CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7727 matches found

Vulnerability Lab•added 2012/04/13 12:0 a.m.•34 views

EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities

Document Title: =============== EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=503 Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID: ==================================== 503...

7.1AI score

Exploits0

Metasploit•added 2012/04/12 8:45 a.m.•21 views

Quest InTrust Annotation Objects Uninitialized Pointer

This module exploits an uninitialized variable vulnerability in the Annotation Objects ActiveX component. The ActiveX component loads into memory without opting into ALSR so this module exploits the vulnerability against windows Vista and Windows 7 targets. A large heap spray is required to fulfi...

10CVSS6.9AI score0.69387EPSS

Exploits2

Prion•added 2012/04/10 9:55 p.m.•21 views

Remote code execution

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."...

9.3CVSS8.6AI score0.22368EPSS

Exploits1References6Affected Software1

exploitpack•added 2012/03/28 12:0 a.m.•26 views

Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution

Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: "InTrust...

0.6AI score

Exploits0

0day.today•added 2012/03/28 12:0 a.m.•21 views

Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll

Exploit for windows platform in category remote exploits Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: "InTrust securely collects, stores, reports and alerts on event log data...

7.1AI score

Exploits0

securityvulns•added 2012/03/19 12:0 a.m.•56 views

SAP Business Objects XI R2 Infoview Multiple XSS

Class Input Validation Error Remote Yes Published 10 February 11:00AM Vulnerable XI R2 SAP Business Objects is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

1.3AI score

Exploits0

GitLab Advisory Database•added 2012/03/13 12:0 a.m.•29 views

Direct Manipulation XSS

Ruby on Rails contains a flaw that allows a remote cross-site scripting XSS attack. This flaw exists because the application does not validate direct manipulations of SafeBuffer objects via '' and other methods. This may allow a user to create a specially crafted request that would execute...

4.3CVSS3.2AI score0.02137EPSS

Exploits0References2Affected Software1

OpenVAS•added 2012/03/12 12:0 a.m.•33 views

Debian: Security Advisory (DSA-2408-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.19139EPSS

Exploits31References3

exploitpack•added 2012/03/08 12:0 a.m.•10 views

SAP Business Objects InfoView System - webiwebi_modify.aspx?id Cross-Site Scripting

SAP Business Objects InfoView System - webiwebimodify.aspx?id Cross-Site Scripting source: https://www.securityfocus.com/bid/52361/info SAP Business Objects is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may...

0.3AI score

Exploits0

exploitpack•added 2012/03/08 12:0 a.m.•14 views

SAP Business Objects InfoView System - helphelpredir.aspx?guide Cross-Site Scripting

SAP Business Objects InfoView System - helphelpredir.aspx?guide Cross-Site Scripting source: https://www.securityfocus.com/bid/52361/info SAP Business Objects is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may...

0.2AI score

Exploits0

exploitpack•added 2012/03/08 12:0 a.m.•16 views

SAP Business Objects InfoVew System - listing.aspx?searchText Cross-Site Scripting

SAP Business Objects InfoVew System - listing.aspx?searchText Cross-Site Scripting source: https://www.securityfocus.com/bid/52361/info SAP Business Objects is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may...

Exploits0

Exploit DB•added 2012/03/08 12:0 a.m.•29 views

SAP Business Objects InfoVew System - 'listing.aspx?searchText' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52361/info SAP Business Objects is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

7.4AI score

Exploits0

Exploit DB•added 2012/03/08 12:0 a.m.•25 views

SAP Business Objects InfoView System - '/webi/webi_modify.aspx?id' Cross-Site Scripting

7.4AI score

Exploits0

Exploit DB•added 2012/03/08 12:0 a.m.•23 views

SAP Business Objects InfoView System - '/help/helpredir.aspx?guide' Cross-Site Scripting

7.4AI score

Exploits0

Packet Storm•added 2012/03/08 12:0 a.m.•20 views

SAP Business Objects XI R2 Cross Site Scripting

0.6AI score

Exploits0

Metasploit•added 2012/02/21 1:40 a.m.•33 views

MS12-004 midiOutPlayNextPolyEvent Heap Overflow

This module exploits a heap overflow vulnerability in the Windows Multimedia Library winmm.dll. The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a speciall...

8.1CVSS0.69499EPSS

Exploits12

OpenVAS•added 2012/02/21 12:0 a.m.•84 views

Ubuntu: Security Advisory (USN-1358-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.83911EPSS

Exploits30References4

OpenVAS•added 2012/02/15 12:0 a.m.•32 views

Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)

This host is missing a critical security update according to Microsoft Bulletin MS12-016. OpenVAS Vulnerability Test $Id: secpodms12-016.nasl 8190 2017-12-20 09:44:30Z cfischer $ Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities 2651026 Authors: Sooraj KS...

9.3CVSS0.9AI score0.2817EPSS

Exploits1References4

UbuntuCve•added 2012/02/15 12:0 a.m.•38 views

CVE-2012-0497

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

10CVSS6.9AI score0.05916EPSS

Exploits2References3

Prion•added 2012/02/14 10:55 p.m.•14 views

Information disclosure

Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability."...

4.3CVSS6.8AI score0.16915EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by