Lucene search
K

350 matches found

Check Point Advisories
Check Point Advisories
added 2014/02/11 12:0 a.m.10 views

Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0283)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.5AI score0.25401EPSS
Exploits1
Veeam
Veeam
added 2014/01/22 12:0 a.m.19 views

Web Client Plug-in error: “invalid Single Sign-On token”

Challenge When a new user of the vSphere web client attempts to access the Veeam Web Client Plug-in, they encounter the following error: Server error: Failed to login to Veeam Backup Enterprise Manager. Login failed due to invalid Single Sign-On token Cause To successfully obtain statistics from...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/07/25 12:0 a.m.7 views

ClamAV UPX File PE parsing Memory Access Error (CVE-2013-2020)

A memory access error vulnerability exists in ClamAV antivirus software. The vulnerability is due to an errors in "pe.c" while parsing UPX-packed executable files. Remote attackers could exploit the vulnerability to cause a denial of service condition. Successful exploitation would lead to...

5CVSS8.6AI score0.03547EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/06/20 12:0 a.m.5 views

ClamAV Encrypted PDF File Handling Memory Access Error (CVE-2013-2021)

A memory access error has been reported in ClamAV antivirus...

4.3CVSS8.9AI score0.03502EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2013/05/14 12:0 a.m.9 views

Internet Explorer Initialization Error Use-after-free (MS13-037; CVE-2013-1307)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.20643EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/05/08 12:0 a.m.9 views

Oracle Java Web Start ActiveX Control launchApp Memory Access Error (CVE-2013-2416)

A code execution vulnerability exists in Oracle Java Web Start. The vulnerability is due to memory corruption in javaws.exe, a helper application executed from the launchApp method of the JWS ActiveX control. An attacker can exploit this vulnerability by enticing the target user to open a special...

4.3CVSS7.1AI score0.08769EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2013/02/12 12:0 a.m.25 views

Internet Explorer CHTML Use After Free (MS13-009; CVE-2013-0029)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.30339EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/01/10 12:0 a.m.51 views

Google Chrome < 24.0.1312.52 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 24.0.1312.52 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to SVG layout, DOM handling, video seeking, PDF fields and printing. CVE-2012-5145, CVE-2012-5147,...

10CVSS7.8AI score0.08158EPSS
Exploits2References25
RedHat Linux
RedHat Linux
added 2012/01/11 5:43 p.m.5 views

libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service application crash via a...

4.3CVSS6.5AI score0.03133EPSS
Exploits1References4
Prion
Prion
added 2011/09/23 11:55 p.m.13 views

Information disclosure

FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdfbridge.php and certain other files...

5CVSS6.6AI score0.01372EPSS
Exploits1References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2011/08/23 12:0 a.m.8 views

Microsoft Host Integration Server snabase.exe Memory Access Error

A denial of service DoS vulnerability has been reported in Microsoft Host Integration Server HIS. HIS is a gateway application that provides host access and integration, extending Microsoft Windows to other systems by integrating mission-critical host applications, data sources, messaging and...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.29 views

Cisco IOS Secure Shell Denial of Service Vulnerabilities - Cisco Systems

The Secure Shell server SSH implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device. The IOS SSH server is an optional service that is disabled by default, but its...

7.1CVSS5.5AI score0.02508EPSS
Exploits1References3
Check Point Advisories
Check Point Advisories
added 2010/02/23 12:0 a.m.20 views

TCPDUMP ISAKMP Payload Handling DoS (CVE-2004-0183)

Tcpdump parses and displays, and optionally records packets received on a network interface matching a user provided filter. Two vulnerabilities exist in the Tcpdump ISAKMP payload handling module, which can be exploited to cause a DoS Denial of Service by sending packets with specially crafted...

5CVSS6.5AI score0.05622EPSS
Exploits0
OSV
OSV
added 2008/09/04 4:41 p.m.3 views

DEBIAN-CVE-2008-1389

libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...

5CVSS6.3AI score0.03377EPSS
Exploits1References1
seebug.org
seebug.org
added 2008/06/20 12:0 a.m.45 views

Fetchmail Verbose模式超大日志消息远程拒绝服务漏洞

BUGTRAQ ID: 29705 CVECAN ID: CVE-2008-2711 Fetchmail是免费的软件包,可以从远程POP2、POP3、IMAP、ETRN或ODMR服务器检索邮件并将其转发给本地SMTP、LMTP服务器或消息传送代理。 Fetchmail在处理消息时存在内存访问错误,以-v -v verbose级别运行的fetchmail在试图打印超过2048字节的头时会重新调整缓冲区大小并填充消息的多出部分,但没有重新初始化其 valist类型的源指针,因此可能会在栈上的无效地址读取数据,导致出现分段错误而崩溃。 fetchmail 6.3.9 临时解决方法:...

4.3CVSS0.2AI score0.03003EPSS
Exploits1
securityvulns
securityvulns
added 2008/05/22 12:0 a.m.85 views

Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service Vulnerabilities Advisory ID: cisco-sa-20080521-ssh http://www.cisco.com/warp/public/707/cisco-sa-20080521-ssh.shtml Revision 1.0 For Public Release 2008 May 21 1600 UTC GMT...

7.1CVSS0.7AI score0.02508EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.29 views

Moderate: Red Hat Security Advisory: conga security, bug fix, and enhancement update

Updated conga packages that correct a security flaw and provide bug fixes and add enhancements are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Conga package is a web-based administration tool for remote cluster and storag...

5CVSS5.8AI score0.01745EPSS
Exploits0References55
OSV
OSV
added 2005/03/01 5:0 a.m.6 views

CVE-2004-1001

Unknown vulnerability in the passwdcheck function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pamchauthtok function call is not properly handled...

6AI score0.00347EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2004/12/31 12:0 a.m.4 views

PT-2004-2106 · Ethereal +1 · Ethereal +1

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.10.1 through 0.10.7 Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending a certain packet that causes the HTTP dissector to access...

7.5CVSS6.4AI score0.06308EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.36 views

Debian DSA-498-1 : libpng - out of bound access

Steve Grubb discovered a problem in the Portable Network Graphics library libpng which is utilised in several applications. When processing a broken PNG image, the error handling routine will access memory that is out of bounds when creating an error message. Depending on machine architecture,...

5CVSS7.1AI score0.04107EPSS
Exploits0References2
Rows per page
Query Builder