Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2019/10/23 12:0 a.m.64 views

Multiple D-Link routers vulnerable to remote command execution

Overview Multiple D-Link routers are vulnerable to unauthenticated remote command execution. Description Several D-Link routers contain CGI capability that is exposed to users as /applysec.cgi, and dispatched on the device by the binary /www/cgi/ssi. This CGI code contains two flaws: 1. The...

10CVSS9.6AI score0.99996EPSS
Exploits5References3
CERT
CERT
added 2015/11/03 12:0 a.m.64 views

Commvault Edge Server deserializes cookie data insecurely

Overview Commvault Edge Server, version 10 R2, deserializes untrusted, user-provided cookie data, resulting in arbitrary OS command execution with the web server's privileges. Description CWE-502: Deserialization of Untrusted Data - CVE-2015-7253Commvault Edge Server, version 10 R2, deserializes...

10CVSS7.7AI score0.04319EPSS
Exploits0References3
CERT
CERT
added 2014/07/24 12:0 a.m.64 views

TestRail cross-site scripting vulnerability

Overview TestRail version 3.1.1.3130 contains a cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Gurock Software TestRail version 3.1.1.3130 contains a stored cross-site scripting vulnerability. The Created ...

4.3CVSS6.6AI score0.01673EPSS
Exploits0References3
CERT
CERT
added 2013/06/05 12:0 a.m.64 views

QNAP VioStor NVR firmware version 4.0.3 and QNAP NAS multiple vulnerabilities

Overview QNAP VioStor NVR firmware version 4.0.3 and possibly earlier versions and QNAP NAS contains multiple vulnerabilities which may allow an attacker to perform administrative functions against the hosted server. Description QNAP VioStor NVR firmware version 4.0.3 and possibly earlier version...

6.8CVSS7.7AI score0.06965EPSS
Exploits0References6
CERT
CERT
added 2013/04/29 12:0 a.m.64 views

McAfee ePolicy Orchestrator 4.6.4 and earlier pre-authenticated SQL injection and directory path traversal vulnerabilities

Overview McAfee ePolicy Orchestrator 4.6.4 and earlier contains a pre-authenticated sql injection and directory path traversal vulnerability which could allow an attacker to inject malicious code into the system. Description McAfee ePolicy Orchestrator 4.6.4 and earlier contains a pre-authenticat...

7.9CVSS8.2AI score0.02544EPSS
Exploits4References1
CERT
CERT
added 2012/11/06 12:0 a.m.64 views

VeriCentre web application SQL injection vulnerability

Overview The VeriCentre web application contains a SQL injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'The VeriCentre web application contains a SQL injection vulnerability within the TerminalId, ModelName, and...

7.5CVSS7.6AI score0.0152EPSS
Exploits1References2
CERT
CERT
added 2008/02/12 12:0 a.m.64 views

Adobe Reader EScript.api arbitrary code execution

Overview The Adobe Acrobat Reader contains a vulnerability that may allow an attacker to execute arbitrary code. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view PDF files insi...

9.3CVSS9.5AI score0.13273EPSS
Exploits1References6
CERT
CERT
added 2007/06/01 12:0 a.m.64 views

CREDANT Mobile Guardian Shield fails to remove credentials from memory

Overview CREDANT Mobile Guardian Shield fails to properly remove credentials from memory, which may allow an attacker to obtain access to the Windows domain and encrypted drive contents. Description CREDANT Mobile Guardian CMG Shield is a component of Mobile Guardian Enterprise Edition. CMG Shiel...

4.6CVSS6.7AI score0.00334EPSS
Exploits0References2
CERT
CERT
added 2006/11/01 12:0 a.m.64 views

WMI Object Broker ActiveX Control bypasses ActiveX security model

Overview The Microsoft WMI Object Broker ActiveX control bypasses the ActiveX security model, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to create reusable software...

6.8CVSS6.5AI score0.42846EPSS
Exploits6References10
CERT
CERT
added 2005/05/05 12:0 a.m.64 views

Debian CVS "pserver" remote access authentication bypass vulnerability

Overview Debian Concurrent Versions System CVS remote repositories using "pserver" with the cvs-repouid Debian patch are vulnerable to authentication bypass. Description CVS is a version control and source code maintenance system that is widely used by open-source software development projects.Th...

