Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
•added 2005/11/08 12:0 a.m.•46 views

Apple QuickTime PictureViewer PICT data decompression buffer overflow

Overview Apple QuickTime PictureViewer contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple's QuickTime Player is multimedia software that allows users to view local and remote audio/video content. PictureViewer is a...

5.1CVSS7.1AI score0.04242EPSS
Exploits0References4
CERT
CERT
•added 2005/08/02 12:0 a.m.•46 views

Cisco IOS OSPF neighbor IO buffer overflow

Overview Cisco Internetwork Operating System IOS is the operating system for the majority of Cisco routers. Open Shortest-Path First OSPF is a interior routing protocol. A flaw in some Cisco IOS versions can allow a buffer overflow when handling a large number of OSPF neighbor connection requests...

7.5CVSS7.4AI score0.09625EPSS
Exploits0References8
CERT
CERT
•added 2005/04/12 12:0 a.m.•46 views

Microsoft Windows does not adequately validate IP options

Overview Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. Description Several versions of the Microsoft Windows IP stack a...

7.5CVSS7.7AI score0.45524EPSS
Exploits0References6
CERT
CERT
•added 2005/02/21 12:0 a.m.•46 views

Verity Ultraseek contains a cross-site scripting vulnerability in the processing of search requests

Overview Verity's Ultraseek application contains a cross-site scripting vulnerability in the processing of search requests. Description Verity Ultraseek is a web site search engine application. Ultraseek contains a cross-site scripting vulnerability in the processing of search requests. More...

4.3CVSS5.5AI score0.02412EPSS
Exploits0References6
CERT
CERT
•added 2005/02/21 12:0 a.m.•46 views

SCO OpenServer vulnerable to privilege escalation in 'scosession' argument handling

Overview A vulnerability in a program supplied with the SCO OpenServer operating system may allow local attackers to gain elevated privileges. Description SCO OpenServer is a UNIX-like operating system for Intel and AMD platforms. The 'scosession' session handling component, which is responsible...

7.2CVSS6.1AI score0.00368EPSS
Exploits0References2
CERT
CERT
•added 2005/02/08 12:0 a.m.•46 views

Microsoft Hyperlink Object Library buffer overflow

Overview A buffer overflow exists in the Microsoft Windows system library used when handling hyperlinks. All currently supported versions of Microsoft Windows are affected. Description An unchecked buffer in the Microsoft Object Library is vulnerable to attack when malformed hyperlinks are handle...

7.5CVSS7.1AI score0.41139EPSS
Exploits0References3
CERT
CERT
•added 2005/01/18 12:0 a.m.•46 views

Veritas NetBackup "bpjava-susvc" process contains an input validation error

Overview Veritas NetBackup Administrative Assistant interface may allow users to execute arbitrary commands with elevated privileges. Description The Veritas NetBackup Administrative Assistant interface bpjava-susvc contains an input validation vulnerability. According to Veritas Alert 271727 :Wh...

7.5AI score
Exploits0References3
CERT
CERT
•added 2004/09/30 12:0 a.m.•46 views

libXpm library contains multiple integer overflow vulnerabilities

Overview libXpm contains multiple integer overflow vulnerabilities that may allow an attacker to cause a denial-of-service condition or execute arbitrary code. Description XPM is a format for encoding and decoding X PixMap images that is used in the X Windows System 11 X11. libXpm is a library of...

8.1AI score
Exploits0References4
CERT
CERT
•added 2004/09/09 12:0 a.m.•46 views

Apple Mac OS X CoreFoundation CFPlugIn facilities automatically load plug-in executables

Overview There is a vulnerability in the Mac OS X CoreFoundation framework that could allow a local attacker to gain elevated privileges. Description The Core Foundation framework CoreFoundation.framework is designed to allow code and data sharing between frameworks, libraries, and applications i...

