Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2006/01/20 12:0 a.m.49 views

Oracle TNS protocol fails to properly validate authentication requests

Overview The Oracle TNS protocol authentication mechanism fails to properly sanitize authentication requests, possibly allowing a remote attacker to execute arbitrary SQL statements with elevated privileges. Description Oracle databases authenticate and manage database connections via Oracle...

10CVSS7.4AI score0.05274EPSS
Exploits1References4
CERT
CERT
added 2005/06/27 12:0 a.m.49 views

Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"

Overview The Microsoft Log Sink Class ActiveX control is incorrectly marked safe for scripting. This may allow a remote attacker to create or append to arbitrary files on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to create reusable software components...

5CVSS6.1AI score0.12333EPSS
Exploits0References8
CERT
CERT
added 2005/01/06 12:0 a.m.49 views

Microsoft Windows LoadImage API vulnerable to integer overflow

Overview The Microsoft Windows LoadImage API routine is vulnerable to an integer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The LoadImage API routine is used to load an image from a file on Microsoft Windows platforms. The LoadImage API...

5.1CVSS7AI score0.29743EPSS
Exploits13References4
CERT
CERT
added 2004/11/29 12:0 a.m.49 views

Microsoft Windows Internet Naming Service (WINS) replication protocol contains a heap-based buffer overflow

Overview A buffer overflow vulnerability in the Microsoft Windows Internet Naming Service WINS replication protocol may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description The Microsoft WINS service maps IP addresses to NETBIOS computer names. WIN...

10CVSS7.2AI score0.81699EPSS
Exploits8References6
CERT
CERT
added 2004/09/14 12:0 a.m.49 views

Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations

Overview Microsoft Internet Explorer IE treats arbitrary files as images during drag and drop mouse operations. This could allow an attacker to trick a user into copying a file to a location where it may be executed, such as the Windows StartUp folder. Description IE treats any file referenced by...

5CVSS7.5AI score0.33081EPSS
Exploits1References7
CERT
CERT
added 2004/03/17 12:0 a.m.49 views

OpenSSL does not properly handle unknown message types

Overview OpenSSL does not properly handle unknown message types, allowing an unauthenticated, remote attacker to cause a denial of service. This vulnerability was addressed in OpenSSL 0.9.6d and 0.9.7. Description OpenSSL implements the Secure Sockets Layer SSL and Transport Layer Security TLS...

7.9AI score
Exploits0References6
CERT
CERT
added 2004/02/02 12:0 a.m.49 views

Microsoft Internet Explorer does not properly validate source of URL stored in Travel Log

Overview Microsoft Internet Explorer IE does not properly determine the source of script used in URLs stored in the "Travel Log." An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacke...

9.3CVSS7.3AI score0.39211EPSS
Exploits1References16
CERT
CERT
added 2003/04/23 12:0 a.m.49 views

SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension

Overview SSL/TLS implementations that respond distinctively to an incorrect PKCS 1 v1.5 encoded SSL/TLS version number expose the premaster secret to a modified Bleichenbacher attack. An attacker could decrypt a given SSL/TLS session or forge a signature on behalf of a vulnerable application's...

7.5CVSS8AI score0.0628EPSS
Exploits0References13
CERT
CERT
added 2003/03/21 12:0 a.m.49 views

Blahz-DNS does not properly authenticate users before granting access to various configuration pages

Overview Blahz-DNS does not properly authenticate users. Description Blahz-DNS does not properly authenticate users. As a result, an attacker can gain access to various configuration pages. For more detailed information, please see the ppp-design advisory. --- Impact An attacker can gain access t...

10CVSS6.4AI score0.11518EPSS
Exploits1References6
CERT
CERT
added 2002/06/11 12:0 a.m.49 views

AOL Instant Messenger vulnerable to buffer overflow via crafted "addbuddy" URI sent in message

Overview America Online's Instant Messenger AIM contains a remotely exploitable buffer overflow vulnerability. Description AOL Instant Messenger is a widely used program for communicating with other users over the Internet. A buffer overflow exists in the processing of the addbuddy parameter of t...

