Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Universityofcalifornia Subscribe
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000875 1 Universityofcalifornia 1 Boinc Server 2025-07-08 7.5 HIGH 9.8 CRITICAL
Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3.
CVE-2013-2298 1 Universityofcalifornia 1 Boinc Client 2025-07-08 9.3 HIGH N/A
Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.
CVE-2013-2019 1 Universityofcalifornia 1 Boinc Client 2025-07-08 9.3 HIGH N/A
Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements.
CVE-2011-5280 1 Universityofcalifornia 1 Boinc Client 2025-07-08 5.0 MEDIUM N/A
Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service (crash) via a long trickle-up to (1) client/cs_trickle.cpp or (2) db/db_base.cpp.
CVE-2013-2018 1 Universityofcalifornia 1 Boinc Client 2025-07-08 7.5 HIGH 9.8 CRITICAL
Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-7386 1 Universityofcalifornia 1 Boinc Client 2025-07-08 5.0 MEDIUM N/A
Format string vulnerability in the PROJECT::write_account_file function in client/cs_account.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the gui_urls item in an account file.
CVE-2025-0669 1 Universityofcalifornia 1 Boinc Server 2025-07-08 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in BOINC Server allows Cross Site Request Forgery.This issue affects BOINC Server: before 1.4.3.
CVE-2025-0667 1 Universityofcalifornia 1 Boinc Server 2025-07-08 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7.
CVE-2025-0668 1 Universityofcalifornia 1 Boinc Server 2025-07-08 N/A 9.8 CRITICAL
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: before 1.4.5.
CVE-2025-0666 1 Universityofcalifornia 1 Boinc Server 2025-07-08 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7.