7.5CVSS6.8AI score0.02282EPSS
Exploits0References4
CERT
CERT
added 2004/07/12 12:0 a.m.64 views

MySQL fails to properly evaluate zero-length strings in the check_scramble_323() function

Overview There is a vulnerability in the password authentication mechanism of MySQL which could allow an attacker to bypass authentication by supplying a zero-length string. Description MySQL is an open-source database system available for Microsoft Windows, Linux, and other UNIX-based operating...

10CVSS6.3AI score0.69647EPSS
Exploits1References5
CERT
CERT
added 2004/04/14 12:0 a.m.64 views

Microsoft Windows logon process fails contains a buffer overflow during the logon process

Overview The Windows Logon process Winlogon contains a vulnerability that may permit a remote attacker to execute arbitrary code on the system. Description The Windows logon process Winlogon containss a buffer overflow vulnerability during the processeing of the domain value. It fails to perform...

7.5CVSS7.8AI score0.32936EPSS
Exploits0References1
CERT
CERT
added 2004/04/14 12:0 a.m.64 views

Microsoft Private Communication Technology (PCT) fails to properly validate message inputs

Overview A vulnerability exists in the Private Communications Transport PCT protocol, which is part of the Microsoft Secure Sockets Layer SSL library. Exploitation of this vulnerability may permit a remote attacker to compromise the system. An exploit for this issue currently being used to...

7.5CVSS7.6AI score0.83412EPSS
Exploits8References1
CERT
CERT
added 2002/07/30 12:0 a.m.64 views

OpenSSL contains multiple buffer overflows in buffers that are used to hold ASCII representations of integers

Overview OpenSSL is an open-source implementation of the Secure Sockets Layer SSL protocol. There is a buffer overflow on 64-bit platforms related to the ASCII representation of integers. Description OpenSSL clients and servers running on 64-bit platforms prior to version 0.9.6e and pre-release...

9.5AI score
Exploits0References2
CERT
CERT
added 2001/08/02 12:0 a.m.64 views

Microsoft Outlook View Control allows execution of arbitrary code and manipulation of user data

Overview A vulnerability exists in an ActiveX control supplied with Microsoft Outlook 2002 that could allow malicious code on a web page or in an HTML email message to manipulate Outlook data or execute arbitrary code as the user running Outlook. Description Microsoft Outlook 2002 installs an...

10CVSS7AI score0.52851EPSS
Exploits0References12
CERT
CERT
added 2024/01/16 12:0 a.m.63 views

SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies

Overview A vulnerability has been found in the way that SMTP servers and software handle the end-of-data sequences essentially the end of a single email message in mail messages. An attacker can use this inconsistency to craft an email message that can bypass SMTP security policies. Description...

5.3CVSS6.3AI score0.02598EPSS
Exploits6References5
CERT
CERT
added 2020/08/20 12:0 a.m.63 views

Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host

Overview Diebold Nixdorf 2100xe USB automated teller machines ATMs are vulnerable to physical attacks on the communication channel between the cash and check deposit module CCDM and the host computer. An attacker with physical access to internal ATM components may be able to exploit this...

7.1CVSS5.8AI score0.00729EPSS
Exploits0References3
CERT
CERT
added 2017/06/13 12:0 a.m.63 views

HPE SiteScope contains multiple vulnerabilities

Overview HPE's SiteScope is vulnerable to several cryptographic issues, insufficiently protected credentials, and missing authentication. Description HPE's SiteScope is vulnerable to several vulnerabilities. The researcher reports that version 11.31.461 is affected; other versions may also be...

7.8CVSS7AI score0.04934EPSS
Exploits0References8
CERT
CERT
added 2015/03/10 12:0 a.m.63 views

Telerik Analytics Monitor Library allows DLL hijacking

Overview Telerik Analytics Monitor Library is a third-party application analytics service that collects detailed application metrics for vendors. Some versions of the Telerik library allow DLL hijacking, allowing an attacker to load malicious code in the context of the Telerik-based application...

6.9CVSS6.2AI score0.00509EPSS
Exploits0References2
CERT
CERT
added 2011/11/08 12:0 a.m.63 views

Dell KACE K2000 Appliance contains backdoor administrator account

Overview The Dell KACE K2000 System Deployment Appliance contains a hidden administrator account that could allow a remote attacker to take control of an affected device. Description The Dell KACE K2000 Deployment Appliance is an integrated systems provisioning product for large-scale operating...

