Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2022/10/07 12:0 a.m.52 views

Heimdal Kerberos vulnerable to remotely triggered NULL pointer dereference

Overview The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash. Description CVE-2022-3116 A flawed logical condition in...

7.5CVSS7.2AI score0.00885EPSS
Exploits0
CERT
CERT
added 2020/10/22 12:0 a.m.52 views

Chocolatey Boxstarter is vulnerable to privilege escalation due to weak ACLs

Overview Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description CVE-2020-15264 The Chocolatey Boxstarter installer fails to set a secure access-control list ACL on the...

8CVSS8.2AI score0.01487EPSS
Exploits0References2
CERT
CERT
added 2017/06/08 12:0 a.m.52 views

CalAmp LMU-3030 devices may not authenticate SMS interface

Overview OBD-II devices are used to provide telematics information for managers of fleets of vehicles. One type of device, manufactured by CalAmp, has an SMS text message interface. We have found multiple deployments where no password was configured for this interface by the integrator / reseller...

9.3CVSS8.4AI score0.02047EPSS
Exploits0References1
CERT
CERT
added 2016/09/07 12:0 a.m.52 views

DEXIS Imaging Suite 10 contains hard-coded credentials

Overview DEXIS is a dental x-ray imaging software that manages patient records. DEXIS Imaging Suite 10 contains several hard-coded credentials allowing administrative or root access to the patient database. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6532 DEXIS Imaging Suite 10...

10CVSS10AI score0.03266EPSS
Exploits0References1
CERT
CERT
added 2015/11/02 12:0 a.m.52 views

MobaXterm server may allow arbitrary command injection due to missing X11 authentication

Overview The MobaXterm server prior to verion 8.3 is vulnerable to arbitrary command injection over port 6000 when using default X11 settings. Description CWE-306: Missing Authentication for Critical Function - CVE-2015-7244MobaXterm server prior to version 8.3 includes an X11 server listening on...

7.5CVSS7.5AI score0.05049EPSS
Exploits0References2
CERT
CERT
added 2014/11/03 12:0 a.m.52 views

uIP and lwIP DNS resolver vulnerable to cache poisoning

Overview The DNS resolver implemented in uIP and lwIP is vulnerable to cache poisoning due to non-randomized transaction IDs TXIDs and source port reuse. Description CWE-330: Use of Insufficiently Random Values - CVE-2014-4883The DNS resolver implemented in all versions of uIP, as well as lwIP...

4.3CVSS6.6AI score0.00572EPSS
Exploits0References5
CERT
CERT
added 2014/10/03 12:0 a.m.52 views

HP System Management Homepage vulnerable to cross-site scripting

Overview HP System Management Homepage versions 7.2.3 and 7.3.2.1 contain a reflected cross site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-2640HP System Management Homepage versions 7.2.3 and 7.3.2.1...

4.3CVSS5.7AI score0.03884EPSS
Exploits0References2
CERT
CERT
added 2013/12/02 12:0 a.m.52 views

EMC Document Sciences xPression contains multiple vulnerabilities

Overview EMC Document Sciences xPression 4.2 Patch 16 and possibly earlier versions contain path traversal, SQL injection, cross-site scripting XSS, open redirect, and cross-site request forgery CSRF vulnerabilities. Description EMC Document Sciences xPression 4.2 Patch 16 and possibly earlier...

6.8CVSS7.6AI score0.02403EPSS
Exploits0References2
CERT
CERT
added 2013/10/22 12:0 a.m.52 views

DrayTek Vigor 2700 ADSL router contains a command injection vulnerability

Overview DrayTek Vigor 2700 ADSL router version 2.8.3 and possibly earlier versions contain a command injection vulnerability via malicious SSID CWE-77. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' DrayTek Vigor 2700 ADSL router version 2.8...

6.8CVSS7AI score0.0126EPSS
Exploits0References2
CERT
CERT
added 2013/06/10 12:0 a.m.52 views

Faircom c-treeACE database weak obfuscation algorithm vulnerability

Overview Faircom c-treeACE provides a weak obfuscation algorithm CWE-327 that may be unobfuscated without knowledge of a key or password. The algorithm was formerly called Faircom Standard Encryption but is now called Data Camouflage. Description Faircom c-treeACE provides a weak obfuscation...

