Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
•added 2022/05/09 12:0 a.m.•57 views

uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID

Overview The uClibc and uClibc-ng libraries, prior to uClibc-ng 1.0.41, are vulnerable to DNS cache poisoning due to the use of predicatble DNS transaction IDs when making DNS requests. This vulnerability can allow an attacker to perform DNS cache poisoning attacks against a vulnerable environmen...

6.5CVSS6.4AI score0.11264EPSS
Exploits0References14
CERT
CERT
•added 2020/11/10 12:0 a.m.•57 views

Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks

Overview The Replay Protected Memory Block RPMB protocol found in several storage specifications does not securely protect against replay attacks. An attacker with physical access can deceive a trusted component about the status of an RPBM write command or the content of an RPMB area. Description...

6.8CVSS6.7AI score0.004EPSS
Exploits0References4
CERT
CERT
•added 2019/11/01 12:0 a.m.•57 views

Microsoft Office for Mac cannot properly disable XLM macros

Overview The Microsoft Office for Mac option "Disable all macros without notification" enables XLM macros without prompting, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description XLM macros Up to and including Microsoft Excel 4.0, a macro...

7.8CVSS7.8AI score0.03264EPSS
Exploits0References6
CERT
CERT
•added 2019/08/01 12:0 a.m.•57 views

Cylance Antivirus Products Susceptible to Concatenation Bypass

Overview The Cylance AI-based antivirus product, prior to July 21, 2019, contains flaws that allow an adversary to craft malicious files that the AV product will likely mistake for benign files. Description Cylance PROTECT is an endpoint protection system. It contains an antivirus functionality...

7.1AI score
Exploits0References10
CERT
CERT
•added 2017/03/16 12:0 a.m.•57 views

Commvault Edge contains a buffer overflow vulnerability

Overview Commvault Edge, version 11 SP6 11.80.50.0, is vulnerable to a stack-based buffer overflow vulnerability. Description CWE-121: Stack-based Buffer Overflow - CVE-2017-3195A stack based buffer overflow in the Commvault Edge Communication Service cvd allows remote attackers to execute...

10CVSS9.9AI score0.21387EPSS
Exploits2References2
CERT
CERT
•added 2016/09/06 12:0 a.m.•57 views

Open Dental uses blank database password by default

Overview Open Dental is medical dental records management software. Open Dental version 16.1, and previous versions, installs with a blank root database MySQL password by default.. An attacker with network access to an Open Dental MySQL database could read, modify, or delete data. This...

9.8CVSS9.4AI score0.02489EPSS
Exploits0References8
CERT
CERT
•added 2016/08/01 12:0 a.m.•57 views

Crestron AirMedia AM-100 contains multiple vulnerabilities

Overview The Crestron AirMedia AM-100 with firmware prior to version 1.4.0.13 is vulnerable to path traversal and command injection. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2016-5639 A path traversal vulnerability exists in login.cgi...

10CVSS8.4AI score0.20842EPSS
Exploits4References5
CERT
CERT
•added 2014/09/11 12:0 a.m.•57 views

Embarcadero Delphi and C++Builder VCL BMP file processing buffer overflow

Overview Embarcadero Delphi and C++ Builder Visual Component Library VCL bitmap BMP file processing code contains a buffer overflow that could allow an attacker to execute arbitrary code. Description Embarcadero Delphi and C++ Builder tools contain a buffer overflow CWE-119 in VCL BMP file...

6.8CVSS7.4AI score0.05697EPSS
Exploits0References5
CERT
CERT
•added 2014/04/11 12:0 a.m.•57 views

ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities

Overview ZyXEL Wireless N300 NetUSB Router NBG-419N running firmware version 1.00BFQ.6C0, and possibly earlier versions, is susceptible to multiple vulnerabilities. Other device models that use similar firmware may also be vulnerable. Description ZyXEL Wireless N300 NetUSB Router NBG-419N running...

7.9CVSS8.2AI score0.01146EPSS
Exploits0References5
CERT
CERT
•added 2013/05/06 12:0 a.m.•57 views

Microsoft Internet Explorer 8 CGenericElement object use-after-free vulnerability

Overview Microsoft Internet Explorer 8 contains a use-after-free vulnerability in the CGenericElement object, which is currently being exploited in the wild. Description Microsoft Security Advisory 2847140 states:Internet Explorer 6, Internet Explorer 7, Internet Explorer 9, and Internet Explorer...