5CVSS7.2AI score0.01335EPSS
Exploits0References1
CERT
CERT
added 2010/04/12 12:0 a.m.63 views

Java Deployment Toolkit insufficient argument validation

Overview The Sun Java Deployment Toolkit plugin and ActiveX control perform insufficient argument validation, allowing an attacker to perform several attacks, including the execution of an arbitrary JAR file. Description The Sun Java Deployment Toolkit contains an NPAPI Netscape compatible plugin...

10CVSS9.3AI score0.69949EPSS
Exploits7References3
CERT
CERT
added 2009/11/19 12:0 a.m.63 views

Wyse Simple Imager (WSI) includes vulnerable versions of TFTPD32

Overview Wyse Simple Imager WSI includes older versions version of TFTPD32 that contains publicly known vulnerabilities. An attacker could exploit these vulnerabilities to potentially execute arbitrary code on the system running WSI and TFTPD32. Description Wyse Simple Imager WSI is a component o...

7.5CVSS7.8AI score0.63478EPSS
Exploits7References8
CERT
CERT
added 2008/10/15 12:0 a.m.63 views

Microsoft Windows Internet Printing Protocol service integer overflow

Overview The Microsoft Windows Internet Printing Protocol IPP service contains an integer overflow vulnerability, which can allow a remote attacker to execute arbitrary code on a vulnerable system. Description IPP is an IP-based network protocol that allows remote printing and printer management...

9CVSS7.4AI score0.46272EPSS
Exploits2References4
CERT
CERT
added 2007/05/03 12:0 a.m.63 views

ISC BIND denial of service vulnerability

Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. BIND version 9.4.0...

7.1CVSS8.2AI score0.07614EPSS
Exploits0References2
CERT
CERT
added 2007/03/14 12:0 a.m.63 views

Apple ColorSync buffer overflow vulnerability

Overview Apple ColorSync contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description ColorSync is Apple's color management API. OS X applications and devices can use ColorSync profiles to determine how colors in images should be interpreted.ColorSync...

6.8CVSS8.3AI score0.0593EPSS
Exploits0References6
CERT
CERT
added 2006/07/20 12:0 a.m.63 views

OpenOffice.org may fail to properly contain certain Java applets

Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org handle certain Java applets. Description OpenOffice.org is an office suite that is available for multiple operating systems, including Windows, Linux, Apple Mac OS X, and BSD. It includ...

7.6CVSS9.2AI score0.03344EPSS
Exploits0References14
CERT
CERT
added 2005/10/11 12:0 a.m.63 views

Microsoft Plug and Play fails to properly validate user supplied data

Overview Microsoft Plug and Play contains a flaw in message buffer handling that may result in local or remote arbitrary code execution or a denial-of-service condition. Description The following is from the Microsoft Plug and Play description: Plug and Play PnP allows the operating system to...

6.5CVSS7.3AI score0.63062EPSS
Exploits3References2
CERT
CERT
added 2005/08/16 12:0 a.m.63 views

EMC Legato NetWorker database services use insufficient authentication

Overview The EMC Legato NetWorker database services use weak authentication, allowing a remote attacker to gain root access to the server. Description EMC Legato NetWorker is a cross-platform backup and recovery application. It is also repackaged by Sun Microsystems as Solstice Backup and StorEdg...

7.5CVSS7.4AI score0.04625EPSS
Exploits0References8
CERT
CERT
added 2002/12/16 12:0 a.m.63 views

Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization

Overview Secure shell SSH transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. A remote attacker could execute arbitrary code with the privileges of the SSH...

8.1AI score
Exploits0References5
CERT
CERT
added 2022/01/07 12:0 a.m.62 views

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

Overview Various Silicon Labs Z-Wave chipsets do not support encryption, can be downgraded to not use weaker encryption, and are vulnerable to denial of service. Some of these vulnerabilities are inherent in Z-Wave protocol specifications. Description Z-Wave devices based on Silicon Labs chipsets...

8.8CVSS7.3AI score0.00846EPSS
Exploits0References5
CERT
CERT
added 2016/06/20 12:0 a.m.62 views

mDNSResponder contains multiple memory-based vulnerabilities

Overview mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. mDNSResponder version 379.27 and above prior to version 625.41.2 is vulnerable to several buffer overflow vulnerabilities, as well as a null pointer dereference. Description CWE-120:...