7.4AI score
Exploits0References3
CERT
CERT
added 2002/05/30 12:0 a.m.49 views

SquirrelMail compose.php script does not adequately validate input thereby allowing arbitrary user to send messages

Overview Some versions of SquirrelMail do not properly validate input. Attackers can spoof email addresses through this vulnerability. Description SquirrelMail is a collection of PHP4 scripts that provides webmail services. Prior to version 1.24, SquirrelMail does not properly validate Universal...

7.5CVSS5.4AI score0.03437EPSS
Exploits1References3
CERT
CERT
added 2001/12/12 12:0 a.m.49 views

System V derived login contains a remotely exploitable buffer overflow

Overview A remotely exploitable buffer overflow exists in implementations of login , derived from System V. An attacker can use this vulnerability to gain the privileges of the process that invoked login , user root in the cases of in.telnetd, or in.rlogind. We have been able to determine that...

10CVSS6.5AI score0.88836EPSS
Exploits27References2
CERT
CERT
added 2001/06/19 12:0 a.m.49 views

Microsoft Index Server/Indexing Service used by IIS 4.0/5.0 contains unchecked buffer used when encoding double-byte characters

Overview A vulnerability exists in the Indexing services used by Microsoft IIS 4.0 and IIS 5.0 running on Windows NT, Windows 2000, and beta versions of Windows XP. Exploitations of this vulnerability allows a remote intruder to run arbitrary code on the victim machine. Description There is a...

10CVSS7.2AI score0.96731EPSS
Exploits5References7
CERT
CERT
added 2025/07/08 12:0 a.m.48 views

RUCKUS Virtual SmartZone (vSZ) and RUCKUS Network Director (RND) contain multiple vulnerabilities

Overview Multiple vulnerabilities have been identified in RUCKUS Networks management products, specifically Virtual SmartZone vSZ and Network Director RND, including authentication bypass, hardcoded secrets, arbitrary file read by authenticated users, and unauthenticated remote code execution...

9.9CVSS10AI score0.02044EPSS
Exploits0
CERT
CERT
added 2016/08/01 12:0 a.m.48 views

Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities

Overview Crestron Electronics DM-TXRX-100-STR, version 1.2866.00026 and earlier, has a web management interface which contains multiple vulnerabilities, including authentication bypass, failure to restrict access to authorized users, use of hard-coded certificate, default credentials, and...

10CVSS10AI score0.0443EPSS
Exploits0References8
CERT
CERT
added 2014/09/04 12:0 a.m.48 views

Netmaster cable modem information leakage vulnerability

Overview The Netmaster CBW700N wireless cable modem enables remote SNMP public access by default Description CWE-200- Information Exposure The Netmaster CBW700N wireless cable modem running software version 81.447.392110.729.024 was found to expose sensitive information such as username, password...

5CVSS8.2AI score0.17133EPSS
Exploits3References3
CERT
CERT
added 2014/08/07 12:0 a.m.48 views

Cobham thraneLINK improper verification of firmware updates vulnerability

Overview Cobham's thraneLINK protocol does not verify cryptographic signatures for firmware updates before installing them. This may allow an attacker to deploy a malicious firmware update to the device. Description CWE-347: Improper Verification of Cryptographic Signature IOActive reports that...

9.3CVSS7.4AI score0.02762EPSS
Exploits0References4
CERT
CERT
added 2014/02/03 12:0 a.m.48 views

Mediatrix 4402 digital gateway web interface contains a cross-site scripting (XSS) vulnerability

Overview Mediatrix's web management interface for the 4402 digital gateway device with firmware version Dgw 1.1.13.186, and possibly earlier versions, contains a cross-site scripting XSS vulnerability. CWE-79 Description CWE-79: Improper Neutralization of Input During Web Page Generation...

4.3CVSS6AI score0.02541EPSS
Exploits1References3
CERT
CERT
added 2013/10/01 12:0 a.m.48 views

Baramundi Management Suite transmits data and stores keys and credentials insecurely

Overview Baramundi Management Suite versions 7.5 to 8.9 contains multiple vulnerabilities related to clear-text credential storage and transmission. Description CWE-319: Cleartext Transmission of Sensitive Information - CVE-2013-3593Baramundi Mangement Suite versions 7.5 to 8.9 transfers data in...