7.1CVSS6.2AI score0.00691EPSS
Exploits0References4
CERT
CERT
added 2012/07/13 12:0 a.m.52 views

Johnson Controls CK721-A and P2000 remote command execution vulnerability

Overview Johnson Controls CK721-A and P2000 products contain a remote command execution vulnerability which may allow an unauthenticated remote attacker to perform various tasks against the devices. Description The "download" port tcp/41014 on the CK721-A device is vulnerable to remote command...

7.5CVSS6.7AI score0.01817EPSS
Exploits0
CERT
CERT
added 2011/01/11 12:0 a.m.52 views

Ecava IntegraXor web service allows directory traversal outside of web root

Overview Ecava IntegraXor contains a directory traversal vulnerability Description According to Ecava's website: IntegraXor is a suite of tools used to create and run a web-based HMI interface for a Supervisory Control and Data Acquisition SCADA system. Ecava IntegraXor runs a web service that...

5CVSS6.5AI score0.26482EPSS
Exploits1References3
CERT
CERT
added 2010/08/04 12:0 a.m.52 views

Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control stack buffer overflow

Overview The Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control contains a stack buffer overflow that could allow a remote attacker to execute arbitrary code on an affected system Description The Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control,...

7.9AI score
Exploits0
CERT
CERT
added 2008/03/20 12:0 a.m.52 views

Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value

Overview Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value, which may prevent Windows from effectively disabling AutoRun and AutoPlay features. Description AutoRun, which was introduced with Windows 95, is a feature that causes Windows to automatically take an actio...

9.3CVSS7AI score0.30112EPSS
Exploits0References11
CERT
CERT
added 2007/06/08 12:0 a.m.52 views

Yahoo! Webcam view utilities ActiveX control vulnerable to arbitrary code execution

Overview The Yahoo! Webcam view utilities ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Webcam is a component of Yahoo! Messenger that allows users to chat via webcams over ...

7.8AI score
Exploits0References3
CERT
CERT
added 2006/01/24 12:0 a.m.52 views

Oracle Database SYS.DBMS_METADATA_UTIL package SQL injection vulnerability

Overview Oracle Database SYS.DBMSMETADATAUTIL package vulnerable to SQL injection. Description The Oracle Database SYS.DBMSMETADATAUTIL package fails to properly filter user-supplied input. This may allow a remote attacker to insert arbitrary SQL commands, which may be executed by the database. W...

10CVSS6.6AI score0.05059EPSS
Exploits1References4
CERT
CERT
added 2005/07/02 12:0 a.m.52 views

JVIEW Profiler (javaprxy.dll) COM object contains an unspecified vulnerability

Overview The JVIEW Profiler COM object contains an unspecified vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable software components that can be...

5CVSS6.7AI score0.61372EPSS
Exploits4References9
CERT
CERT
added 2005/06/08 12:0 a.m.52 views

Apple Safari automatically installs Dashboard widgets

Overview Apple Safari on Mac OS X Tiger automatically installs Dashboard widgets without user intervention or notice. Description DashboardDashboard is a new feature introduced in Apple Mac OS X Tiger 10.4. Dashboard is a collection of applications called "widgets." The system-installed widgets a...

7.5CVSS6.6AI score0.01292EPSS
Exploits0References10
CERT
CERT
added 2005/05/23 12:0 a.m.52 views

Simultaneous multithreading processors may leak information through cache eviction analysis techniques

Overview Operating systems on hardware platforms supporting simultaneous multi-threading Hyper-Threading technology in particular are potentially vulnerable to information leakage to local users. Proof of concept papers and code demonstrating successful attacks against cryptographic keys are in...

5.6CVSS5.6AI score0.00505EPSS
Exploits0References5
CERT
CERT
added 2005/02/21 12:0 a.m.52 views

mod_python vulnerable to information disclosure via crafted URL

Overview The Apache modpython module is vulnerable to unintended remote information disclosure using specially crafted URLs. Description From the modpython web page:Modpython is an Apache module that embeds the Python interpreter within the server. With modpython you can write web-based...

7.1AI score
Exploits0References6
CERT
CERT
added 2003/11/18 12:0 a.m.52 views

Microsoft Internet Explorer does not properly validate URL sources

Overview Microsoft Internet Explorer IE does not properly determine the source of script used in URLs. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary...

