Lucene search
K

984 matches found

Zero Day Initiative
Zero Day Initiative
added 2015/05/12 12:0 a.m.30 views

Hewlett-Packard Network Virtualization Information Disclosure Vulnerability

This vulnerability allows remote attackers to read arbitrary files on vulnerable installations of Hewlett-Packard Network Virtualization. Authentication is not required to exploit this vulnerability. The specific flaw exists because neither the HttpServlet nor the NetworkEditorController sanitize...

7.8CVSS6.2AI score0.02899EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/05/07 12:0 a.m.14 views

ManageEngine Desktop Central MSP FileUploadServlet computerName File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Desktop Central MSP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet servlet. The issue lies in the failure to...

10CVSS7.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2015/05/07 12:0 a.m.22 views

EMC AutoStart ftAgent Opcode 20 Subcode 2060 Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is required to exploit this vulnerability, but can be easily bypassed. The specific flaw exists within ftAgent.exe which listens on TCP port 8045, when handling opcode...

9CVSS6.9AI score0.07209EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/04/15 12:0 a.m.25 views

ManageEngine OpManager MigrateCentralData zipFileName File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine OpManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MigrateCentralData servlet. The issue lies in the failure to sanitize the...

10CVSS7AI score0.79759EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
added 2015/04/15 12:0 a.m.37 views

ManageEngine OpManager DataComparisionServlet query SQL Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine OpManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DataComparisonServlet servlet. The issue lies in the ability to execute...

10CVSS7.4AI score0.73323EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
added 2015/04/08 12:0 a.m.26 views

IBM Tivoli Storage Manager FastBack CRYPTO_S_EncryptBufferToBuffer Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CRYPTOSEncryptBufferToBuffer function. By sending a specially crafted...

9.3CVSS7AI score0.01423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/02/10 12:0 a.m.31 views

Motorola Scanner SDK rsmdriverproviderservice.exe Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code with elevated privileges on vulnerable installations of Motorola Scanner SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the file permissions ACLs on an installed directory...

7.2CVSS6.8AI score0.00476EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/02/10 12:0 a.m.26 views

Motorola Scanner SDK ScannerService.exe Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code with elevated privileges on vulnerable installations of Motorola Scanner SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the file permissions ACLs on an installed directory...

7.2CVSS6.8AI score0.00476EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/02/10 12:0 a.m.36 views

Microsoft Windows win32k.sys Dangling Pointer Privilege Escalation Vulnerability

This vulnerability allows for elevation of privilege on vulnerable installations of Microsoft Windows. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The specific flaw exists within the usage of Cursor objects. The issue lies in the...

6.9CVSS6.4AI score0.02693EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/02/10 12:0 a.m.70 views

Motorola Scanner SDK CoreScanner.exe Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code with elevated privileges on vulnerable installations of Motorola Scanner SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the file permissions ACLs on an installed directory...

7.2CVSS6.8AI score0.00476EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/30 12:0 a.m.8 views

Apple MAC OS X Yosemite IODataQueue Object Handling Checksum Vulnerability

Apple MAC OS X Yosemite is the latest operating system developed by Apple. Apple MAC OS X Yosemite suffers from a checksum issue with some metadata fields in the handling of the IODataQueue object, which allows malicious applications to execute arbitrary code in the system context...

10CVSS7.6AI score0.02859EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/27 12:0 a.m.45 views

iPass Open Mobile Windows Client Remote Code Execution Vulnerability

iPass Open Mobile is a quick and easy way for you to use your device to connect to over a million enabled WIFIs around the world. A security vulnerability exists in the iPass Open Mobile client that allows attackers to register arbitrary DLLs via UNC shared pathnames by sending specially crafted...

9CVSS7.2AI score0.52125EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
added 2014/12/11 12:0 a.m.43 views

ManageEngine NetFlow Analyzer CollectorConfInfoServlet COLLECTOR_ID Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine NetFlow Analyzer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CollectorConfInfoServlet servlet. The issue lies in the failure to...

10CVSS7.1AI score0.06257EPSS
Exploits0References1
0day.today
0day.today
added 2014/12/10 12:0 a.m.46 views

Lexmark MarkVision Enterprise ReportDownloadServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lexmark MarkVision Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReportDownloadServlet class. The class contains a method that does n...

8.2AI score0.04366EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2014/12/09 12:0 a.m.32 views

Lexmark MarkVision Enterprise ReportDownloadServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lexmark MarkVision Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReportDownloadServlet class. The class contains a method that does n...

7.8CVSS8.1AI score0.04366EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2014/07/24 12:0 a.m.33 views

Shunra Network Virtualization for Hewlett-Packard toServerObject() Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Visualization. Authentication is not required to exploit this vulnerability. The specific flaw exists within the toServerObject function. The method does not properly saniti...

9.4CVSS7.5AI score0.19407EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2014/07/09 12:0 a.m.39 views

Hewlett-Packard Universal CMDB Default Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Universal CMDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default configuration of Hewlett-Packard Universal CMDB. The...

10CVSS7.2AI score0.12235EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

HP OmniInet.exe Opcode 20 Buffer Overflow

No description provided by source. $Id: hpomniinet4.rb 13096 2011-07-04 22:33:47Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Working Resources BadBlue 1.5/1.6 Triple-Dot-Slash Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4179/info Working Resources BadBlue is a webserver intended to share various resources and is developed for Microsoft Windows environments. BadBlue is prone to directory traversal attacks. It is possible for a remote...

7.1AI score
Exploits0
Rows per page
Query Builder