Lucene search
K

983 matches found

Zero Day Initiative
Zero Day Initiative
added 2017/08/11 12:0 a.m.17 views

Bitdefender Internet Security Inno File Locations Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS7.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2017/08/11 12:0 a.m.28 views

Hewlett Packard Enterprise Intelligent Management Center mediaForAction Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.4AI score0.0572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/08/11 12:0 a.m.28 views

Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.1AI score0.0572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/08/02 12:0 a.m.240 views

Dell Storage Manager EmWebsiteServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Dell Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doGet method of the EmWebsiteServlet class, which listens on TCP port...

7.8CVSS1.3AI score0.054EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/08/01 12:0 a.m.16 views

Bitdefender Internet Security AutoIt v3 Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS4.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2017/07/19 12:0 a.m.31 views

Apple iTunes iPodService Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iTunes. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

7.2CVSS8AI score0.01254EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/06/12 12:0 a.m.28 views

EMC Data Protection Advisor ImageServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ImageServlet servlet which listens on TCP ports 9002 and 9004...

5CVSS2AI score0.02965EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/05/15 12:0 a.m.30 views

Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10008 Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...

10CVSS2AI score0.86466EPSS
Exploits13References1
Zero Day Initiative
Zero Day Initiative
added 2017/05/03 12:0 a.m.49 views

Hewlett Packard Enterprise Intelligent Management Center imcwlandm Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HPE iMC Server service, which listens on...

10CVSS3AI score0.22622EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/03/11 12:0 a.m.50 views

Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet fileName Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The...

6.8CVSS1.7AI score0.03471EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/03/11 12:0 a.m.39 views

Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.3AI score0.03431EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/01/20 12:0 a.m.34 views

Bitdefender Internet Security SIS Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS7.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2017/01/20 12:0 a.m.28 views

Bitdefender Internet Security NSIS Entries Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/01/09 12:0 a.m.9 views

Web Servers Malicious Upload Directory Traversal (CVE-2022-29596)

A directory traversal vulnerability exists in web servers. The vulnerability allows unauthorized users to upload malicious files to the server. A remote attacker can exploit this vulnerability by uploading an arbitrary, executable file and executing it under the context of SYSTEM...

7.5CVSS6.4AI score0.02063EPSS
Exploits1
exploitpack
exploitpack
added 2016/10/27 12:0 a.m.17 views

HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation

HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HP-TOUCHSMART-CALENDAR-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Vendor: ==========...

0.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2016/09/16 12:0 a.m.66 views

Microsoft Windows NtGdiQueryFonts Information Disclosure Vulnerability

This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.9CVSS0.1AI score0.14198EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/08/18 12:0 a.m.13 views

AVG Internet Security avgtdix.sys Kernel Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of AVG Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of...

6.6CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/08/17 12:0 a.m.26 views

Siemens SINEMA Server Insecure File Permissions Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Siemens SINEMA Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of the product. The executables for new system services are stored ...

7.2CVSS5.7AI score0.00475EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/08/09 12:0 a.m.98 views

Microsoft Windows win32k RGNOBJ Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RGNOBJ objects...

6.9CVSS5.9AI score0.20625EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2016/08/08 12:0 a.m.24 views

IBM Informix Dynamic Server Privilege Escalation Vulnerability (Mar 2016) - Windows

IBM Informix Dynamic Server is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.5AI score0.00379EPSS
Exploits0References2
Rows per page
Query Builder