7.2CVSS6.2AI score0.00425EPSS
Exploits0References5
CERT
CERT
•added 2003/09/30 12:0 a.m.•46 views

OpenSSL ASN.1 parser insecure memory deallocation

Overview A vulnerability in the way OpenSSL deallocates memory used to store ASN.1 structures could allow a remote attacker to execute arbitrary code with the privileges of the process using the OpenSSL library. Description OpenSSL implements the Secure Sockets Layer SSL and Transport Layer...

10CVSS9.6AI score0.85449EPSS
Exploits0References6
CERT
CERT
•added 2002/10/02 12:0 a.m.•46 views

Microsoft SmartHTML interpreter (shtml.dll) contains vulnerability

Overview Microsoft's SmartHTML interpreter shtml.dll contains a remotely exploitable vulnerability. Description shtml.dll is a component of FrontPage Server Extensions. FrontPage Server Extensions allow web developers to add or change content and to manage the web server.Quoting from MS02-053, "T...

7.5CVSS7.2AI score0.17959EPSS
Exploits0References3
CERT
CERT
•added 2002/07/13 12:0 a.m.•46 views

Microsoft Internet Information Server (IIS) vulnerable to buffer overflow via malformed server-side include directive

Overview A buffer overflow in the code that processes server-side include files on IIS 4.0 and IIS 5.0 could allow an intruder to execute code with the privileges of the web server. Description A buffer overflow exists in the code that processes server side include directives on IIS versions 4 an...

7.2CVSS7.3AI score0.3EPSS
Exploits2References3
CERT
CERT
•added 2001/11/15 12:0 a.m.•46 views

Eyedog ActiveX control incorrectly marked "safe for scripting"

Overview Versions of the Eyedog ActiveX control current circa August, 1999, are incorrectly marked safe for scripting. Description Eyedog is an ActiveX control that was used to perform diagnostic function in Windows. It was marked as safe for scripting, which means that it could be called from...

5.1CVSS6AI score0.22551EPSS
Exploits0References3
CERT
CERT
•added 2001/04/06 12:0 a.m.•46 views

Solaris ufsrestore buffer overflow in command pathname parameters for interactive session

Overview There is a buffer overflow in ufsrestore, a file restoration utility. Description When operating in interactive mode, the pathname parameter of the extract command is not properly bounds checked. When used in conjunction with long pathnames contained in the dump file, an internal buffer...

7.2CVSS7AI score0.01346EPSS
Exploits1References3
CERT
CERT
•added 2022/11/08 12:0 a.m.•45 views

Multiple race conditions due to TOCTOU flaws in various UEFI Implementations

Overview Multiple Unified Extensible Firmware Interface UEFI implementations are vulnerable to code execution in System Management Mode SMM by an attacker who gains administrative privileges on the local machine. An attacker can corrupt the memory using Direct Memory Access DMA timing attacks tha...

8.2CVSS7.8AI score0.00193EPSS
Exploits0References8
CERT
CERT
•added 2022/02/24 12:0 a.m.•45 views

Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS

Overview Visual Voice Mail VVM services transmit unencrypted credentials via SMS. An attacker with the ability to read SMS messages can obtain VVM IMAP credentials and gain access to VVM data. Description VVM is specified by Open Mobile Terminal Platform-OMPT and is implemented with SMS and IMAP...

8.1CVSS7.9AI score0.01406EPSS
Exploits1References2
CERT
CERT
•added 2017/03/07 12:0 a.m.•45 views

PHP FormMail Generator generates code vulnerable to multiple issues

Overview PHP forms generated using the PHP FormMail Generator are vulnerable to stored cross-site scripting and unrestricted upload of dangerous file types. Description PHP FormMail Generator is a website that generates PHP form code for inclusion in a PHP-based or Wordpress-based website. The co...

9.8CVSS7.5AI score0.03375EPSS
Exploits0References1
CERT
CERT
•added 2016/10/25 12:0 a.m.•45 views

Zizai Tech Nut contains multiple vulnerabilities

Overview Zizai Tech Nut contains multiple vulnerabilities including sensitive information exposure and missing authentication. Description CWE-313: Cleartext Storage in a File or on Disk - CVE-2016-6547The Nut mobile app stores the account password used to authenticate to the cloud API in...

