Lucene search
K

983 matches found

Zero Day Initiative
Zero Day Initiative
added 2016/05/10 12:0 a.m.157 views

(Pwn2Own) Microsoft Windows NtGdiGetEmbUFI Information Disclosure Vulnerability

This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.9CVSS0.2AI score0.02485EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2016/04/27 12:0 a.m.26 views

Hewlett Packard Enterprise Data Protector EXEC_BAR Domain Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within OmniInet.exe which listens by default on TCP port 5555. When...

10CVSS5.2AI score0.20412EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/04/26 12:0 a.m.35 views

Foxit Reader Local Privilege Escalation Vulnerability

Foxit Reader is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.4CVSS7.7AI score0.00656EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/04/25 12:0 a.m.23 views

Foxit PhantomPDF Local Privilege Escalation Vulnerability

Foxit PhantomPDF is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.4CVSS7.6AI score0.00656EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2016/04/25 12:0 a.m.9 views

Advantech WebAccess multiple services Buffer Overflow (CVE-2016-0856)

A buffer overflow vulnerability has been reported in the webvrpcs and datacore service of Advantech WebAccess. The vulnerability is due to an insecure call to some functions. A remote, unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted request to the target...

10CVSS4.5AI score0.16655EPSS
Exploits9
Zero Day Initiative
Zero Day Initiative
added 2016/03/22 12:0 a.m.37 views

IBM Informix nsrd Service Privilege Escalation Vulnerability

This vulnerability allows local users to execute arbitrary code on vulnerable installations of IBM Informix. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within configuration of the nsr...

6.8CVSS5.4AI score0.00379EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2016/02/23 12:0 a.m.7 views

IBM Tivoli Storage Manager FastBack Server Opcode 4115 Buffer Overflow (CVE-2015-4931)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking on parameters in opcode 4115 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...

10CVSS7.6AI score0.08979EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2016/02/05 12:0 a.m.51 views

Advantech WebAccess Dashboard Viewer ImageUploadHandler Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageComm...

10CVSS5.7AI score0.77044EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
added 2016/01/25 12:0 a.m.37 views

Oracle Application Testing Suite UploadFileAction Servlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Application Testing Suite. Authentication is required but can be bypassed. The specific vulnerability is in the UploadFileAction servlet. By providing a fileType parameter of "", an attacker...

9CVSS7.8AI score0.8075EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
added 2016/01/22 12:0 a.m.45 views

Oracle GoldenGate Veridata File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GoldenGate. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GoldenGate mgr process, which listens on TCP port 7809. By default, the process...

10CVSS7.8AI score0.05941EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/01/08 12:0 a.m.49 views

McAfee Application Control Kernel Driver Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of McAfee Application Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.6CVSS3.3AI score0.02314EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/04 12:0 a.m.3 views

Foxit FoxitCloudUpdateService Local Elevation of Privilege Vulnerability

Foxit Reader is a small PDF document viewer and printing program. A security vulnerability exists in the FoxitCloudUpdateService of Foxit Reader. A remote attacker writing certain data in a shared memory area can trigger a memory corruption, leading to the execution of arbitrary code in the syste...

7.6AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/12/28 12:0 a.m.4 views

IBM Tivoli Storage Manager FastBack Server Format String (CVE-2015-1953; CVE-2015-1986)

A format string vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient sanitization on parameters of Opcode 1301 requests.A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP.Successf...

10CVSS9.4AI score0.07804EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2015/12/15 12:0 a.m.65 views

Foxit FoxitCloudUpdateService Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to elevate privileges on vulnerable installations of Foxit Reader. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FoxitCloudUpdateService service. An attacker can trigger a memory corruption condition by...

6.9CVSS7.3AI score0.00656EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/11/20 12:0 a.m.42 views

Tibbo AggreGate SCADA/HMI Server Service uploadDirectory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tibbo AggreGate SCADA/HMI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Windows service "AggreGate Server Service" agserverservice.exe. Through...

9.3CVSS7.3AI score0.03203EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/11/18 12:0 a.m.3 views

IBM Tivoli Storage Manager FastBack Server Opcode 1330 Command Injection (CVE-2015-1949)

A command injection vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient input validation of parameters in opcode 1330 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...

10CVSS9.5AI score0.05527EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/11/11 12:0 a.m.3 views

IBM Tivoli Storage Manager FastBack Server FXCLI_OraBR_Exec_Command Buffer Overflow (CVE-2015-1929)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking while processing remote requests within the FXCLIOraBRExecCommand function. A remote unauthenticated attacker could exploit this vulnerability by sendin...

7.8CVSS9.6AI score0.03254EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2015/10/05 12:0 a.m.17 views

(0Day) Agilent Technologies 2100 Expert CSDispatcher.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Agilent Technologies 2100 Expert. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CSDispatcher.exe process, which listens on port 3434. By sending ...

10CVSS7.5AI score
Exploits0References1
CNVD
CNVD
added 2015/10/03 12:0 a.m.4 views

Apple OS X IOHIDFamily Memory Corruption Vulnerability

Apple OS X is an operating system developed by Apple Inc. A memory corruption vulnerability exists in Apple OS X IOHIDFamily, which can be exploited by a local attacker to execute arbitrary code in the system context...

9.3CVSS7.5AI score0.02619EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/09/29 12:0 a.m.0 views

ManageEngine Multiple Products It360SPUtil resIds SQL Injection

An SQL injection vulnerability has been reported in ManageEngine Applications Manager and ManageEngine IT360 MSP Edition. This vulnerability is due to the insufficient validation of user-supplied input when processing requests sent to the It360SPUtil class. A remote, unauthenticated attacker can...

3.3AI score
Exploits0
Rows per page
Query Builder