9.3CVSS8.8AI score0.77889EPSS
Exploits11References7
CERT
CERT
•added 2009/03/02 12:0 a.m.•57 views

libpng fails to properly initialize element pointers

Overview Libpng contains a vulnerability in the way element pointers are handled. Description A vulnerability in the way libpng handles element pointers may result in uninitialized element pointers. This vulnerability is due to an off-by-one error introduced in multiple functions in libpng-0.89c...

6.8CVSS8.7AI score0.04825EPSS
Exploits2References1
CERT
CERT
•added 2008/09/16 12:0 a.m.•57 views

InstallShield / Macrovision / Acresso FLEXnet Connect insecurely retrieves and executes scripts

Overview Acresso FLEXnet Connect executes scripts that are insecurely retrieved from a remote web server, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Acresso FLEXnet Connect is a software package that allows vendors to provide...

9.3CVSS6.6AI score0.01632EPSS
Exploits0References3
CERT
CERT
•added 2008/08/18 12:0 a.m.•57 views

Postfix local privilege escalation

Overview The Postfix MTA contains a local privilege escalation vulnerability. Description Postfix is an mail transport agent MTA that is used by several Unix-like operating systems. Symbolic links and hard links are types of files that reference other files. Unlike hard links, symbolic links can...

6.2CVSS5.6AI score0.01001EPSS
Exploits6References5
CERT
CERT
•added 2007/11/19 12:0 a.m.•57 views

Invensys Wonderware InTouch creates insecure NetDDE share

Overview Invensys Wonderware InTouch 8.0 creates a NetDDE share that could allow an attacker to run arbitrary programs. Description Invensys Wonderware InTouch HMI Software is used in Supervisory Control And Data Acquisition SCADA systems.Dynamic Data Exchange DDE was designed to allow Microsoft...

9CVSS9AI score0.03EPSS
Exploits0References13
CERT
CERT
•added 2007/04/12 12:0 a.m.•57 views

PhpWiki fails to properly restrict uploaded files

Overview PhpWiki fails to properly restrict uploaded files, which can allow a remote attacker to execute arbitrary commands on a vulnerable system. Description PhpWiki is Wiki software that is implemented in PHP. PhpWiki includes an "UpLoad" feature that allows users to upload files. Files with a...

6.8CVSS7.5AI score0.03279EPSS
Exploits0References2
CERT
CERT
•added 2007/02/20 12:0 a.m.•57 views

JBoss Application Server may not properly restrict access to the administrative interface

Overview The JBoss Application Server may allow unauthenticated, remote access to the administrative console. Description JBoss is an open source application server implemented in Java. Because it is Java-based, JBoss can be used on any operating system that supports Java. JBoss servers can be...

7.5CVSS7.5AI score0.81775EPSS
Exploits5References5
CERT
CERT
•added 2006/05/03 12:0 a.m.•57 views

Oracle views fail to enforce table security settings

Overview A vulnerability in the way Oracle handles views may allow an attacker to modify privileged database information. Description Database Views A view is a queryable aggregation of data from one or more tables that is stored and maintained. The Problem A vulnerability in the way that Oracle...

7.7AI score
Exploits0References5
CERT
CERT
•added 2004/06/15 12:0 a.m.•57 views

Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"

Overview The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts. Description Several versions of the Linux kernel contain a defect in their use of the Intel processor instruction set. The "fsave" and "frstor" instructions are used to store an...

7.3AI score
Exploits0References3
CERT
CERT
•added 2002/11/13 12:0 a.m.•57 views

Overly large OPT record assertion

Overview A remotely exploitable denial-of-service vulnerability exists in BIND. Based on recent reports, we believe this vulnerability is being actively exploited. Description A remotely exploitable denial-of-service vulnerability exists in BIND 8.3.0 - 8.3.3. ISC's description of this...

5CVSS7.6AI score0.096EPSS
Exploits0References3
CERT
CERT
•added 2002/02/28 12:0 a.m.•57 views

Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via cache directory name

Overview A buffer overflow vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. This vulnerability could allow an unauthenticated remote attacker to cause a denial-of-service or execute arbitrary code on the system...

7.5CVSS9.8AI score0.13139EPSS
Exploits0References6
CERT
CERT
•added 2000/10/31 12:0 a.m.•57 views

Wang/Kodak Image Edit ActiveX control

Overview Description The Image Edit control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Edit control is one of several controls used to provide image editting services through a web site. Because the...

