CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7208 matches found

Tenable Nessus•added 2014/06/13 12:0 a.m.•32 views

openSUSE Security Update : puppet (openSUSE-SU-2012:0835-1)

Fixed bnc747657: CVE-2012-1053, CVE-2012-1054: improper privilege dropping and file handling flaws This was done by updating to the new version in stable branch. The stable branch receives only security fixes and this update does not provide any new features. - Fixed bnc755869 CVE-2012-1988:...

6.9CVSS5.5AI score0.02632EPSS

Exploits0References12

exploitpack•added 2014/06/12 12:0 a.m.•41 views

IBM AIX 6.1.8 - libodm Arbitrary File Write

IBM AIX 6.1.8 - libodm Arbitrary File Write Vulnerability title: Privilege Escalation in IBM AIX CVE: CVE-2014-3977 Vendor: IBM Product: AIX Affected version: 6.1.8 and later Fixed version: N/A Reported by: Tim Brown Details: It has been identified that libodm allows privilege escalation via...

6.9CVSS0.4AI score0.01748EPSS

Exploits5

Exploit DB•added 2014/06/12 12:0 a.m.•54 views

IBM AIX 6.1.8 - 'libodm' Arbitrary File Write

Vulnerability title: Privilege Escalation in IBM AIX CVE: CVE-2014-3977 Vendor: IBM Product: AIX Affected version: 6.1.8 and later Fixed version: N/A Reported by: Tim Brown Details: It has been identified that libodm allows privilege escalation via arbitrary file writes with elevated privileges...

6.9CVSS6.4AI score0.00872EPSS

Exploits5

Zero Day Initiative•added 2014/06/11 12:0 a.m.•37 views

(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.2CVSS6.4AI score0.22996EPSS

Exploits0References1

OSV•added 2014/06/10 2:55 p.m.•4 views

CVE-2009-5023

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

6.2AI score

Exploits0References4

ATTACKERKB•added 2014/06/10 2:55 p.m.•2 views

CVE-2009-5023

4.7CVSS5.6AI score0.0034EPSS

Exploits0References5

OSV•added 2014/04/28 12:0 a.m.•3 views

UBUNTU-CVE-2014-0471

Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...

5CVSS5.9AI score0.02856EPSS

Exploits0References4

CVE•added 2014/04/10 3:0 p.m.•49 views

CVE-2013-7364

SAP NetWeaver’s J2EE Engine contains an unspecified J2EE core service that does not properly restrict access. This allows remote attackers to read and write to arbitrary files via unknown vectors. Affected component: J2EE Engine (SAP NetWeaver). Root cause: inadequate access restrictions in a cor...

7.5CVSS7AI score0.01527EPSS

Exploits0References5Affected Software1

Exploit DB•added 2014/03/24 12:0 a.m.•17 views

Microsoft Windows Media Player 11.0.5721.5230 - Memory Corruption (PoC)

!/usr/bin/python + Author: TUNISIAN CYBER + Exploit Title: Windows Media Player 11.0.5721.5230 Memory Corruption PoC + Date: 22-03-2014 + Category: DoS/PoC + Tested on: WinXp/Windows 7 Pro + Vendor: http://windows.microsoft.com/fr-FR/windows/windows-media-player + Friendly Sites:...

7.4AI score

Exploits0

Japan Vulnerability Notes•added 2014/03/17 4:45 a.m.•2 views

Unzipper vulnerable to directory traversal

Overview Unzipper provided by R-Company contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.8CVSS6.9AI score0.01484EPSS

Exploits1References5

0day.today•added 2014/03/10 12:0 a.m.•19 views

SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write Exploit

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write', 'Description' = %q This module exploits a remote arbitrary file write vulnerability in SolidWorks Workgroup PDM 2014 SP2 and prior. F...

7.1AI score

Exploits0

Exploit DB•added 2014/03/10 12:0 a.m.•24 views

SolidWorks Workgroup PDM 2014 - 'pdmwService.exe' Arbitrary File Write (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write', 'Description' = %q This module exploits a remote arbitrary file...

7.4AI score

Exploits0

Packet Storm•added 2014/03/06 12:0 a.m.•16 views

SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write

7.4AI score

Exploits0

0day.today•added 2014/03/06 12:0 a.m.•15 views

SolidWorks Workgroup PDM 2014 Arbitrary File Write Exploit

This Metasploit module exploits a remote arbitrary file write vulnerability in SolidWorks Workgroup PDM 2014 SP2 and prior. For targets running Windows Vista or newer the payload is written to the startup folder for all users and executed upon next user logon. For targets before Windows Vista cod...

8AI score

Exploits0

Metasploit•added 2014/03/02 7:40 a.m.•11 views

SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write

This module exploits a remote arbitrary file write vulnerability in SolidWorks Workgroup PDM 2014 SP2 and prior. For targets running Windows Vista or newer the payload is written to the startup folder for all users and executed upon next user logon. For targets before Windows Vista code execution...

8.3AI score

Exploits0

Metasploit•added 2014/02/27 9:56 p.m.•68 views

ibstat $PATH Privilege Escalation

This module exploits the trusted $PATH environment variable of the SUID binary "ibstat". This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ibstat $PATH Privilege Escalation', 'Description' = %q...

7.2CVSS7.1AI score0.02846EPSS

Exploits8

Tenable Nessus•added 2014/02/27 12:0 a.m.•28 views

Cisco Jabber for Windows 9.x < 9.2(2) 'Send Screen Capture' File Write

The version of Cisco Jabber for Windows installed on the remote host is 9.x prior to 9.22. It is, therefore, affected by an input validation error related to the 'Send Screen Capture' functionality that could allow a remote attacker to traverse directories, write arbitrary files and possibly...

4.3CVSS6AI score0.05536EPSS

Exploits0References3

Cisco•added 2014/02/25 10:58 p.m.•29 views

Cisco Unified Communications Manager CAPF CSR Arbitrary File Read/Write Vulnerability

A vulnerability in the Certificate Authority Proxy Function CAPF command-line function for Certificate Signing Request CSR management of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to read or write arbitrary files to the underlying operating...

6.2CVSS6.3AI score0.00246EPSS

Exploits0References1

0day.today•added 2014/02/22 12:0 a.m.•22 views

SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write Vulnerability

SolidWorks Workgroup PDM 2014 SP2 suffers from an arbitrary file write vulnerability. ''' Title: SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write Vulnerability Date: 2-21-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage:...

7.2AI score

Exploits0

Packet Storm•added 2014/02/22 12:0 a.m.•23 views

SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write

Title: SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write Vulnerability Date: 2-21-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.solidworks.com/sw/products/product-data-management/workgroup-pdm.htm Tested on: Windows 7 Vulnerability type: Arbitrary...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by