Show filters
79 Total Results
Displaying 71-79 of 79
Sort by:
Attacker Value
Unknown

CVE-2014-3497

Disclosure Date: July 03, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header.
0
0
Attacker Value
Unknown

CVE-2013-6396

Disclosure Date: February 18, 2014 (last updated October 05, 2023)
The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
0
Attacker Value
Unknown

CVE-2014-0006

Disclosure Date: January 23, 2014 (last updated October 05, 2023)
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
0
0
Attacker Value
Unknown

CVE-2013-4155

Disclosure Date: August 20, 2013 (last updated October 05, 2023)
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.
0
0
Attacker Value
Unknown

CVE-2012-4406

Disclosure Date: October 22, 2012 (last updated January 25, 2024)
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2009-3253

Disclosure Date: September 18, 2009 (last updated October 04, 2023)
Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file.
0
0
Attacker Value
Unknown

CVE-2008-0309

Disclosure Date: February 28, 2008 (last updated October 04, 2023)
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
0
0
Attacker Value
Unknown

CVE-2008-0308

Disclosure Date: February 28, 2008 (last updated October 04, 2023)
Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
0
0
Attacker Value
Unknown

CVE-2006-4603

Disclosure Date: September 07, 2006 (last updated October 04, 2023)
NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass authentication via a null password.
0
0
View More Topics  < Previous