Search Results | AttackerKB

Show filters

Topics 1,474 Users 9,710

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

1,474 Total Results

Displaying 41-50 of 1,474

Attacker Value

Unknown

CVE-2014-2387

Disclosure Date: December 13, 2019 (last updated November 27, 2024)

Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2013-7370

Disclosure Date: December 11, 2019 (last updated November 27, 2024)

node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2016-1000104

Disclosure Date: December 03, 2019 (last updated November 27, 2024)

A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2013-2625

Disclosure Date: November 27, 2019 (last updated November 27, 2024)

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2012-6655

Disclosure Date: November 27, 2019 (last updated November 27, 2024)

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2011-1145

Disclosure Date: November 14, 2019 (last updated November 27, 2024)

The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2011-1588

Disclosure Date: November 14, 2019 (last updated November 27, 2024)

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2011-1490

Disclosure Date: November 14, 2019 (last updated November 27, 2024)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2011-1488

Disclosure Date: November 14, 2019 (last updated November 27, 2024)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2011-1489

Disclosure Date: November 14, 2019 (last updated November 27, 2024)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.

Attack Vector: Local Privileges: Low User Interaction: None

0