7.5CVSS7.5AI score0.48374EPSS
Exploits0References25
CERT
CERT
added 2003/09/30 12:0 a.m.52 views

OpenSSL contains integer overflow handling ASN.1 tags (1)

Overview A vulnerability in the way OpenSSL handles ASN.1 tags could allow a remote attacker to cause a denial of service. Description OpenSSL implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols and includes a general purpose cryptographic library. SSL and TLS are...

5CVSS9.3AI score0.24647EPSS
Exploits0References6
CERT
CERT
added 2003/07/31 12:0 a.m.52 views

realpath(3) function contains off-by-one buffer overflow

Overview A function originally derived from 4.4BSD, realpath3, contains a vulnerability that may permit a malicious user to gain root access to the server. This function was derived from the FreeBSD 3.x tree. Other applications and operating systems that use or were derived from this code base ma...

10CVSS9.5AI score0.78115EPSS
Exploits1References3
CERT
CERT
added 2002/10/17 12:0 a.m.52 views

Microsoft Word and Excel documents allow local file reading by via embedded fields

Overview Microsoft Word and Excel contain special encoding tags for formatting and updating content. An attacker may be able to use these tags to exploit an information disclosure vulnerability. Description Microsoft Word and Microsoft Excel are applications that ship as part of the Microsoft...

5CVSS5.5AI score0.53564EPSS
Exploits1References2
CERT
CERT
added 2002/04/10 12:0 a.m.52 views

Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 buffer overflow in chunked encoding transfer mechanism for ASP

Overview A buffer overflow vulnerability in IIS 4.0, 5.0, and 5.1 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the ASP ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to ...

7.5CVSS7.6AI score0.52162EPSS
Exploits0References3
CERT
CERT
added 2001/05/17 12:0 a.m.52 views

ld.so fails to unset LD_PRELOAD before executing suid root programs

Overview ld.so fails to unset LDPRELOAD before executing suid root programs, allowing loading of insecure or malicious libraries. Description ld.so, the UNIX/LINUX dynamic loader, fails in some conditions and some operating system releases to unset LDPRELOAD before loading suid root programs for...

7.2CVSS6.9AI score0.01232EPSS
Exploits1References1
CERT
CERT
added 2001/05/02 12:0 a.m.52 views

Microsoft Windows 2000/Internet Information Server (IIS) 5.0 Internet Printing Protocol (IPP) ISAPI contains buffer overflow (MS01-023)

Overview A vulnerability exists in Microsoft IIS 5.0 running on Windows 2000 that allows a remote intruder to run arbitrary code on the victim machine. Description Windows 2000 includes support for the Internet Printing Protocol IPP via an ISAPI extension. According to Microsoft, this extension i...

10CVSS7.5AI score0.87032EPSS
Exploits10References6
CERT
CERT
added 2000/09/26 12:0 a.m.52 views

IP Fragmentation Denial-of-Service Vulnerability in FireWall-1

Overview A large stream of IP traffic can monopolize the CPU of a Check Point FireWall-1 firewall, resulting in a denial-of-service condition. Description A denial-of-service vulnerability has been discovered in the FireWall-1 product from Check Point Software Technologies. Check Point has tested...

5CVSS6.2AI score0.06441EPSS
Exploits1References3
CERT
CERT
added 2017/03/07 12:0 a.m.51 views

ACTi cameras models from the D, B, I, and E series contain multiple security vulnerabilities

Overview According to the reporter, ACTi devices including D, B, I, and E series models using firmware version A1D-500-V6.11.31-AC are vulnerable to several issues. Description According to the reporter, multiple ACTi devices, including the D, B, I, and E series models, that use firmware version...

10CVSS9.7AI score0.06085EPSS
Exploits0References4
CERT
CERT
added 2015/07/13 12:0 a.m.51 views

Kaseya Virtual System Administrator contains multiple vulnerabilities

Overview Kaseya Virtual System Administrator VSA, versions R9 and possibly earlier, contains arbitrary file download and open redirect vulnerabilities. Description CWE-22: Improper Limitation of Pathname to a Restricted Directory 'Path Traversal' - CVE-2015-2862Kaseya VSA is an IT management...

