Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
•added 2001/10/24 12:0 a.m.•61 views

SSH CRC32 attack detection code contains remote integer overflow

Overview There is a remote integer overflow vulnerability in several implementations of the SSH1 protocol that allows an attacker to execute arbitrary code with the privileges of the SSH daemon, typically root. Description There is a remote integer overflow vulnerability in several implementation...

10CVSS7AI score0.32416EPSS
Exploits1References9
CERT
CERT
•added 2001/05/15 12:0 a.m.•61 views

IIS decodes filenames superfluously after applying security checks

Overview Microsoft IIS decodes filenames after applying security checks, allowing an attacker to execute commands. Description To accomodate complex URIs, RFC 2396 specifies a means to encode arbitrary octets using hexadecimal characters and the percent sign %. Quoting from RFC 2396: An escaped...

7.5CVSS6.8AI score0.9077EPSS
Exploits8References8
CERT
CERT
•added 2000/09/26 12:0 a.m.•61 views

HHControl Object (showHelp) may execute shortcuts embedded in help files

Overview The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file CHM to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not...

5.1CVSS6.2AI score0.06848EPSS
Exploits0References11
CERT
CERT
•added 2023/08/11 12:0 a.m.•60 views

Python Parsing Error Enabling Bypass CVE-2023-24329

Overview urllib.parse is a very basic and widely used basic URL parsing function in various applications. Description An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. urlparse has a...

7.5CVSS8.3AI score0.20459EPSS
Exploits3References2
CERT
CERT
•added 2017/05/04 12:0 a.m.•60 views

Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates

Overview Space Coast Credit Union SCCU Mobile for Android, version 2.1.0.1104 and earlier, and for iOS, version 2.2 and earlier, fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle MITM attacks. Description CWE-295:...

5.9CVSS5.4AI score0.00848EPSS
Exploits0References3
CERT
CERT
•added 2015/09/03 12:0 a.m.•60 views

Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N contains multiple vulnerabilities

Overview Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N, firmware version 5.07.50 and possibly earlier, uses non-unique default credentials and is vulnerable to universal authentication bypass and cross-site request forgery CSRF. Description CWE-255: Credentials Management -...

10CVSS9.3AI score0.19065EPSS
Exploits7References6
CERT
CERT
•added 2008/01/30 12:0 a.m.•60 views

SwiftView ActiveX control and plug-in stack buffer overflow

Overview The SwiftView ActiveX control and plug-in contain a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SwiftView is software used to view or print PCL, HPGL, and TIFF files. SwiftSend is a product used f...

10CVSS6.9AI score0.08377EPSS
Exploits0References2
CERT
CERT
•added 2007/06/06 12:0 a.m.•60 views

Microsoft Windows GDI+ ICO InfoHeader Height division by zero vulnerability

Overview Microsoft Windows GDI+ fails to properly handle ICO files, which could allow a remote, unauthenticated attacker to cause a denial-of-service condition. Description Microsoft Windows Graphics Device Interface GDI+ is an application programming interface API that provides programmers the...

7.1CVSS5.2AI score0.15424EPSS
Exploits4References3
CERT
CERT
•added 2007/05/31 12:0 a.m.•60 views

Mozilla Layout Engine memory corruption vulnerabilities

Overview The Mozilla layout engine contains multiple vulnerabilities that may lead to memory corruption. These vulnerabilities may allow an attacker to execute code or cause a denial-of-service condition. Description The Mozilla Layout Engine contains an multiple vulnerabilities that may result i...

9.3CVSS7.8AI score0.03407EPSS
Exploits0References21
CERT
CERT
•added 2006/11/30 12:0 a.m.•60 views

Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input

Overview The Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input to its methods. This could allow an attacker to cause the application using the ActiveX control to crash. Description Adobe Acrobat and Adobe Reader provide an ActiveX control to allow applications such as...

9.3CVSS6.3AI score0.42952EPSS
Exploits1References7
CERT
CERT
•added 2002/10/02 12:0 a.m.•60 views

ZIP archives containing files with large filenames can cause buffer overflows

Overview Multiple file decompression utilities contain buffer overflow vulnerabilities for which the impacts vary. Description Researchers at Rapid7, Inc. have discovered that multiple file decompression utilities are susceptible to buffer overflows as a result of large filenames embedded in...