10CVSS6.2AI score0.24429EPSS
Exploits0References2
CERT
CERT
•added 2015/07/11 12:0 a.m.•56 views

Adobe Flash ActionScript 3 opaqueBackground use-after-free vulnerability

Overview Adobe Flash Player contains a vulnerability in the ActionScript 3 opaqueBackground property, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Flash Player versions 9.0 through version 18.0.0.204 contain a use-after-fre...

10CVSS9.6AI score0.93688EPSS
Exploits5References9
CERT
CERT
•added 2008/10/31 12:0 a.m.•56 views

Automated Solutions Modbus TCP Slave ActiveX Control Vulnerability

Overview Automated Solutions Modbus TCP Slave ActiveX Control contains a vulnerability that may allow a remote attacker to execute arbitrary code or cause a denial-of-service. Description Automated Solutions Modbus TCP Slave ActiveX Control fails to properly process malformed "Modbus" requests to...

7.5CVSS7.6AI score0.04734EPSS
Exploits0References8
CERT
CERT
•added 2008/04/25 12:0 a.m.•56 views

CUPS integer overflow vulnerability

Overview CUPS contains an integer overflow that may allow a remote attacker to cause a vulnerable system to crash. Description The Common Unix Printing System CUPS is a print server that is used and distributed by many Unix-like operating systems. CUPS contains an integer overflow vulnerability...

4.3CVSS7.5AI score0.02EPSS
Exploits1References5
CERT
CERT
•added 2007/12/17 12:0 a.m.•56 views

Meridian Prolog Manager uses weak authentication to store and transmit user credentials

Overview Meridian Systems Prolog Manager does not use strong encryption and returns a list of all user credentials when authenticating clients. These behaviors could allow an attacker to obtain user credentials and decrypt passwords. Description Meridian Systems Prolog Manager is a set of...

10CVSS6.7AI score0.05075EPSS
Exploits0References5
CERT
CERT
•added 2005/11/22 12:0 a.m.•56 views

Microsoft Internet Explorer vulnerable to code execution via mismatched DOM objects

Overview Microsoft Internet Explorer fails to properly handle requests to mismatched DOM objects, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer does not properly handle requests to mismatched DOM objects, such as the...

2.6CVSS6.1AI score0.83472EPSS
Exploits9References8
CERT
CERT
•added 2005/07/13 12:0 a.m.•56 views

MIT Kerberos 5 allows unauthenticated attacker to cause MIT krb5 Key Distribution Center to overflow a heap buffer by one byte

Overview Unauthenticated attacker can cause MIT krb5 Key Distribution Center KDC to overflow a heap buffer by one byte, possibly leading to arbitrary code execution. Description Kerberos is a network authentication system which uses a trusted third party a KDC to authenticate clients and servers ...

7.5CVSS10AI score0.08425EPSS
Exploits0References2
CERT
CERT
•added 2005/07/01 12:0 a.m.•56 views

Microsoft Message Queuing vulnerable to buffer overflow

Overview Microsoft Message Queuing contains a buffer overflow vulnerability. This could allow a remote attacker to execute arbitrary code on the system running the vulnerable software. Description Microsoft Message Queuing MSMQ is a component of Microsoft Windows that provides messaging services...

10CVSS7.2AI score0.76803EPSS
Exploits10References6
CERT
CERT
•added 2005/01/05 12:0 a.m.•56 views

Microsoft Internet Explorer DHTML Editing ActiveX control contains a cross-domain vulnerability

Overview A cross-domain vulnerability exists in the DHTML Editing ActiveX control. An attacker may be able to execute arbitrary script in the Local Machine Zone or read or modify data in other domains. For example, the attacker could execute arbitrary commands with parameters, download and execut...

5CVSS5.9AI score0.26162EPSS
Exploits1References15
CERT
CERT
•added 2004/08/20 12:0 a.m.•56 views

Mozilla contains a buffer overflow in the SendUidl() function

Overview A vulnerability in the way Mozilla handles certain types of POP3 responses could allow a remote attacker to execute arbitrary code on an affected system. Description Post Office Protocol Version 3 POP3 is a mail protocol that provides a means for retrieving email from a remote server. Th...

