Lucene search
K

116 matches found

CVE
CVE
added 2014/10/10 10:0 a.m.53 views

CVE-2014-3391

CVE-2014-3391 is a local privilege escalation in Cisco ASA Software caused by an untrusted LD_LIBRARY_PATH that enables a Trojan-horse library to be loaded from external memory, triggering a library load after reload. Affected products are Cisco ASA Software 8.x, specifically before 8.4(3), 8.5, ...

6.8CVSS6.5AI score0.00395EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2014/08/22 1:55 a.m.19 views

CVE-2014-3089

The RDS Java Client library in IBM Rational Directory Server RDS 5.1.1.x before 5.1.1.2 iFix004 and 5.2.x before 5.2.1 iFix003, and Rational Directory Administrator RDA 6.0 before iFix002, includes the cleartext root password, which allows local users to obtain sensitive information by reading a...

4.9CVSS5.5AI score0.00376EPSS
Exploits0References3
Prion
Prion
added 2014/08/22 1:55 a.m.16 views

Design/Logic Flaw

The RDS Java Client library in IBM Rational Directory Server RDS 5.1.1.x before 5.1.1.2 iFix004 and 5.2.x before 5.2.1 iFix003, and Rational Directory Administrator RDA 6.0 before iFix002, includes the cleartext root password, which allows local users to obtain sensitive information by reading a...

4.9CVSS6AI score0.00376EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2013/09/20 4:0 p.m.23 views

CVE-2013-1130

Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissions for a library directory, which allows local users to gain privileges via a crafted library file, aka Bug ID CSCue33619...

6.5AI score0.0055EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.24 views

CentOS Update for ghostscript CESA-2012:0095 centos5

Check for the Version of ghostscript OpenVAS Vulnerability Test CentOS Update for ghostscript CESA-2012:0095 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

9.3CVSS6.4AI score0.06755EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2012/02/02 10:33 p.m.5 views

ghostscript: CWD included in the default library search path

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

4.4CVSS6.1AI score0.00471EPSS
Exploits0References4
Prion
Prion
added 2011/10/12 2:52 a.m.23 views

Buffer overflow

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Librar...

9.3CVSS8.2AI score0.27772EPSS
Exploits4References4Affected Software3
CVE
CVE
added 2011/10/12 1:0 a.m.156 views

CVE-2011-2003

CVE-2011-2003 : A buffer overflow in win32k.sys used by kernel-mode drivers across multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 RTM/SP1) can be triggered by a crafted .fon file. The vulnerability arises from an input validation error when the ke...

9.3CVSS7.6AI score0.27772EPSS
Exploits4References4Affected Software6
Cvelist
Cvelist
added 2011/10/12 1:0 a.m.30 views

CVE-2011-2003

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Librar...

7.5AI score0.27772EPSS
Exploits4References4
NVD
NVD
added 2008/12/23 6:30 p.m.22 views

CVE-2008-2434

The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in HousecallActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder...

9.3CVSS7.2AI score0.06998EPSS
Exploits0References10
Prion
Prion
added 2008/12/23 6:30 p.m.18 views

Remote code execution

The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in HousecallActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder...

9.3CVSS7.8AI score0.06998EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2008/12/23 6:13 p.m.25 views

CVE-2008-2434

The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in HousecallActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder...

7.8AI score0.06998EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2006/11/03 12:0 a.m.4 views

PT-2006-6385 · Phpmyconferences +1 · Phpmyconferences +1

Name of the Vulnerable Software and Affected Versions: J-Pierre DEZELUS Les Visiteurs version 2.0.1 phpMyConferences version 8.0.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the lvc modules dir parameter in the common/visiteurs/include/library.inc.ph...

9.8CVSS7.8AI score0.01918EPSS
Exploits1References6
NVD
NVD
added 2006/02/11 11:2 a.m.20 views

CVE-2006-0646

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an...

4.4CVSS7.2AI score0.00408EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/02/11 11:0 a.m.22 views

CVE-2006-0646

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an...

7.2AI score0.00408EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2006/02/11 11:0 a.m.23 views

CVE-2006-0646

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an...

4.4CVSS7AI score0.00408EPSS
Exploits0
Rows per page
Query Builder