7.8CVSS6.2AI score0.02388EPSS
Exploits1References1
CERT
CERT
added 2011/06/15 12:0 a.m.48 views

Adobe Reader and Acrobat font memory corruption vulnerability

Overview Adobe Reader and Acrobat fail to properly handle font data, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description A critical vulnerability exists in the font parsing code in Adobe Reader and Acrobat. The vulnerability results i...

9.3CVSS7AI score0.0365EPSS
Exploits0References5
CERT
CERT
added 2010/09/01 12:0 a.m.48 views

Blackboard Transact database credentials disclosure

Overview The Blackboard Transact application contains two vulnerabilities that allow an unauthorized user to access the database credentials. Description The Blackboard Transact application previously know as Blackboard Commerce Suite comes with a utility called BbtsConnectionEdit.exe that is use...

7AI score
Exploits0References1
CERT
CERT
added 2008/11/24 12:0 a.m.49 views

SSH CBC vulnerability

Overview A vulnerability exists in SSH messages that employ CBC mode that may allow an attacker to recover plaintext from a block of ciphertext. Description The Secure Shell SSH is a network protocol that creates a secure channel between two networked devices in order to allow data to be exchange...

6.9AI score
Exploits0References3
CERT
CERT
added 2008/02/11 12:0 a.m.48 views

Adobe Reader and Acrobat JavaScript methods buffer overflow vulnerabilities

Overview Adobe Reader and Acrobat contains multiple buffer overflow vulnerabilities. Successful exploitation of this vulnerability may allow an attacker to execute code. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the...

9.3CVSS9.1AI score0.94222EPSS
Exploits9References8
CERT
CERT
added 2007/08/28 12:0 a.m.48 views

BIND version 8 generates cryptographically weak DNS query identifiers

Overview ISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. Version 8 of the BIND...

4.3CVSS6.6AI score0.07585EPSS
Exploits0References3
CERT
CERT
added 2007/04/13 12:0 a.m.48 views

Microsoft Windows DNS RPC buffer overflow

Overview The Microsoft DNS service Remote Procedure Call RPC implementation contains a stack buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code with SYSTEM privileges. Description The Microsoft Windows DNS service uses RPC to facilitate remote management. Th...

10CVSS9.5AI score0.79128EPSS
Exploits17References7
CERT
CERT
added 2007/01/31 12:0 a.m.48 views

Computer Associates BrightStor ARCserve Backup LGSERVER.EXE heap buffer overflow

Overview Computer Associates BrightStor ARCserve Backup contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Computer Associates BrightStor ARCserve Backup products come with a service called LGSERVER.EXE. Thi...

10CVSS6.9AI score0.7924EPSS
Exploits7References7
CERT
CERT
added 2007/01/29 12:0 a.m.48 views

Sun Solaris Kernel SSL Proxy service is vulnerable to a denial of service condition

Overview The Sun Solaris Kernel SSL Proxy service contains a flaw that may allow a remote attacker to cause a denial of service condition. Description Sun Solaris 10 operating system provides a module called the SSL Kernel Proxy to improve the performance of applications that do SSL packet...

7.8CVSS6.5AI score0.03062EPSS
Exploits0References4
CERT
CERT
added 2006/04/17 12:0 a.m.48 views

Mozilla display style vulnerability

Overview Mozilla products contain an unspecified vulnerability in the way they handle display styles. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description Mozilla products contain an unspecified vulnerability in the way they...

5CVSS7AI score0.04377EPSS
Exploits0References1
CERT
CERT
added 2004/10/13 12:0 a.m.48 views

Microsoft Windows contains vulnerability in Window Management API

Overview A vulnerability in the Microsoft Windows window application programming interfaces APIs could allow a local attacker to gain elevated privileges on a vulnerable system. Description Microsoft Windows contains a vulnerability in the window management application programming interface API...

2.1CVSS6.2AI score0.01793EPSS
Exploits0References3
CERT
CERT
added 2004/08/16 12:0 a.m.48 views

Apple Safari fails to properly handle form data in HTTP redirects

Overview There is a vulnerability in the way Safari handles form data that may expose sensitive information when the forward/backward buttons are used. Description Apple Safari is a web browser available for the Mac OS X operating system. A vulnerability exists in the way Safari handles web form...