7.5CVSS7.2AI score0.43298EPSS
Exploits0References1
CERT
CERT
•added 2002/08/12 12:0 a.m.•60 views

Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets

Overview Internet Key Exchange IKE implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. Description The CERT/CC has received a report describin...

8.6AI score
Exploits0References12
CERT
CERT
•added 2001/11/28 12:0 a.m.•60 views

WU-FTPD does not properly handle file name globbing

Overview SecurityFocus and CORE Security Technologies have reported a vulnerability in WU-FTPD. WU-FTPD does not handle file name globbing properly and may allow an attacker to execute arbitrary code. WU-FTPD is a widely-used FTP daemon that is included in many UNIX and Linux distributions. This...

7.5CVSS9.9AI score0.74762EPSS
Exploits3References7
CERT
CERT
•added 2017/04/17 12:0 a.m.•59 views

IBM Lotus Domino server mailbox name stack buffer overflow

Overview The IBM Lotus Domino server IMAP service contains a stack-based buffer overflow vulnerability in IMAP commands that refer to a mailbox name. This can allow a remote, authenticated attacker to execute arbitrary code with the privileges of the Domino server Description IBM Lotus Domino...

8.8CVSS8.9AI score0.06792EPSS
Exploits2References4
CERT
CERT
•added 2017/02/08 12:0 a.m.•59 views

Accellion FTP server contains information exposure and cross-site scripting vulnerabilities

Overview The Accellion FTP server prior to version FTA912220 is vulnerable to cross-site scripting and information exposure. Description CWE-204: Response Discrepancy Information Exposure- CVE-2016-9499Accellion FTP server only returns the username in the server response if the a username is...

6.1CVSS5.7AI score0.07766EPSS
Exploits2References3
CERT
CERT
•added 2016/04/22 12:0 a.m.•59 views

SysLINK M2M Modular Gateway contains multiple vulnerabilities

Overview The SysLINK SL-1000 M2M Machine-to-Machine Modular Gateway contains multiple vulnerabilities. Description According to the researcher, the SysLINK SL-1000 M2M Modular Gateway contains multiple vulnerabilities:CWE-259: Use of Hard-coded Password - CVE-2016-2331 By default, the device's we...

10CVSS9.2AI score0.02767EPSS
Exploits0
CERT
CERT
•added 2015/05/05 12:0 a.m.•59 views

Bomgar Remote Support Portal deserializes untrusted data

Overview Bomgar Remote Support version 14.3.1 and possibly earlier versions deserialize untrusted data without sufficient validation, allowing an attacker to potentially execute arbitrary PHP code. Description CWE-502: Deserialization of Untrusted Data Bomgar Remote Support version 14.3.1 and...

7.5CVSS7.1AI score0.05869EPSS
Exploits4References2
CERT
CERT
•added 2014/06/18 12:0 a.m.•59 views

Belkin N150 path traversal vulnerability

Overview Belkin N150 wireless routers contain a path traversal vulnerability. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2014-2962Belkin N150 wireless router firmware versions 1.00.07 and earlier contain a path traversal vulnerability...

7.8CVSS6.3AI score0.47095EPSS
Exploits1References2
CERT
CERT
•added 2013/10/17 12:0 a.m.•59 views

D-Link routers authenticate administrative access using specific User-Agent string

Overview Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router's administrative web interface. Planex and Alpha Networks devices may also be...

10CVSS7.5AI score0.0768EPSS
Exploits5References5
CERT
CERT
•added 2013/08/30 12:0 a.m.•59 views

Coursemill Learning Management System contains multiple vulnerabilities

Overview Coursemill Learning Management System version 6.6 and 6.8 contains multiple vulnerabilities. Description CWE-472: External Control of Assumed-Immutable Web Parameter - CVE-2013-3599In Coursemill 6.6, when loading the home page /coursemill/cm0660/home.html the response to the userlogin.js...

9.3CVSS6.6AI score0.0193EPSS
Exploits0References1
CERT
CERT
•added 2013/01/08 12:0 a.m.•59 views

Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters

Overview The Ruby on Rails Action Pack framework is susceptible to authentication bypass, SQL injection, arbitrary code execution, or denial of service. Description The Ruby on Rails advisory states:"Multiple vulnerabilities in parameter parsing in Action Pack There are multiple weaknesses in the...