4.3CVSS9.3AI score0.10317EPSS
Exploits2References3
CERT
CERT
added 2015/07/06 12:0 a.m.51 views

ANTLabs InnGate gateway device contains SQL injection and reflected cross-site scripting vulnerabilities

Overview ANTlabs InnGate is a gateway device designed for operating corporate guest/visitor networks. Multiple InnGate models have been confirmed to be vulnerable to SQL injection and cross-site scripting attacks. Description CWE-89: Improper Neutralization of Special Elements used in an SQL...

7.5CVSS7.5AI score0.01349EPSS
Exploits0
CERT
CERT
added 2014/04/01 12:0 a.m.51 views

Zyxel P660 series modem/router denial of service vulnerability

Overview Zyxel P660 series modem/router contains a denial of service vulnerability when parsing a high volume of SYN packets on the web management interface. Description It has been reported that Zyxel P660 series modem/router and possibly other models which share the same core firmware fail to...

7.8CVSS7.6AI score0.02189EPSS
Exploits1References1
CERT
CERT
added 2012/11/02 12:0 a.m.51 views

Fortigate UTM appliances share the same default CA certificate

Overview Fortigate UTM appliances that support SSL/TLS deep packet inspection share the same self-signed Fortigate CA certificate and associated private key across all devices. The private key, which has been compromised, allows attackers to create and sign fake certificates. Description Fortigat...

5.6AI score
Exploits0References5
CERT
CERT
added 2012/06/04 12:0 a.m.51 views

Quagga BGP OPEN denial of service vulnerability

Overview Quagga, a routing software suite, contains a BGP OPEN vulnerability that result in a denial-of-service condition. Description CVE-2012-1820: Quagga version 0.99.20.1 and before contains a bug in BGP OPEN message handling. Program Impacted: bgpd: fix DoS in bgpcapabilityorf Description: I...

2.9CVSS6AI score0.01056EPSS
Exploits0References1
CERT
CERT
added 2011/03/15 12:0 a.m.51 views

Adobe Flash Player contains unspecified code execution vulnerability

Overview Adobe Flash contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The following versions of Adobe Flash versions contain an unspecified vulnerability that can result in memory corruption: Adobe Flash Playe...

9.3CVSS7.8AI score0.66821EPSS
Exploits8References5
CERT
CERT
added 2007/10/26 12:0 a.m.51 views

RSA Keon cross-site scripting vulnerabilities

Overview The RSA KEON Registration Authority web interface contains multiple cross-site scripting XSS vulnerabilities. Description The RSA Keon Certificate Authority CA software is a digital certificate management system. The RSA KEON Registration Authority allows the CA to handle large numbers o...

4.3CVSS5.5AI score0.01884EPSS
Exploits0References5
CERT
CERT
added 2006/10/27 12:0 a.m.51 views

ADODB.Connection ActiveX control memory corruption vulnerability

Overview The Execute function of the ADODB.Connection ActiveX object contains an unspecified vulnerability. This may allow a remote, unauthenticated attacker to cause Internet Explorer to crash or possibly execute arbitrary code. Description Microsoft ADO ActiveX Data Objects are "...

9.3CVSS7.1AI score0.43785EPSS
Exploits1References6
CERT
CERT
added 2006/09/28 12:0 a.m.52 views

X.509 certificate verification may be vulnerable to resource exhaustion

Overview Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. Description Included in X.509 certificates are public keys used for digital signature...

8.5AI score
Exploits0References12
CERT
CERT
added 2006/07/11 12:0 a.m.51 views

Microsoft Server Service Mailslot vulnerable to heap overflow

Overview A buffer overflow vulnerability in the Microsoft mailslot server service may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mailslot A mailslot is a temporary mechanism that can facilitate data transfer between hosts. Mailslots messages are limited ...

7.5CVSS7.5AI score0.64231EPSS
Exploits0References4
CERT
CERT
added 2005/11/11 12:0 a.m.51 views

Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file

Overview A buffer overflow vulnerability in some versions of the Macromedia Flash Player may allow a remote attacker to execute code on a vulnerable system. Description The Macromedia Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed...

5.1CVSS7.4AI score0.06756EPSS
Exploits1References10
CERT
CERT
added 2005/04/12 12:0 a.m.51 views

TCP/IP implementations do not adequately validate ICMP error messages

Overview Multiple TCP/IP implementations do not adequately validate ICMP error messages. A remote attacker could cause TCP connections to drop or be degraded using spoofed ICMP error messages. Description A number of widely accepted Internet standards describe different aspects of the relationshi...