9.8CVSS6.8AI score0.03707EPSS
Exploits3References2
CERT
CERT
•added 2016/05/17 12:0 a.m.•45 views

Chef Manage deserializes cookie data insecurely

Overview Chef Manage add-on, version 1.11.4 and earlier, deserializes cookie data insecurely, which may be leveraged to gain unauthenticated remote code execution. Description CWE-502: Deserialization of Untrusted Data - CVE-2016-4326Chef with the Chef Manage previously known as 'opscode-manage'...

9.8CVSS10AI score0.04194EPSS
Exploits0References3
CERT
CERT
•added 2015/12/10 12:0 a.m.•45 views

Netgear G54/N150 Wireless Router WNR1000v3 uses insufficiently random values for DNS queries

Overview Netgear G54/N150 Wireless Router WNR1000v3, firmware version 1.0.2.68 and possibly earlier, uses insufficiently random values for DNS queries and is vulnerable to DNS spoofing attacks. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-8263The Netgear G54/N150 Wireless...

8.6CVSS8.8AI score0.0183EPSS
Exploits0References1
CERT
CERT
•added 2015/04/14 12:0 a.m.•45 views

SearchBlox contains multiple vulnerabilities

Overview SearchBlox versions 8.1.x and below contain multiple vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2015-0967SearchBlox contains multiple cross-site scripting XSS vulnerabilities, including a reflected XSS in...

8.8CVSS9.2AI score0.13659EPSS
Exploits0References6
CERT
CERT
•added 2015/03/20 12:0 a.m.•45 views

NSIS Inetc plug-in fails to validate SSL certificates

Overview The Intetc plugin for the NSIS installer fails to validate SSL certificates, which makes affected installers vulnerable to HTTPS spoofing. Description Inetc is a plugin for the NSIS installer software that provides the ability to download files from the internet. Although Inetc supports...

4.3CVSS6.5AI score0.01392EPSS
Exploits0References4
CERT
CERT
•added 2014/10/07 12:0 a.m.•45 views

Cryoserver Security Appliance vulnerable to privilege escalation

Overview Cryoserver Security Appliance 7.3.x vulnerable to privilege escalation Description CWE-264: Permissions, Privileges, and Access Controls Cryoserver Security Appliance 7.3.x does not properly assign permission to the /etc/init.d/cryoserver shell script and allows the default support accou...

6.8CVSS6.4AI score0.00315EPSS
Exploits0References2
CERT
CERT
•added 2014/01/02 12:0 a.m.•45 views

BlogEngine.net information disclosure vulnerability

Overview BlogEngine.net 2.8.0.0 and earlier versions contain an information disclosure vulnerability which could allow an attacker to gain access to credentials. Description CWE-200: Information ExposureBlogEngine.net 2.8.0.0 and earlier contain an information disclosure vulnerability which could...

5CVSS6.6AI score0.01308EPSS
Exploits1References2
CERT
CERT
•added 2012/12/07 12:0 a.m.•45 views

Qualcomm Android OS kernel privilege escalation and denial of service vulnerabilites

Overview Android OS kernels running on certain Qualcomm devices contain multiple vulnerabilities which could allow an attacker to cause privilege escalation or Denial of Service DoS. Description The Qualcomm Innovation Center, Inc. advisory states:Summary: A locally installed application can caus...

6.8CVSS7.2AI score0.03032EPSS
Exploits0References2
CERT
CERT
•added 2012/11/07 12:0 a.m.•45 views

Agile FleetCommander and FleetCommander Kiosk versions prior to 4.08 contain multiple vulnerabilities

Overview Agile FleetCommander and FleetCommander Kiosk were found to have multiple XSS, CSRF, information disclosure and SQLi vulnerabilities. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2012-4941SQL Injection Vulnerabilities:...