5CVSS5.9AI score0.01958EPSS
Exploits0References4
CERT
CERT
added 2003/07/17 12:0 a.m.48 views

Cisco IOS Interface Blocked by IPv4 Packet

Overview A denial-of-service vulnerability exists in Cisco's Internetwork Operating System IOS. This vulnerability may allow remote attackers to conduct denial-of-service attacks on an affected device. Description Cisco IOS is a very widely deployed network operating system. A vulnerability in IO...

7.8CVSS6.5AI score0.16576EPSS
Exploits1References8
CERT
CERT
added 2002/09/24 12:0 a.m.48 views

PHPNuke 'admin.php' script does not adequately authenticate users, thereby allowing malicious user to copy, move, or upload files

Overview PHPNuke's "admin.php" script does not properly authenticate users of its filemanager capabilities. Attackers may exploit this vulnerability to copy, move, or upload files. Description PHPNuke is a set of PHP scripts designed to simplify website creation and maintenance. The "admin.php"...

7.5CVSS6.4AI score0.03124EPSS
Exploits1References4
CERT
CERT
added 2002/08/01 12:0 a.m.48 views

Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups

Overview Buffer overflow vulnerabilities exists in the DNS stub resolver library used by BSD, ISC BIND, and GNU glibc. Other systems that use DNS resolver code derived from ISC BIND may also be affected. An attacker who is able to control DNS responses could exploit arbitrary code or cause a deni...

9.6AI score
Exploits0References8
CERT
CERT
added 2002/04/10 12:0 a.m.48 views

Microsoft Internet Information Server (IIS) vulnerable to DoS via malformed FTP connection status request

Overview A vulnerability in IIS could allow an intruder to disrupt ordinary operations of both FTP and Web services on vulnerable IIS servers. Description IIS includes an FTP server. An intruder who sends a malformed request for the status of an existing connection could cause the IIS server to...

5CVSS5.8AI score0.5305EPSS
Exploits0References1
CERT
CERT
added 2001/07/17 12:0 a.m.48 views

iPlanet Directory Server contains multiple vulnerabilities in LDAP handling code

Overview The iPlanet Directory Server contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product,...

7.8AI score
Exploits0References9
CERT
CERT
added 2001/06/21 12:0 a.m.48 views

Solaris Line Printer Daemon (in.lpd) vulnerable to buffer overflow via transfer job routine

Overview A buffer overflow exists in the Solaris line printer daemon in.lpd that may allow a remote intruder to execute arbitrary code with the privileges of the running in.lpd. This daemon runs with root privileges by default on all recent versions of Solaris. Description The Solaris in.lpd...

10CVSS7.4AI score0.03695EPSS
Exploits0References4
CERT
CERT
added 2023/01/17 12:0 a.m.47 views

New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities

Overview Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035 contain two vulnerabilities. The first is an authentication bypass vulnerability that allows an unauthenticated user to access content from both inside and outside the network. The second is a...

9.8CVSS9.4AI score0.11009EPSS
Exploits2References2
CERT
CERT
added 2019/07/15 12:0 a.m.47 views

LLVMs Arm stack protection feature can be rendered ineffective

Overview The stack protection feature in LLVM's Arm backend can be rendered ineffective when the stack protector slot is re-allocated so that is appears after the local variables that it is meant to protect, leaving the function potentially vulnerable to a stack-based buffer overflow. Description...

7AI score
Exploits0References6
CERT
CERT
added 2017/03/31 12:0 a.m.47 views

GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed

Overview GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 and GB-BXi7-5775 platforms, versions vF6 and vF2 respectively, fails to properly set the BIOSWE, BLE, SMMBWP, and PRx bits to enforce write protection. It also is not cryptographically signed. These issues may permit an attacker to write...

10CVSS9.6AI score0.05641EPSS
Exploits2References6
CERT
CERT
added 2016/06/15 12:0 a.m.47 views

Adobe Flash memory corruption vulnerability

Overview Adobe Flash contains an unspecified vulnerability that is currently being exploited in the wild. Description Adobe Flash Player 21.0.0.242 and earlier contain an unspecified vulnerability that an allow a remote, unauthenticated attacker to execute arbitrary code. This vulnerability is...