7.5CVSS8.7AI score0.99449EPSS
Exploits21References4
CERT
CERT
•added 2012/10/23 12:0 a.m.•59 views

Broadcom BCM4325 and BCM4329 wireless chipset denial-of-service vulnerability

Overview Broadcom BCM4325 and BCM4329 wireless chipsets have been reported to contain an out-of-bounds read error condition that may be exploited to produce a denial-of-service condition. Description The CORE Security Technologies advisory states:"An out-of-bounds read error condition exists in...

7.8CVSS6.8AI score0.12862EPSS
Exploits3References1
CERT
CERT
•added 2012/07/17 12:0 a.m.•59 views

Oracle Outside In contains multiple exploitable vulnerabilities

Overview Oracle Outside In contains multiple exploitable vulnerabilities in its parsers, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of libraries that can decode over 500 different file formats...

2.1CVSS6.7AI score0.01182EPSS
Exploits0References6
CERT
CERT
•added 2010/01/19 12:0 a.m.•59 views

BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses

Overview A vulnerability exists in the BIND 9 DNSSEC validation code that could be used by an attacker to generate fake NXDOMAIN responses. Description BIND 9 contains a vulnerability in DNSSEC validation code. According to ISC: There was an error in the DNSSEC NSEC/NSEC3 validation code that cou...

4.3CVSS7.4AI score0.09363EPSS
Exploits0References1
CERT
CERT
•added 2010/01/14 12:0 a.m.•59 views

Microsoft Internet Explorer HTML object memory corruption vulnerability

Overview An invalid pointer reference within Microsoft Internet Explorer may lead to execution of arbitrary code. Description Microsoft Internet Explorer contains a memory corruption vulnerability, which can result in an invalid pointer being accessed after an object is incorrectly initialized or...

9.3CVSS8.7AI score0.91885EPSS
Exploits16References8
CERT
CERT
•added 2007/05/14 12:0 a.m.•59 views

Samba NDR MS-RPC heap buffer overflow

Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...

10CVSS9.1AI score0.77806EPSS
Exploits23References12
CERT
CERT
•added 2007/04/10 12:0 a.m.•59 views

Microsoft Windows Vista CSRSS privilege escalation vulnerability

Overview The Microsoft Windows Client/Server Run-time Subsystem CSRSS process fails to properly handle error messages. This vulnerability may allow an attacker to execute arbitrary code. Description The Microsoft Client/Server Run-time Subsystem CSRSS is an essential subsystem. CSRSS is responsib...

7.2CVSS6.5AI score0.02686EPSS
Exploits0References1
CERT
CERT
•added 2006/12/07 12:0 a.m.•59 views

The Ipswitch IMail Server is vulnerable to a buffer overflow

Overview The Ipswitch IMail Server is vulnerable to a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description According to Ipswitch Security Advisory 20061101:A vulnerability that allowed remote...

7.5CVSS7.9AI score0.60041EPSS
Exploits8References4
CERT
CERT
•added 2006/09/20 12:0 a.m.•59 views

Adobe Flash Player allowScriptAccess protection bypass vulnerability

Overview A vulnerability in Adobe Flash Player may allow a remote attacker to bypass allowScriptAccess protection. Description Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser. According to Adobe: The...

6.8CVSS5.7AI score0.09899EPSS
Exploits0References5
CERT
CERT
•added 2006/08/03 12:0 a.m.•59 views

Apple Mac OS X AFP server stores reconnect keys in a world-readable file

Overview A vulnerability in Apple Mac OS X AFP server may allow an authenticated local user to access files or folders with the credentials of another user. Description The AFP Apple Filing Protocol service allows Apple Mac OS clients to remotely access files from a server. In Apple's Mac OS X...

2.1CVSS5.8AI score0.00912EPSS
Exploits1References2
CERT
CERT
•added 2005/11/23 12:0 a.m.•59 views

Cisco PIX fails to verify TCP checksum

Overview Versions of Cisco PIX firewalls do not validate the checksum of transiting TCP packets. Attackers may be able to use this problem to create a sustained denial-of-service under certain conditions. Description Cisco PIX firewall systems are used to enforce site-specific network security...