10CVSS8.5AI score0.03836EPSS
Exploits0References8
CERT
CERT
•added 2012/07/09 12:0 a.m.•45 views

Synel SY-780/A terminal denial-of-service vulnerability

Overview Synel SY-780/A terminals contain a denial-of-service vulnerability when specific ports of the device are scanned. Description According to Synel's website the SY-780/A terminal is a stand-alone device used for time & attendance monitoring, production floor control, job costing, and acces...

7.8CVSS6.4AI score0.01465EPSS
Exploits0References1
CERT
CERT
•added 2011/05/31 12:0 a.m.•45 views

Anymacro Mail System G4X email server web interface directory traversal vulnerability

Overview Anymacro Mail System G4X email server web interface contains a directory traversal vulnerability. Description According to Anymacro's website: Anymacro Mail System is a professional e-mail and unified messaging product solution. Anymacro Mail System can be used for an e-mail platform for...

7AI score
Exploits0References1
CERT
CERT
•added 2010/03/09 12:0 a.m.•45 views

Microsoft Internet Explorer iepeers.dll use-after-free vulnerability

Overview Microsoft Internet Explorer contains a use-after-free vulnerability in the iepeers.dll file, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Internet Explorer provides support for Web Folders and printing through the use of the...

9.3CVSS6.5AI score0.82172EPSS
Exploits15References3
CERT
CERT
•added 2008/05/30 12:0 a.m.•45 views

OpenSSL TLS handshake Denial of Service

Overview A vulnerability exists in OpenSSL that may allow a remote attacker to cause a denial of service. Description OpenSSL contains a vulnerability in the way specially crafted TLS handshake packets are handled that may result in a denial of service. According to OpenSSL Security Advisory...

4.3CVSS8.1AI score0.05EPSS
Exploits1References4
CERT
CERT
•added 2008/01/31 12:0 a.m.•45 views

Liferay Portal Admin portlet Shutdown message XSS

Overview Liferay Portal Admin portlet fails to properly validate input to the shutdown message, which can allow a remote, authenticated attacker to inject script into the message displayed to all users when the server is being shut down. Description Liferay Portal is an enterprise portal solution...

4.3CVSS5.8AI score0.01338EPSS
Exploits0References2
CERT
CERT
•added 2007/09/12 12:0 a.m.•45 views

Callisto PhotoParade Player PhPInfo ActiveX control buffer overflow

Overview The Callisto PhotoParade Player PhPInfo ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Callisto PhotoParade Player includes an ActiveX control called PhPinfo. The ActiveX control...

9.3CVSS7AI score0.06506EPSS
Exploits0References2
CERT
CERT
•added 2007/03/14 12:0 a.m.•45 views

Apple QuickDraw Manager heap buffer overflow vulnerability

Overview Apple QuickDraw contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description PICT is a graphics file format that was used by Apple Macintosh systems prior to Mac OS X as their standa...

7.1CVSS8.3AI score0.058EPSS
Exploits0References7
CERT
CERT
•added 2007/02/14 12:0 a.m.•45 views

Microsoft RichEdit vulnerable to remote code execution via malformed embedded OLE object

Overview Microsoft's RichEdit contains a vulnerability that may allow an attacker to execute code. Description From Murray Sargent's MSDN blog:RichEdit 6.0 is a facility for getting plain/rich-text, single/multiline Unicode/ANSI edit controls and combo/list boxes in single world-wide binary that...

9.3CVSS7.5AI score0.31102EPSS
Exploits0References9
CERT
CERT
•added 2006/12/08 12:0 a.m.•45 views

Microsoft Windows Media Player fails to properly handle malformed Windows Media Metafiles

Overview Windows Media Player does not properly handle malformed Windows Media Metafiles. This vulnerability may allow a remote attacker to execute arbitrary code or crash Windows Media Player. Description Windows Media Player WMP is a multimedia application that comes with Microsoft Windows...

