Show filters
9 Total Results
Displaying 1-9 of 9
Sort by:
Attacker Value
Unknown
CVE-2023-35037
Disclosure Date: December 13, 2024 (last updated December 18, 2024)
Missing Authorization vulnerability in Surfer Surfer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through 1.3.2.357.
0
Attacker Value
Unknown
CVE-2024-49299
Disclosure Date: October 17, 2024 (last updated October 18, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Surfer allows SQL Injection.This issue affects Surfer: from n/a through 1.5.0.502.
0
Attacker Value
Unknown
CVE-2012-6303
Disclosure Date: October 28, 2013 (last updated October 05, 2023)
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.
0
Attacker Value
Unknown
CVE-2011-3626
Disclosure Date: January 27, 2012 (last updated October 04, 2023)
Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.
0
Attacker Value
Unknown
CVE-2004-2550
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data.
0
Attacker Value
Unknown
CVE-2004-0739
Disclosure Date: July 27, 2004 (last updated February 22, 2025)
Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long filename.
0
Attacker Value
Unknown
CVE-2004-2087
Disclosure Date: February 08, 2004 (last updated February 22, 2025)
Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user.
0
Attacker Value
Unknown
CVE-2003-0914
Disclosure Date: December 15, 2003 (last updated February 22, 2025)
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
0
Attacker Value
Unknown
CVE-2002-1889
Disclosure Date: December 31, 2002 (last updated February 22, 2025)
Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry.
0
