JVN/CVE Demo: Nvdinfos

NVD List

Id	Name	Description	Reject	CVSS Version	CVSS Score	Severity	Pub Date	Modified Date	Actions
14386	CVE-2010-2955	The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.		2	3.3	Low	2017-01-18	2012-03-19	View
41266	CVE-2013-6124	The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary file via an attack on the sensor-settings file.		2	3.3	Low	2017-01-18	2014-09-02	View
35379	CVE-2014-8243	Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator"s MD5 password hash via a direct request for the /.htpasswd URI.		2	3.3	Low	2017-01-19	2014-11-03	View
26932	CVE-2015-5869	The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.		2	3.3	Low	2017-01-19	2016-12-21	View
32053	CVE-2014-3981	acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.		2	3.3	Low	2017-01-19	2017-01-06	View

Page 2479 of 17672, showing 5 records out of 88360 total, starting on record 12391, ending on 12395

<<first <prev 2475 | 2476 | 2477 | 2478 | 2479 | 2480 | 2481 | 2482 | 2483 next> last>>

Actions

History
+
Request History
4 previous requests available
====
Session
+
Session
- 0(null)
====
Request
+
Request

Cake Params
- plugin(null)
- controllernvdinfos
- actionindex
- named(array)
  page2479
  sortCVSS_score
  directionasc
- pass(empty)
- paging(array)
  Nvdinfo(array)
  page2479
  current5
  count88360
  prevPage(true)
  nextPage(true)
  pageCount17672
  order(array)
  Nvdinfo.CVSS_scoreasc
  limit5
  options(array)
  page2479
  order(array)
  Nvdinfo.CVSS_scoreasc
  sortCVSS_score
  directionasc
  conditions(empty)
  paramTypenamed
Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route
- keys(array)
  0controller
  1action
- options(array)
  defaultRoute(true)
- defaults(array)
  plugin(null)
- template/:controller/:action/*
====
Sql Log
+

Sql Logs

default
No query logs.

====

Timer

+

Memory

Peak Memory Use 3.50 MB

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.07 MB
View render complete	2.53 MB

Timers

Total Request Time: 127 (ms)

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	6.22
Event: Controller.initialize	0.02
Event: Controller.startup	0.15
Controller action	107.25
Event: Controller.beforeRender	4.09
» Processing toolbar data	4.02
Rendering View	4.89
» Event: View.beforeRender	0.03
» Rendering APP/View/Nvdinfos/index.ctp	3.71
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.72
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.10
Event: View.afterLayout	0.00

====

Log
+

Logs

There were no log entries made this request

====
Variables
+
View Variables
- nvdinfos(array)
  0(array)
  Nvdinfo(array)
  id14386
  nameCVE-2010-2955
  descriptionThe cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.
  reject(null)
  CVSS_version2
  CVSS_score3.3
  severityLow
  CVSS_base_score3.3
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore6.5
  nvd_xml_version(null)
  CVSS_vector(AV:A/AC:L/Au:N/C:P/I:N/A:N)
  sourcecve
  pub_date2017-01-18
  published2010-09-08
  modified_date2012-03-19
  typeCVE
  seq2010-2955
  deleted(null)
  created(null)
  modified(null)
  1(array)
  Nvdinfo(array)
  id41266
  nameCVE-2013-6124
  descriptionThe Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary file via an attack on the sensor-settings file.
  reject(null)
  CVSS_version2
  CVSS_score3.3
  severityLow
  CVSS_base_score3.3
  CVSS_impact_subscore4.9
  CVSS_exploit_subscore3.4
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:M/Au:N/C:N/I:P/A:P)
  sourcecve
  pub_date2017-01-18
  published2014-08-31
  modified_date2014-09-02
  typeCVE
  seq2013-6124
  deleted(null)
  created(null)
  modified(null)
  2(array)
  Nvdinfo(array)
  id35379
  nameCVE-2014-8243
  descriptionLinksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator"s MD5 password hash via a direct request for the /.htpasswd URI.
  reject(null)
  CVSS_version2
  CVSS_score3.3
  severityLow
  CVSS_base_score3.3
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore6.5
  nvd_xml_version(null)
  CVSS_vector(AV:A/AC:L/Au:N/C:P/I:N/A:N)
  sourcecve
  pub_date2017-01-19
  published2014-11-01
  modified_date2014-11-03
  typeCVE
  seq2014-8243
  deleted(null)
  created(null)
  modified(null)
  3(array)
  Nvdinfo(array)
  id26932
  nameCVE-2015-5869
  descriptionThe Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
  reject(null)
  CVSS_version2
  CVSS_score3.3
  severityLow
  CVSS_base_score3.3
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore6.5
  nvd_xml_version(null)
  CVSS_vector(AV:A/AC:L/Au:N/C:N/I:P/A:N)
  sourcecve
  pub_date2017-01-19
  published2015-09-18
  modified_date2016-12-21
  typeCVE
  seq2015-5869
  deleted(null)
  created(null)
  modified(null)
  4(array)
  Nvdinfo(array)
  id32053
  nameCVE-2014-3981
  descriptionacinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
  reject(null)
  CVSS_version2
  CVSS_score3.3
  severityLow
  CVSS_base_score3.3
  CVSS_impact_subscore4.9
  CVSS_exploit_subscore3.4
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:M/Au:N/C:N/I:P/A:P)
  sourcecve
  pub_date2017-01-19
  published2014-06-08
  modified_date2017-01-06
  typeCVE
  seq2014-3981
  deleted(null)
  created(null)
  modified(null)
- $request->data(empty)
- $this->validationErrors(array)
  Nvdinfo(empty)
- Loaded Helpers(array)
  0Number
  1SimpleGraph
  2Paginator
  3DebugTimer
  4Toolbar
  5Html
  6Form
  7Session
  8HtmlToolbar
====