10CVSS7.4AI score0.05346EPSS
Exploits0References7
CERT
CERT
•added 2000/11/20 12:0 a.m.•56 views

Microsoft IIS 4.0 / 5.0 vulnerable to directory traversal via extended unicode in url

Overview A vulnerability exists in Microsoft IIS 4 and 5 such that an attacker visiting an IIS web site can execute arbitrary code with the privileges of the IUSRmachinename account. This vulnerability is referred to as the "Web Server Folder Directory Traversal" vulnerability. This vulnerability...

7.5CVSS7.1AI score0.7055EPSS
Exploits4References3
CERT
CERT
•added 2020/05/14 12:0 a.m.•55 views

Samsung Qmage codec for Android Skia library does not properly validate image files

Overview The Samsung Qmage codec used in the Android Skia library does not properly validate image files. A number of memory corruption vulnerabilities allow an attacker to execute arbitrary code by causing a vulnerable system to parse a Qmage file. Description The Samsung May 2020 Android Securi...

10CVSS9.8AI score0.05711EPSS
Exploits2References3
CERT
CERT
•added 2017/01/31 12:0 a.m.•55 views

SHDesigns Resident Download Manager does not authenticate firmware downloads

Overview SHDesigns' Resident Download Manager as well as the Ethernet Download Manager does not authenticate firmware downloads before executing code and deploying them to devices. Description CWE-494: Download of Code Without Integrity Check- CVE-2016-6567SHDesigns' Resident Download Manager...

10CVSS9.9AI score0.0294EPSS
Exploits0References4
CERT
CERT
•added 2017/01/03 12:0 a.m.•55 views

ShoreTel Mobility Client mobile application does not verify SSL certificates

Overview ShoreTel Mobility Client for iOS and Android, version 9.1.3.109 and earlier, fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle MITM attacks. Description CWE-295: Improper Certificate Validation -...

7.5CVSS7.3AI score0.00437EPSS
Exploits0References4
CERT
CERT
•added 2016/12/12 12:0 a.m.•55 views

McAfee VirusScan for Linux contains multiple vulnerabilities

Overview McAfee VirusScan for Linux contains multiple vulnerabilities. Description McAfee VirusScan for Linux version 2.0.3 and prior is vulnerable to the following:CWE-200: Information Exposure - CVE-2016-8016 Multiple pages within the web interface utilize a tplt parameter. An authenticated...

8.1CVSS7.9AI score0.13293EPSS
Exploits7References2
CERT
CERT
•added 2016/09/13 12:0 a.m.•55 views

AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities

Overview AVer Information EH6108H+ hybrid DVR, version X9.03.24.00.07l and possibly earlier, reportedly contains multiple vulnerabilities, including undocumented privileged accounts, authentication bypass, and information exposure. Description AVer Information EH6108H+ hybrid DVR is an IP securit...

10CVSS9.1AI score0.0258EPSS
Exploits2References5
CERT
CERT
•added 2016/03/24 12:0 a.m.•55 views

Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities

Overview Granite Data Services version 3.1.1-SNAPSHOT AMF framework is vulnerable to XML external entity XXE attack that may be leveraged to expose sensitive data on the host.. Description CWE-611- Improper Restriction of XML External Entity Reference 'XXE' - CVE-2016-2340 Granite Data Services...

5.5CVSS5AI score0.01643EPSS
Exploits1References2
CERT
CERT
•added 2016/01/12 12:0 a.m.•55 views

Samsung SRN-1670D camera contains multiple vulnerabilities

Overview The Samsung SRN-1670D camera contains multiple vulnerabilities. Description CWE-264: Permissions, Privileges, and Access Controls - CVE-2015-8279 An undocumented PHP request may be used to read arbitrary files from the system. CWE-200: Information Exposure - CVE-2015-8280 The interface...

8.6CVSS8AI score0.51379EPSS
Exploits5References1
CERT
CERT
•added 2014/05/30 12:0 a.m.•55 views

Huawei E303 contains a cross-site request forgery vulnerability

Overview The built-in web interface of Huawei E303 devices contains a cross-site request forgery vulnerability. Description Huawei E303 wireless broadband modems include a web interface for administration and additional services. The web interface allows users to send and receive SMS messages usi...

6.8CVSS6.3AI score0.01078EPSS
Exploits0References3
CERT
CERT
•added 2012/05/29 12:0 a.m.•55 views

Bloxx Web Filtering multiple vulnerabilities

Overview Bloxx Web Filtering contains multiple XSS, CSRF, and authentication bypass vulnerabilities. Description According to Bloxx's website, Bloxx Web Filtering is a real-time Web content filter which performs live analysis and real-time categorization of Web pages to dramatically improve...