9.8CVSS9.9AI score0.04821EPSS
Exploits0References5
CERT
CERT
added 2013/03/18 12:0 a.m.62 views

Verizon Fios Actiontec model MI424WR-GEN3I router vulnerable to cross-site request forgery

Overview The Verizon FIOS Actiontec router model MI424WR-GEN3I is susceptible to cross-site request forgery attacks. CWE-352 Description The Verizon FIOS Actiontec router model MI424WR-GEN3I is susceptible to cross-site request forgery attacks. CWE-352 A remote attacker that is able to trick a us...

6.8CVSS6.4AI score0.02938EPSS
Exploits7References2
CERT
CERT
added 2010/12/07 12:0 a.m.62 views

GNU libc regcomp() stack exhaustion denial of service

Overview The regcomp function of GNU libc is susceptible to stack exhaustion which may result in a denial of service. Description It is possible to trigger deep recursion which results in stack exhaustion. An example trigger is: grep -E ".10,10,10,10,10," --- Impact An attacker may be able to...

7.5AI score
Exploits0
CERT
CERT
added 2010/08/16 12:0 a.m.62 views

Wyse ThinOS LPD service buffer overflow vulnerability

Overview Wyse ThinOS HF 4.4.079i has a buffer overflow vulnerability in the LPD service 515/tcp. Description The LPD service 515/tcp on Wyse ThinOS HF 4.4.079i crashes when a long buffer is sent to it. This condition may exist in all versions before Wyse ThinOS 6.5. --- Impact An attacker can cau...

8.2AI score
Exploits0
CERT
CERT
added 2005/08/12 12:0 a.m.62 views

VERITAS Backup Exec uses hard-coded authentication credentials

Overview The VERITAS Backup Exec Remote Agent uses hard-coded authentication credentials. An attacker with knowledge of these credentials could access arbitrary files on a vulnerable system. Description VERITAS Backup Exec Remote Agent is a data backup and recovery solution with support for...

10CVSS6.9AI score0.87026EPSS
Exploits3References12
CERT
CERT
added 2005/05/10 12:0 a.m.62 views

Mozilla Firefox executes JavaScript in the "IconURL" parameter of "InstallTrigger.install()" with chrome privileges

Overview Mozilla Firefox may execute JavaScript contained within the IconURL parameter of InstallTrigger.install with chrome privileges. This may allow an attacker to execute arbitrary commands on a vulnerable system. Description XPInstallXPInstall is a cross-platform software installation method...

5.1CVSS6.4AI score0.1524EPSS
Exploits1References13
CERT
CERT
added 2004/04/14 12:0 a.m.62 views

Microsoft CIS and RPC over HTTP Proxy components fail to properly handle responses

Overview A vulnerability in a Microsoft HTTP Proxy component may lead to a denial of service. Description Microsoft's COM Internet Sevices CIS and Remote Procedure Call RPC over HTTP Proxy contain a vulnerability that could permit an attacker to cause a denial of service. When a forwarded request...

5CVSS6.3AI score0.39539EPSS
Exploits0References1
CERT
CERT
added 2004/03/24 12:0 a.m.62 views

Ethereal contains multiple vulnerabilities in the IGAP protocol dissector

Overview Ethereal contains multiple buffer overflows in the Internet Group Membership Authentication Protocol IGAP protocol dissector. These vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. Description Ethereal is a network traffic analysis package. It...

5CVSS8.2AI score0.67092EPSS
Exploits0References3
CERT
CERT
added 2003/06/02 12:0 a.m.62 views

Yahoo! Audio Conferencing ActiveX control vulnerable to buffer overflow

Overview A remotely exploitable buffer overflow vulnerability has been discovered in the Yahoo! Audio Conferencing ActiveX control. Description The Yahoo! Audio Conferencing ActiveX control is used in the web-based Yahoo! Chat service, as well as in the Win32 Yahoo! Messenger application. There i...

7.4AI score
Exploits0References8
CERT
CERT
added 2002/12/13 12:0 a.m.62 views

Samba contains a remotely exploitable stack buffer overflow

Overview A remotely exploitable stack buffer overflow exists in the Samba server daemon smbd. Description Versions 2.2.2 through 2.2.6 of Samba contain a remotely exploitable stack buffer overflow. The Samba Team describes Samba as follows:The Samba software suite is a collection of programs that...

