Show filters
224 Total Results
Displaying 161-170 of 224
Sort by:
Attacker Value
Unknown
CVE-2014-8724
Disclosure Date: December 19, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_INFO to the default URI.
0
Attacker Value
Unknown
CVE-2014-8732
Disclosure Date: November 17, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2014-4510
Disclosure Date: October 06, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
0
Attacker Value
Unknown
CVE-2014-4865
Disclosure Date: September 10, 2014 (last updated October 05, 2023)
Cross-site request forgery (CSRF) vulnerability in gui/password-wadmin.apl in CacheGuard OS 5.7.7 allows remote attackers to hijack the authentication of arbitrary users.
0
Attacker Value
Unknown
CVE-2013-0345
Disclosure Date: May 08, 2014 (last updated November 08, 2023)
varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information.
0
Attacker Value
Unknown
CVE-2013-7239
Disclosure Date: January 13, 2014 (last updated October 05, 2023)
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
0
Attacker Value
Unknown
CVE-2013-7290
Disclosure Date: January 13, 2014 (last updated October 05, 2023)
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.
0
Attacker Value
Unknown
CVE-2013-0179
Disclosure Date: January 13, 2014 (last updated October 05, 2023)
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr.
0
Attacker Value
Unknown
CVE-2013-7291
Disclosure Date: January 13, 2014 (last updated October 05, 2023)
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290.
0
Attacker Value
Unknown
CVE-2011-4971
Disclosure Date: December 12, 2013 (last updated October 05, 2023)
Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.
0