6.8CVSS8.3AI score0.02079EPSS
Exploits0References6
CERT
CERT
•added 2009/07/28 12:0 a.m.•55 views

ISC BIND 9 vulnerable to denial of service via dynamic update request

Overview ISC BIND 9 contains a vulnerability that may allow a remote, unauthenticated attacker to create a denial-of-service condition. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. It includes support f...

4.3CVSS7.2AI score0.12649EPSS
Exploits1References6
CERT
CERT
•added 2007/02/22 12:0 a.m.•55 views

VeriSign Managed PKI Configuration Checker ActiveX control stack buffer overflow

Overview The VeriSign Configuration Checker ActiveX control contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The VeriSign Configuration Checker ActiveX control is provided by web-based digital...

9.3CVSS7.3AI score0.0823EPSS
Exploits0References9
CERT
CERT
•added 2006/12/13 12:0 a.m.•55 views

Sun Secure Global Desktop Software (SSGD) contains multiple cross-site scripting vulnerabilities

Overview The Sun Secure Global Desktop SSGD contains cross-site scripting vulnerabilities. Description Sun Secure Global Desktop formerly Tarantella contains multiple input validation vulnerabilities due to failure to properly sanitize user input. The following modules do not properly filter HTML...

6.8CVSS6.7AI score0.0285EPSS
Exploits0References8
CERT
CERT
•added 2006/07/28 12:0 a.m.•55 views

Apache mod_rewrite contains off-by-one error in ldap scheme handling

Overview A vulnerability in a common Apache HTTP server module, modrewrite, could allow a remote attacker to execute arbitrary code on an affected web server. Description The Apache HTTP server distribution includes a number of supplemental modules that provide additional functionality to the web...

7.6CVSS9.4AI score0.96436EPSS
Exploits20References14
CERT
CERT
•added 2005/07/06 12:0 a.m.•55 views

Multiple PHP XML-RPC implementations vulnerable to code injection

Overview A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Description XML-RPC is a specification and a set of implementations that allow software running on disparate operating systems and in different environments to make...

7.5CVSS6.6AI score0.79071EPSS
Exploits5References16
CERT
CERT
•added 2005/06/08 12:0 a.m.•55 views

Cisco IOS Easy VPN Server may allow unauthorized users to complete XAUTH authentication

Overview A vulnerability in Cisco IOS Easy VPN Server may allow unauthorized users to complete XAUTH authentication and potentially access private network resources. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...

7.5CVSS6.7AI score0.01444EPSS
Exploits0References8
CERT
CERT
•added 2005/03/08 12:0 a.m.•55 views

SafeNet Sentinel License Manager vulnerable to buffer overflow

Overview SafeNet Sentinel License Manager contains a buffer overflow vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on the server. Description SafeNet Sentinel License Manager LM is a software-based license management application. It is reported that th...

10CVSS7.5AI score0.7113EPSS
Exploits4References3
CERT
CERT
•added 2004/05/07 12:0 a.m.•55 views

Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests

Overview There is a buffer overflow vulnerability in the way Apple's AppleFileServer handles certain authentication requests. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code. Description The AppleFileServer provides Apple Filing Protocol AFP services f...

5.1CVSS8AI score0.41303EPSS
Exploits6References5
CERT
CERT
•added 2003/10/16 12:0 a.m.•55 views

Buffer overflow in Microsoft Messenger Service

Overview There is a buffer overflow in the Microsoft Windows Messenger service that could allow an attacker to execute arbitrary code on most recent versions of Microsoft Windows. Description There is a buffer overflow vulnerability in the Microsoft Windows Messenger service. This could allow an...

7.5CVSS7.2AI score0.63464EPSS
Exploits2References2
CERT
CERT
•added 2003/03/21 12:0 a.m.•55 views

Icecast vulnerable to buffer overflow via long GET request

Overview A remotely exploitable buffer overflow exists in Icecast. Description A remotely exploitable buffer overflow exists in Icecast. By sending on overly long GET request to the server, an attacker can execute arbitrary code with the privileges of the Icecast server, or cause the service to...

7.5CVSS7.4AI score0.09549EPSS
Exploits0References2
Total number of security vulnerabilities3704