5CVSS6.5AI score0.18207EPSS
Exploits0References6
CERT
CERT
•added 2005/06/07 12:0 a.m.•59 views

Yamaha MusicCAST MCX-1000 wireless network interface operates in Access Point mode by default

Overview The Yamaha MusicCAST MCX-1000 server wireless networking interface is enabled by default, cannot be disabled, and operates in Access Point mode. A remote attacker could access the MusicCAST wireless network and potentially any other network connected to the MusicCAST. Description The...

7AI score
Exploits0References5
CERT
CERT
•added 2004/01/16 12:0 a.m.•59 views

tcpdump contains vulnerability in ISAKMP decoding function rawprint() in print-isakmp.c

Overview tcpdump contains a vulnerability in the way it parses Internet Security Association and Key Management Protocol ISAKMP packets. Description tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way the tcpdump rawprint function...

5CVSS7.4AI score0.05275EPSS
Exploits0References7
CERT
CERT
•added 2019/12/19 12:0 a.m.•58 views

Telos Automated Message Handling System contains multiple vulnerabilities

Overview Telos Automated Message Handling System AMHS contains multiple XSS vulnerabilities and a database information disclosure vulnerability. Description Telos AMHS is a web-based messaging system that supports DoD and Intelligence Community IC security marking requirements. AMHS versions prio...

6.3AI score
Exploits0References2
CERT
CERT
•added 2017/01/13 12:0 a.m.•58 views

CodeLathe FileCloud is vulnerable to cross-site request forgery

Overview CodeLathe FileCloud, version 13.0.0.32841 and earlier, is vulnerable to cross-site request forgery CSRF. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2016-6578CodeLathe FileCloud is an "is an Enterprise File Access, Sync and Share solution that runs on-premise." FileCloud,...

8.8CVSS9AI score0.00874EPSS
Exploits0References3
CERT
CERT
•added 2014/09/19 12:0 a.m.•58 views

FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities

Overview Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks CWE-300 and a heap-based overflow vulnerability CWE-122. Description Fortinet FortiGate and FortiWiFi 4.00.6 and possibly earlier versions are susceptible to man-in-the-middle attacks CWE-300 and a...

7.5CVSS7.6AI score0.05143EPSS
Exploits0References3
CERT
CERT
•added 2014/05/22 12:0 a.m.•58 views

Bizagi BPM Suite contains multiple vulnerabilities

Overview Bizagi BPM Suite contains a reflected cross-site scripting vulnerability and a SQL injection vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-2947According to Open-Sec consultant Mauricio Urizar, all versions...

6.5CVSS6.6AI score0.01107EPSS
Exploits0References2
CERT
CERT
•added 2013/10/10 12:0 a.m.•58 views

Ruckus Wireless Zoneflex 2942 Wireless Access Point vulnerable to authentication bypass

Overview Ruckus Wireless Zoneflex 2942 Wireless Access Point version 9.6.0.0.267 and possibly earlier versions contains an authentication bypass vulnerability CWE-592. Description CWE-592: Authentication Bypass Issues Ruckus Wireless Zoneflex 2942 Wireless Access Point version 9.6.0.0.267 contain...

7.2CVSS6.8AI score0.02123EPSS
Exploits5References2
CERT
CERT
•added 2013/08/30 12:0 a.m.•58 views

Supermicro IPMI based on ATEN firmware contain multiple vulnerabilities

Overview Supermicro Intelligent Platform Management Interface IPMI implementations based on ATEN firmware contain multiple vulnerabilities in their web management interface. Description CWE-121: Stack-based Buffer Overflow - CVE-2013-3607The Supermicro IPMI web interface contains multiple buffer...

10CVSS9.5AI score0.09731EPSS
Exploits3References4
CERT
CERT
•added 2010/10/25 12:0 a.m.•58 views

GNU C library dynamic linker expands $ORIGIN in setuid library search path

Overview Certain versions of glibc unsafely handle the $ORIGIN ELF substitution sequence which can be exploited to gain local privilege escalation. Description Tavis Ormandy's advisory states:"$ORIGIN is an ELF substitution sequence representing the location of the executable being loaded in the...