7.5AI score
Exploits0References24
CERT
CERT
added 2005/02/04 12:0 a.m.51 views

Squid vulnerable to buffer overflow via an overly long WCCP message

Overview The Squid web proxy cache is vulnerable to a buffer overflow when handing overly long web cache communications protocol WCCP messages. Such messages could crash the Squid process and produce a denial of service condition. Description Squid functions as a web proxy and cache application f...

7.5CVSS6.6AI score0.22152EPSS
Exploits0References3
CERT
CERT
added 2004/11/22 12:0 a.m.51 views

InnerMedia DynaZip library vulnerable to buffer overflow via long file names

Overview Releases prior to version 5.00.04 of the InnerMedia DynaZip compression library contain a buffer overflow that may allow a remote attacker to execute arbitrary code. Description DynaZip is a popular compression library for the Microsoft Windows platform. A bounds checking deficiency in...

10CVSS7.4AI score0.09588EPSS
Exploits0References4
CERT
CERT
added 2004/10/21 12:0 a.m.51 views

Microsoft IIS contains vulnerability in NNTP service

Overview A vulnerability in the NNTP component of Microsoft IIS may allow a remote attacker to compromise the affected system. Description The Network News Transport Protocol NNTP is a protocol for the distribution, inquiry, retrieval, and posting of news articles over a network. Microsoft's...

10CVSS6.5AI score0.67822EPSS
Exploits0References2
CERT
CERT
added 2004/09/02 12:0 a.m.51 views

MIT Kerberos 5 ASN.1 decoding functions insecurely deallocate memory (double-free)

Overview The MIT Kerberos 5 library does not securely deallocate heap memory when decoding ASN.1 structures, resulting in double-free vulnerabilities. An unauthenticated, remote attacker could execute arbitrary code on a KDC server, which could compromise an entire Kerberos realm. An attacker may...

9.8AI score
Exploits0References8
CERT
CERT
added 2003/09/17 12:0 a.m.51 views

Sendmail prescan() buffer overflow vulnerability

Overview Sendmail contains a buffer overflow vulnerability in code that parses email addresses. This vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description Sendmail is a widely used mail transfer agent MTA. There is a...

7.2AI score
Exploits0References4
CERT
CERT
added 2003/07/17 12:0 a.m.51 views

Microsoft Windows RPC vulnerable to buffer overflow

Overview A buffer overflow vulnerability exists in Microsoft's Remote Procedure Call RPC implementation. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service. An exploit for this vulnerability is publicly available. Description Microsoft...

7.5CVSS7.4AI score0.98626EPSS
Exploits9References5
CERT
CERT
added 2003/07/15 12:0 a.m.51 views

Adobe PDF viewers allow non-certified plug-ins to put viewers into Certified Mode

Overview By default, Adobe PDF viewers will start up and load non-certified plug-ins installed in a local plugins directory. Adobe Reader plug-ins not certified by Adobe, if allowed to load, can execute arbitrary code in the process space of the running viewer. One incremental impact of such...

5CVSS7.1AI score0.0218EPSS
Exploits0References1
CERT
CERT
added 2003/01/21 12:0 a.m.51 views

Microsoft Virtual Machine allows untrusted applets to access the user.dir system property

Overview Some versions of the Microsoft virtual machine Microsoft VM contain a flaw that could leak information about the user's system. This flaw could allow malicious Java applets to get information they would normally be denied access to. Description The Microsoft virtual machine Microsoft VM...

5CVSS5.9AI score0.13858EPSS
Exploits0References2
CERT
CERT
added 2002/11/25 12:0 a.m.51 views

Solaris X Window Font Service (XFS) daemon contains buffer overflow in Dispatch() function

Overview A remotely exploitable buffer overflow has been discovered in the Solaris X Window Font Service XFS daemon fs.auto. Description ISS X-Force released an Advisory today regarding a remotely exploitable buffer overflow in XFS. According to ISS, XFS is installed and running by default on the...

7.5CVSS7.6AI score0.24029EPSS
Exploits0References2
Total number of security vulnerabilities3704