10CVSS9.5AI score0.19903EPSS
Exploits0References5
CERT
CERT
added 2015/10/27 12:0 a.m.47 views

HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password

Overview The HP ArcSight SmartConnector fails to properly validate SSL certificates, and also contains a hard-coded password. Description CWE-295: Improper Certificate Validation - CVE-2015-2902The ArcSight SmartConnector fails to validate the certificate of the upstream Logger device it is...

6.9CVSS6.7AI score0.01505EPSS
Exploits0References3
CERT
CERT
added 2015/10/20 12:0 a.m.47 views

HP Client Automation and Radia Client Automation is vulnerable to remote code execution

Overview Radia Client Automation previously sold under the name HP Client Automation agent prior to version 9.1 is vulnerable to arbitrary remote code execution. Description According to ZDI's advisory for ZDI-15-363, which has been assigned CVE-2015-7860: "This vulnerability allows remote...

10CVSS7.6AI score0.06081EPSS
Exploits0References5
CERT
CERT
added 2015/07/12 12:0 a.m.47 views

Adobe Flash ActionScript 3 BitmapData memory corruption vulnerability

Overview Adobe Flash Player contains a vulnerability in the ActionScript 3 BitmapData object, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Flash Player versions 9.0 through version 18.0.0.204 contain amemory corruption...

10CVSS9.6AI score0.18493EPSS
Exploits0References5
CERT
CERT
added 2014/09/08 12:0 a.m.47 views

Netgear ProSafe Plus Configuration Utility writes out plaintext passwords to backup configuration files

Overview The Netgear ProSafe Plus Configuration Utility exposes password information via the configuration backup file. Description CWE-200- Information Exposure The Netgear ProSafe Plus Configuration Utility provides a feature to back up switch configuration. In the backup file, the device...

3.3CVSS6.3AI score0.00755EPSS
Exploits1References2
CERT
CERT
added 2013/10/30 12:0 a.m.47 views

Joomla! Media Manager allows arbitrary file upload and execution

Overview An authenticated attacker may be able to upload active content to websites running older versions of Joomla. Description CWE-434: Unrestricted Upload of File with Dangerous Type A vulnerability has been discovered in older versions of the Joomla! content management software that allow an...

6.8CVSS6AI score0.48191EPSS
Exploits5References8
CERT
CERT
added 2013/04/10 12:0 a.m.47 views

Plesk Panel 11.0.9 privilege escalation vulnerabilities

Overview Plesk Panel 11.0.9 and possibly earlier versions contains multiple privilege escalation vulnerabilities. Description Plesk Panel contains multiple privilege escalation vulnerabilities which may allow an attacker to run arbitrary code as the root user. Special-case rules in Plesk's custom...

7.2CVSS7.5AI score0.0126EPSS
Exploits0References2
CERT
CERT
added 2012/09/06 12:0 a.m.47 views

Webmin contains input validation vulnerabilities

Overview Webmin 1.580, and possibly earlier versions, has been reported to contain input validation vulnerabilities. Description The advisories from American Information Security Group report the following vulnerabilities.CWE-20: Improper Input Validation - CVE-2012-2981 "An input validation flaw...

6.5CVSS6.9AI score0.61925EPSS
Exploits13References8
CERT
CERT
added 2010/10/28 12:0 a.m.47 views

Adobe Flash code execution vulnerability

Overview Adobe Flash 10.1.85.3 contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Flash 10.1.85.3 and earlier versions as well as 10.2.161.23 and earlier 10.2 preview versions contain a vulnerability that...

9.3CVSS7.8AI score0.69679EPSS
Exploits14References3
CERT
CERT
added 2010/07/12 12:0 a.m.47 views

Cisco Industrial Ethernet 3000 Series switches have hardcoded SNMP community strings

Overview Cisco Industrial Ethernet 3000 IE 3000 Series switches running Cisco IOS Software releases 12.252SE or 12.252SE1, contain well-known, hard-coded read and write SNMP community strings. An remote attacker could take full control of a vulnerable device. Description Cisco Industrial Ethernet...

10CVSS8.3AI score0.04733EPSS
Exploits0References2
CERT
CERT
added 2010/03/05 12:0 a.m.47 views

Energizer DUO USB battery charger software allows unauthorized remote system access

Overview The software available for the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. Description Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been...

9.3CVSS6.5AI score0.27429EPSS
Exploits6References5
Total number of security vulnerabilities3704