CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7301 matches found

Tenable Nessus•added 2020/02/11 12:0 a.m.•54 views

HPE Intelligent Management Center dbman Command 10018 Multiple Vulnerabilities

The HPE Intelligent Management Center iMC dbman process running on the remote host is affected by multiple vulnerabilities : - A command injection vulnerability exists due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this, via a series of specially...

10CVSS9.1AI score0.04359EPSS

Exploits0References3

OSV•added 2020/02/09 7:13 p.m.•8 views

MGASA-2020-0081 Updated sudo packages fix security vulnerability

The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...

7.8CVSS7.8AI score0.19426EPSS

Exploits13References5

Prion•added 2020/02/05 7:15 p.m.•17 views

Stack overflow

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquant...

10CVSS7.6AI score0.04173EPSS

Exploits0References2Affected Software21

IBM Security Bulletins•added 2020/02/04 4:40 p.m.•28 views

Security Bulletin: XML vulnerabilities in ClearQuest (CVE-2016-0729, CVE-2016-4463)

Summary IBM Rational ClearQuest is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

9.8CVSS2AI score0.1425EPSS

Exploits0Affected Software1

Tenable Nessus•added 2020/02/03 12:0 a.m.•50 views

FreeBSD : sudo -- Potential bypass of Runas user restrictions (b4e5f782-442d-11ea-9ba9-206a8a720317)

Todd C. Miller reports : Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting their password. For each key press, an asterisk is printed. This option was added in response to user confusion over how the standard Password: prompt disables the echoing of key...

7.8CVSS7.6AI score0.19426EPSS

Exploits13References3

Talos•added 2020/02/03 12:0 a.m.•24 views

Mini-SNMPD socket disconnect denial-of-service vulnerability

Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate...

7.5CVSS7.7AI score0.02197EPSS

Exploits1

UbuntuCve•added 2020/01/31 10:15 p.m.•19 views

CVE-2014-8322

Stack-based buffer overflow in the tcptest function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value...

9.8CVSS7.4AI score0.23925EPSS

Exploits3References3

NVD•added 2020/01/31 6:15 p.m.•14 views

CVE-2013-3488

Stack-based buffer overflow in Media Player Classic - Home Cinema MPC-HC before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream M2TS file...

7.8CVSS8AI score0.02514EPSS

Exploits0References2

CVE•added 2020/01/31 5:46 p.m.•103 views

CVE-2013-3488

CVE-2013-3488 affects Media Player Classic - Home Cinema (MPC-HC) prior to 1.7.0.7858. The vulnerability is a stack-based buffer overflow in processing MPEG-2 Transport Stream (M2TS) files, enabling remote attackers to potentially execute arbitrary code. The public documents specify the affected ...

7.8CVSS8AI score0.02514EPSS

Exploits0References2Affected Software1

Prion•added 2020/01/29 6:15 p.m.•26 views

Stack overflow

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist on...

4.6CVSS7.7AI score0.19426EPSS

Exploits13References26Affected Software2

AlpineLinux•added 2020/01/29 5:23 p.m.•38 views

CVE-2019-18634

7.8CVSS8.2AI score0.19426EPSS

Exploits13

Prion•added 2020/01/27 3:15 p.m.•15 views

Stack overflow

XnView 2.03 has a stack-based buffer overflow vulnerability...

7.5CVSS7.6AI score0.01539EPSS

Exploits0References1Affected Software1

CVE•added 2020/01/27 2:24 p.m.•46 views

CVE-2013-3492

The CVE-2013-3492 entry concerns XnView 2.03 and is documented to have a stack-based buffer overflow vulnerability in XnView. Affected software is XnView 2.03; the underlying cause is a stack-based overflow. The available connected documents confirm the vulnerability but do not provide specifics ...

9.8CVSS9.6AI score0.01539EPSS

Exploits0References1Affected Software1

OpenVAS•added 2020/01/23 12:0 a.m.•22 views

Huawei EulerOS: Security Advisory for liblouis (EulerOS-SA-2018-1222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.03236EPSS

Exploits0References2

OpenVAS•added 2020/01/23 12:0 a.m.•20 views

Huawei EulerOS: Security Advisory for librelp (EulerOS-SA-2018-1182)

9.8CVSS9.7AI score0.09662EPSS

Exploits1References2

OpenVAS•added 2020/01/23 12:0 a.m.•25 views

Huawei EulerOS: Security Advisory for quagga (EulerOS-SA-2019-2228)

9.8CVSS7.6AI score0.30462EPSS

Exploits0References2

OpenVAS•added 2020/01/23 12:0 a.m.•20 views

Huawei EulerOS: Security Advisory for librelp (EulerOS-SA-2018-1134)