Lucene search
K

983 matches found

Zero Day Initiative
Zero Day Initiative
added 2014/04/17 12:0 a.m.30 views

Hewlett-Packard Virtual User Generator EmulationAdmin Service Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed EmulationAdminSoapBinding web service. The issue lies in the...

10CVSS1.6AI score0.10521EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2014/04/17 12:0 a.m.21 views

CA ERwin Web Portal MIMM ConfigServiceProvider Information Disclosure Vulnerability

This vulnerability allows remote attackers to read database credentials on a system with vulnerable installations of CA ERwin Web Portal's Meta Integration Metadata Management service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "Meta...

9CVSS7.1AI score0.05289EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2014/04/17 12:0 a.m.31 views

CA ERwin Web Portal MIMM ProfileIconServlet Multiple Information Disclosure Vulnerabilities

This vulnerability allows remote attackers to read arbitrary files on a system with vulnerable installations of CA ERwin Web Portal's Meta Integration Metadata Management service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "Meta Integration W...

7.8CVSS7.2AI score0.05289EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2013/11/24 12:0 a.m.33 views

HP Business Process Monitor tp_bpm_admin.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Business Process Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the tpbpmadmin.exe server which listens by default...

10CVSS5.9AI score0.03436EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2013/11/24 12:0 a.m.27 views

HP Virtual User Generator EmulationAdmin Service copyFileToServer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the EmulationAdmin web service. This service exposes...

10CVSS6.7AI score0.62617EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
added 2013/10/08 12:0 a.m.42 views

Microsoft Windows TTF CMAP Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

6.9CVSS3.5AI score0.43101EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2013/07/26 12:0 a.m.42 views

Microsoft Windows win32k.sys Privilege Escalation Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must run a malicious executable. The specific flaw exists within the handling of Dynamic Data Exchange...

6.2CVSS3.2AI score0.01743EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2013/07/26 12:0 a.m.70 views

(Pwn2Own) Microsoft Windows NtUserMessageCall Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.9CVSS3.5AI score0.1218EPSS
Exploits8References1
Packet Storm
Packet Storm
added 2013/06/22 12:0 a.m.61 views

HP System Management Homepage JustGetSNMPQueue Command Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "HP System...

9CVSS0.3AI score0.66592EPSS
Exploits12
0day.today
0day.today
added 2013/06/22 12:0 a.m.121 views

HP System Management Homepage JustGetSNMPQueue Command Injection

This Metasploit module exploits a vulnerability found in HP System Management Homepage. By supplying a specially crafted HTTP request, it is possible to control the 'tempfilename' variable in function JustGetSNMPQueue found in ginkgosnmp.inc, which will be used in a exec function. This results in...

9CVSS7.2AI score0.66592EPSS
Exploits12
Packet Storm
Packet Storm
added 2012/12/07 12:0 a.m.44 views

Oracle MySQL For Microsoft Windows MOF Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle MySQL for Microsoft Windows MO...

6CVSS5.5AI score0.31664EPSS
Exploits15
0day.today
0day.today
added 2012/10/18 12:0 a.m.21 views

ManageEngine Security Manager Plus <= 5.5 build 5505 Remote SYSTEM SQLi (MSF)

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2012/08/22 12:0 a.m.159 views

Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Endpoint Protection. Authentication is not required to exploit this vulnerability. The specific flaw exists within SemSvc.exe which listens by default on TCP port 8443 https. The SemSvc...

10CVSS5AI score0.0146EPSS
Exploits7References1
Packet Storm
Packet Storm
added 2012/06/02 12:0 a.m.23 views

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Citrix Provisioning Services 5.6 SP1...

0.7AI score
Exploits0
Metasploit
Metasploit
added 2012/05/31 8:45 p.m.15 views

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow

This module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 without Hotfix CPVS56SP1E043 by sending a malformed packet with the opcode 0x40020006 GetObjetsRequest to the 6905/UDP port. The module, which allows code execution under the context of SYSTEM, has been...

0.6AI score
Exploits0
Metasploit
Metasploit
added 2012/05/04 1:24 a.m.18 views

Solarwinds Storage Manager 5.1.0 SQL Injection

This module exploits a SQL injection found in Solarwinds Storage Manager login interface. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. This module requires Metasploi...

8.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2012/01/10 12:0 a.m.11 views

Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The flaw exists within the xnfs.nlm component which is used when handling NFS RPC requests. This process listens on UDP...

10CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2012/01/05 12:0 a.m.22 views

Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The flaw exists within the xnfs.nlm component which is used when handling NFS RPC requests. This process listens on UDP...

10CVSS7.8AI score
Exploits0References1
Metasploit
Metasploit
added 2011/10/20 5:29 p.m.14 views

HP Power Manager 'formExportDataLogs' Buffer Overflow

This module exploits a buffer overflow in HP Power Manager's 'formExportDataLogs'. By creating a malformed request specifically for the fileName parameter, a stack-based buffer overflow occurs due to a long error message which contains the fileName, which may result in arbitrary remote code...

10CVSS10AI score0.71807EPSS
Exploits11
Zero Day Initiative
Zero Day Initiative
added 2011/08/16 12:0 a.m.28 views

Symantec Veritas Storage Foundation vxsvc.exe Unicode String Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vxsvc.exe process. The problem affecting the part of the serve...

10CVSS5.7AI score0.06646EPSS
Exploits0References1
Rows per page
Query Builder