+

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/index/page:2479/sort:CVSS_score/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/index/page:2479/sort:CVSS_score/direction:asc
Remote Port	45750
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.91
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.233.243
Http Via	1.1 squid-proxy-5b5d847c96-d7gsx (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectdos	1
X Dostranslated Ip	216.73.216.91
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.91
Unique Id	aSQlFX3kSKxvKN6Mb74Y_wAAAZU
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.91
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.91
Redirect Unique Id	aSQlFX3kSKxvKN6Mb74Y_wAAAZU
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.91
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.91
Redirect Redirect Unique Id	aSQlFX3kSKxvKN6Mb74Y_wAAAZU
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1763976469.5854
Request Time	1763976469

====

Include
+
Included Files

Include Paths
- 0/virtual/inogo77/public_html/jvn/lib
- 2/opt/remi/php56/root/usr/share/pear
- 3/opt/remi/php56/root/usr/share/php
- 4/usr/share/pear
- 5/usr/share/php
- 6-> /virtual/inogo77/public_html/jvn/lib/Cake/
Included Files
- core(array)
  Cache(array)
  0CORE/Cache/Cache.php
  1CORE/Cache/Engine/FileEngine.php
  2CORE/Cache/CacheEngine.php
  Component(array)
  0CORE/Controller/Component/SessionComponent.php
  1CORE/Controller/Component/PaginatorComponent.php
  Config(array)
  0CORE/Config/routes.php
  1CORE/Config/config.php
  Controller(array)
  0CORE/Controller/Controller.php
  1CORE/Controller/ComponentCollection.php
  2CORE/Controller/Component.php
  Datasource(array)
  0CORE/Model/Datasource/CakeSession.php
  1CORE/Model/Datasource/Database/Mysql.php
  2CORE/Model/Datasource/DboSource.php
  3CORE/Model/Datasource/DataSource.php
  Error(array)
  0CORE/Error/exceptions.php
  1CORE/Error/ErrorHandler.php
  I18n(array)
  0CORE/I18n/I18n.php
  1CORE/I18n/L10n.php
  Log(array)
  0CORE/Log/CakeLog.php
  1CORE/Log/LogEngineCollection.php
  2CORE/Log/Engine/FileLog.php
  3CORE/Log/Engine/BaseLog.php
  4CORE/Log/CakeLogInterface.php
  Model(array)
  0CORE/Model/Model.php
  1CORE/Model/BehaviorCollection.php
  2CORE/Model/ConnectionManager.php
  Network(array)
  0CORE/Network/CakeRequest.php
  1CORE/Network/CakeResponse.php
  Other(array)
  0CORE/bootstrap.php
  1CORE/basics.php
  2CORE/Core/App.php
  3CORE/Core/Configure.php
  4CORE/Core/CakePlugin.php
  5CORE/Event/CakeEventListener.php
  6CORE/Event/CakeEvent.php
  7CORE/Event/CakeEventManager.php
  8CORE/Core/Object.php
  Routing(array)
  0CORE/Routing/Dispatcher.php
  1CORE/Routing/Filter/AssetDispatcher.php
  2CORE/Routing/DispatcherFilter.php
  3CORE/Routing/Filter/CacheDispatcher.php
  4CORE/Routing/Router.php
  5CORE/Routing/Route/CakeRoute.php
  6CORE/Routing/Route/PluginShortRoute.php
  Utility(array)
  0CORE/Utility/Hash.php
  1CORE/Utility/Inflector.php
  2CORE/Utility/ObjectCollection.php
  3CORE/Utility/Debugger.php
  4CORE/Utility/String.php
  5CORE/Utility/ClassRegistry.php
  View(array)
  0CORE/View/HelperCollection.php
- app(array)
  Component(array)
  0APP/Controller/Component/CommonComponent.php
  Config(array)
  0APP/Config/core.php
  1APP/Config/bootstrap.php
  2APP/Config/routes.php
  3APP/Config/database.php
  Controller(array)
  0APP/Controller/NvdinfosController.php
  1APP/Controller/AppController.php
  Model(array)
  0APP/Model/Nvdinfo.php
  1APP/Model/AppModel.php
  Other(array)
  0APP/webroot/index.php
- plugins(array)
  DebugKit(array)
  Component(array)
  0DebugKit/Controller/Component/ToolbarComponent.php
  Other(array)
  0DebugKit/Lib/DebugMemory.php
  1DebugKit/Lib/Panel/HistoryPanel.php
  2DebugKit/Lib/DebugPanel.php
  3DebugKit/Lib/Panel/SessionPanel.php
  4DebugKit/Lib/Panel/RequestPanel.php
  5DebugKit/Lib/Panel/SqlLogPanel.php
  6DebugKit/Lib/Panel/TimerPanel.php
  7DebugKit/Lib/Panel/LogPanel.php
  8DebugKit/Lib/Panel/VariablesPanel.php
  9DebugKit/Lib/Panel/EnvironmentPanel.php
  10DebugKit/Lib/Panel/IncludePanel.php
  11DebugKit/Lib/DebugTimer.php
  Log(array)
  0DebugKit/Lib/Log/Engine/DebugKitLog.php
====