8.1AI score
Exploits0References7
CERT
CERT
added 2016/02/01 12:0 a.m.61 views

Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries

Overview Huawei Mobile WiFi E5151, firmware version 21.141.13.00.1080, and E5186, firmware version V200R001B306D01C00, use insufficiently random values for DNS queries and are vulnerable to DNS spoofing attacks. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-8265Huawei Mobile...

7.5CVSS7.8AI score0.0191EPSS
Exploits0References2
CERT
CERT
added 2011/05/17 12:0 a.m.61 views

OpenSSL leaks ECDSA private key through a remote timing attack

Overview The OpenSSL ladder implementation for scalar multiplication of points on elliptic curves over binary fields is susceptible to a timing attack vulnerability. This vulnerability can be used to steal the private key of a TLS server that authenticates with ECDSA signatures and binary curves...

2.6CVSS6AI score0.0343EPSS
Exploits1References2
CERT
CERT
added 2009/11/23 12:0 a.m.61 views

TCP may keep its offered receive window closed indefinitely (RFC 1122)

Overview Part of the Transmission Control Protocol TCP specification RFC 1122 allows a receiver to advertise a zero byte window, instructing the sender to maintain the connection but not send additional TCP payload data. The sender should then probe the receiver to check if the receiver is ready ...

9AI score
Exploits0References21
CERT
CERT
added 2007/06/06 12:0 a.m.61 views

Java Runtime Environment Image Parsing Code buffer overflow vulnerability

Overview The Sun Java Runtime Environment contains a buffer overflow vulnerability that may allow an attacker to execute code or read local files. Description The Java Runtime Environment JRE is a group software packages from Sun Microsystems that allow a computer to access and use Java...

6.8CVSS6.6AI score0.18185EPSS
Exploits0References10
CERT
CERT
added 2006/09/28 12:0 a.m.61 views

OpenSSL SSLv2 client code fails to properly check for NULL

Overview A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Description The OpenSSL toolkit implements the Secure Sockets Layer SSL versions 2 and 3 and Transport Layer Security TLS version 1 protocols as well as a general purpose...

10CVSS8.4AI score0.05706EPSS
Exploits0References6
CERT
CERT
added 2005/10/11 12:0 a.m.61 views

Microsoft Distributed Transaction Coordinator vulnerable to buffer overflow via specially crafted network message

Overview Microsoft Distributed Transaction Coordinator MSDTC may be vulnerable to a flaw that allows remote unauthenticated attackers to execute arbitrary code. Description The Microsoft Distributed Transaction Coordinator MSDTC is described by Microsoft as "distributed transaction facility for...

5CVSS6.9AI score0.39128EPSS
Exploits0References2
CERT
CERT
added 2005/02/08 12:0 a.m.61 views

Microsoft Windows SMB packet validation vulnerability

Overview A vulnerability in the way that Microsoft Windows handles some SMB packets could allow remote attackers to execute code of their choosing on a vulnerable system. Description The Microsoft Server Message Block SMB, and its follow-on, Common Internet File System CIFS, are network protocols...

7.5CVSS6.9AI score0.73094EPSS
Exploits5References2
CERT
CERT
added 2004/12/01 12:0 a.m.61 views

LibTIFF contains multiple integer overflows

Overview Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. Description LibTIFF is a library used to encode and decode images in Tag Image File Format TIFF format. A number of potential integer overflow errors exist in the LibTIFF library. A lack of...

10AI score
Exploits0References8
CERT
CERT
added 2004/08/04 12:0 a.m.61 views

libpng png_handle_sBIT() performs insufficient bounds checking

Overview The Portable Network Graphics library libpng contains a flaw that could introduce a remotely exploitable vulnerability. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics Interchange Format GIF. The libpng...

10CVSS6.5AI score0.82537EPSS
Exploits1References5
CERT
CERT
added 2004/02/02 12:0 a.m.61 views

Microsoft Internet Explorer allows mouse events to manipulate window objects and perform "drag and drop" operations

Overview Microsoft Internet Explorer IE dynamic HTML DHTML mouse events can manipulate windows to copy objects from one domain to another, including the Local Machine Zone. This vulnerability could allow an attacker to write arbitrary files to the local file system. Description In IE, certain DHT...

7.4AI score
Exploits0References30
Total number of security vulnerabilities3704