6.9CVSS8.9AI score0.08747EPSS
Exploits20References1
CERT
CERT
•added 2009/04/15 12:0 a.m.•58 views

Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control stack buffer overflows

Overview The Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Whale Communications Intelligent...

9.3CVSS7AI score0.45535EPSS
Exploits6References2
CERT
CERT
•added 2009/03/31 12:0 a.m.•58 views

SAP AG SAPgui EAI WebViewer3D ActiveX control stack buffer overflow

Overview The Siemens Unigraphics Solutions Teamcenter Visualization EAI WebViewer3D ActiveX control, which comes with SAPgui, contains a stack buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SAP AG SAPgui includes an...

9.3CVSS6.9AI score0.40307EPSS
Exploits8References2
CERT
CERT
•added 2008/08/25 12:0 a.m.•58 views

SoftArtisans XFile FileManager ActiveX control stack buffer overflows

Overview The SoftArtisans XFile FileManager ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SoftArtisans XFile is an ActiveX file transfer application. The XFile FileManager...

9.3CVSS7.2AI score0.29613EPSS
Exploits4References3
CERT
CERT
•added 2008/01/25 12:0 a.m.•58 views

GE Fanuc CIMPLICITY HMI heap buffer overflow

Overview GE Fanuc CIMPLICITY HMI contains a remotely accessible heap buffer overflow vulnerability which may allow a remote attacker to execute arbitrary code. Description GE Fanuc CIMPLICITY HMI is software used for monitoring and control in Supervisory Control And Data Acquisition SCADA systems...

10CVSS7.9AI score0.07917EPSS
Exploits0References3
CERT
CERT
•added 2007/11/24 12:0 a.m.•58 views

Apple QuickTime RTSP Content-Type header stack buffer overflow

Overview Apple QuickTime contains a stack buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Real Time Streaming Protocol RTSP is a protocol that is used by streaming media systems. The Appl...

9.3CVSS7AI score0.41916EPSS
Exploits10References14
CERT
CERT
•added 2007/11/19 12:0 a.m.•58 views

Invensys Wonderware InTouch creates insecure NetDDE share

Overview Invensys Wonderware InTouch 8.0 creates a NetDDE share that could allow an attacker to run arbitrary programs. Description Invensys Wonderware InTouch HMI Software is used in Supervisory Control And Data Acquisition SCADA systems.Dynamic Data Exchange DDE was designed to allow Microsoft...

9CVSS9AI score0.03EPSS
Exploits0References13
CERT
CERT
•added 2007/05/08 12:0 a.m.•58 views

Microsoft Cryptographic API Component Object Model Certificates ActiveX control contains a remote code execution vulnerability

Overview Microsoft Cryptographic API Component Object Model CAPICOM Certificates ActiveX control contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Microsoft Cryptographic API Component Object Model CAPICOM Certificates ActiveX...

9.3CVSS6.9AI score0.75678EPSS
Exploits0References3
CERT
CERT
•added 2007/02/20 12:0 a.m.•58 views

JBoss Application Server may not properly restrict access to the administrative interface

Overview The JBoss Application Server may allow unauthenticated, remote access to the administrative console. Description JBoss is an open source application server implemented in Java. Because it is Java-based, JBoss can be used on any operating system that supports Java. JBoss servers can be...

7.5CVSS7.5AI score0.81775EPSS
Exploits5References5
CERT
CERT
•added 2006/08/10 12:0 a.m.•58 views

Microsoft Windows Kernel vulnerable to privilege escalation

Overview Microsoft Windows contains a privilege escalation vulnerability that could allow an authenticated, local attacker to gain complete control of the affected system. Description Winlogon is the component of Microsoft Windows responsible for interactive, security related functions. Upon logo...

7.2CVSS6.6AI score0.01659EPSS
Exploits0References2
CERT
CERT
•added 2006/06/28 12:0 a.m.•58 views

Microsoft Internet Explorer HTML Document object cross-domain vulnerability

Overview Microsoft Internet Explorer contains a cross-domain vulnerability in how it handles redirected object data. This could allow an attacker to access the content of a web page in a different domain. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintai...

7.5CVSS5.2AI score0.55917EPSS
Exploits0References6
Total number of security vulnerabilities3704