Lucene search
+L

900 matches found

Zero Day Initiative
Zero Day Initiative
added 2010/11/07 12:0 a.m.27 views

Cisco ICM Setup Manager Agent.exe HandleUpgradeAll Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When processing the...

10CVSS7.8AI score0.07995EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2010/11/07 12:0 a.m.29 views

Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the...

10CVSS7.1AI score0.07995EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2010/11/07 12:0 a.m.22 views

Cisco ICM Setup Manager Agent.exe AgentUpgrade Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the...

10CVSS7.1AI score0.07995EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2010/10/18 12:0 a.m.42 views

IBM Informix Dynamic Server oninit.exe EXPLAIN Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is required in that an attacker must have valid credentials to connect to the database. The specific flaw exists within the oninit.exe process bound by default ...

9CVSS8.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/10/12 12:0 a.m.22 views

SAP BusinessObjects Crystal Reports Server CMS.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CMS.exe process which listens by default on several TCP ports above 1024. When...

10CVSS8.4AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2010/10/12 12:0 a.m.23 views

SAP Crystal Reports JobServer GIOP Request Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JobServer.exe process which listens by default on several TCP ports above 1024...

10CVSS8.4AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2010/09/14 12:0 a.m.25 views

IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed e-mail. The process...

10CVSS8.3AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2010/09/05 12:0 a.m.31 views

Oracle Secure Backup observiced.exe Buffer Overflow (CVE-2010-0072)

Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The server allowsfor single point of management of data present on network attached storage NAS devices and distributed hostswhich may have different operating systems. A stack buffer overflow vulnerability...

10CVSS7.2AI score0.06065EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/08/31 12:0 a.m.41 views

Novell iManager eDirectory Plugin Schema Buffer Overflow (CVE-2009-4486)

A stack buffer overflow vulnerability exists in the Novell iManager eDirectory plugin. The vulnerability is due to improper validation of user input by a sub-application. A remote, authenticated attacker can exploit this vulnerability by sending specially crafted parameters to the application...

7.5CVSS7.4AI score0.0433EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/08/15 12:0 a.m.2 views

Ipswitch IMail Server Mailing List Message Subject Buffer Overflow

The Ipswitch IMail Server is a mail server product geared towards medium to large size organizations. It contains implementations of POP3, IMAP4, and SMTP servers. The SMTP server module is installed and started in a default installation. A buffer overflow vulnerability has been reported in...

8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/07/21 12:0 a.m.35 views

Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Teaming. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Tomcat server installed by default with Teaming. The server exposes an AJAX request...

10CVSS7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/07/21 12:0 a.m.22 views

IBM SolidDB 'solid.exe' Handshake Remote Code Execution Vulnerability

IBM SolidDB is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM user privileges. Failed exploit attempts will result in a denial-of- service condition. The vulnerability is reported in version 6.5 FP1 6.5.0.1. Prior versions...

10CVSS1.1AI score0.05435EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2010/07/15 12:0 a.m.33 views

Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail List Mailer. Authentication is not required to exploit this vulnerability. The specific flaw exists within imailsrv.exe which is invoked to handle messages sent to the imailsrv. When...

10CVSS7.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/07/13 12:0 a.m.17 views

IBM SolidDB solid.exe Handshake Request Username Field Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the solid.exe process which listens by default on TCP port 1315. The code responsible for...

10CVSS7.6AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2010/06/07 12:0 a.m.14 views

Microsoft Windows DNS Client Buffer Overrun (CVE-2006-3441)

There exists a buffer overflow vulnerability in the DNS client component of Microsoft Windows. The flaw is caused by the improper processing of crafted DNS messages. A remote attacker may leverage this vulnerability by sending crafted DNS responses to the affected service, resulting in the possib...

10CVSS7.6AI score0.65532EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/06/06 12:0 a.m.1 views

RealVNC VNC Server ClientCutText Message Memory Corruption

A memory corruption vulnerability has been reported in RealVNC VNC Server. The vulnerability is due to insufficient boundary checks by RealVNC when handling certain messages sent from RealVNC clients. A remote attackerscould exploit this issue by sending a crafted VNC command ot a target server...

8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/05/06 12:0 a.m.42 views

HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted...

10CVSS6.1AI score0.7883EPSS
Exploits5References1
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.141 views

CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: TANDBERG Video Communication Server Arbitrary File Retrieval Release Date:...

4CVSS0.3AI score0.05479EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2010/03/16 12:0 a.m.39 views

SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value...

10CVSS1.8AI score0.15218EPSS
Exploits1References1
seebug.org
seebug.org
added 2010/03/09 12:0 a.m.30 views

Lenovo Hotkey Driver <= v5.33 Privilege Escalation

No description provided by source. Author: Chilik Tamir - Amdocs Power Security Testing Group Website: http://invalid-packet.blogspot.com/2010/03/full-disclosure-security-vulnerability.html Subject: Security vulnerability Privilege escalation in Lenovo Hotkey Driver and Access Connections version...

7.1AI score
Exploits0
Rows per page
Query Builder