
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
|
CWE-459
Incomplete Cleanup
|
CVE-2002-2068
|
2024-02-9 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313749
|
7.5 |
HIGH
Network
|
pgp
|
personal_privacy
|
PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
|
CWE-459
Incomplete Cleanup
|
CVE-2002-2069
|
2024-02-9 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313750
|
7.5 |
HIGH
Network
|
east-tec
|
eraser
|
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be del…
|
CWE-459
Incomplete Cleanup
|
CVE-2002-2067
|
2024-02-9 05:28 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