7.5CVSS7AI score0.41285EPSS
Exploits2References6
CERT
CERT
•added 2006/03/23 12:0 a.m.•45 views

Microsoft Internet Explorer createTextRange() vulnerability

Overview Microsoft Internet Explorer IE fails to properly handle the createTextRange DHTML method, possibly allowing a remote, unauthenticated attacker to execute arbitrary code. Description DHTML, TextRanges, and the createTextRange Method According to Microsoft:Dynamic HTML DHTML is built on an...

9.3CVSS5.9AI score0.68068EPSS
Exploits11References5
CERT
CERT
•added 2006/01/20 12:0 a.m.•45 views

Oracle Client Tools buffer overflow vulnerability

Overview A buffer overflow in an unspecified Oracle Client utility may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Description According to Oracle:One vulnerability DBC02is in a utility that can be forced to terminate if given long arguments, potentially...

10CVSS9.4AI score0.06534EPSS
Exploits1References5
CERT
CERT
•added 2005/11/09 12:0 a.m.•45 views

Microsoft PKINIT smart card logon vulnerable to information disclosure and spoofing

Overview Microsoft PKINIT smart card authentication is vulnerable to an information disclosure flaw that may allow an attacker to spoof a trusted server. Description From the Microsoft PKINIT description: PKINIT is an Internet Engineering Task Force IETF Internet Draft for "Public Key Cryptograph...

3.6CVSS6.2AI score0.01648EPSS
Exploits0References2
CERT
CERT
•added 2005/04/13 12:0 a.m.•45 views

Microsoft Windows Kernel Vulnerability

Overview A privilege elevation vulnerability exists in the way that the Windows' kernel processes certain access requests. This vulnerability could allow a logged on user to take complete control of the system. Description A locally authenticated user could potentially exploit a vulnerability in...

7.2CVSS7AI score0.01774EPSS
Exploits0References1
CERT
CERT
•added 2005/04/12 12:0 a.m.•45 views

Microsoft Internet Explorer URL validation routine contains a buffer overflow

Overview A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE contains an unspecified vulnerability in the way that it handles certain URLs. The process that checks the URL contain...

7.5CVSS7.7AI score0.5791EPSS
Exploits0References1
CERT
CERT
•added 2005/03/04 12:0 a.m.•45 views

nfs-utils vulnerable to buffer overflow in "getquotainfo()" in "rquota_server.c"

Overview A vulnerability in nfs-utils could permit an attacker to execute arbitrary code on the system or cause a denial of service. Description The NFS protocol provides remote access to shared files accross networks. The nfs-utils package provides an NFS client and server for Linux systems...

10CVSS7.6AI score0.11299EPSS
Exploits0References5
CERT
CERT
•added 2005/02/09 12:0 a.m.•45 views

Microsoft Windows XP named pipe fails to restrict anonymous access

Overview The Server service running on Microsoft Windows XP leaks authentication information. Description The Server service srvsvc.dll is a component of the Server Message Block SMB, and its follow-on, Common Internet File System CIFS. These are network protocols that Windows uses to share files...

7.5CVSS6.4AI score0.4657EPSS
Exploits0References2
CERT
CERT
•added 2004/10/19 12:0 a.m.•45 views

Apache HTTP Server contains a buffer overflow in the mod_proxy module

Overview Apache Web Server contains a buffer overflow vulnerability in the modproxy module that may allow a remote attacker to execute arbitrary code or launch a denial of service DoS attack. Description The Apache Server is an open-source web server offered by The Apache Software Foundation. The...

10CVSS8.2AI score0.33639EPSS
Exploits0References3
CERT
CERT
•added 2004/09/14 12:0 a.m.•45 views

Microsoft Windows GDI+ contains a buffer overflow vulnerability in the JPEG parsing component

Overview A buffer overflow vulnerability in the Microsoft Windows GDI+ JPEG parsing component could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows Graphics Device Interface GDI+ is an application programming interface API that provides...

9.3CVSS7.4AI score0.49024EPSS
Exploits0References4
CERT
CERT
•added 2004/09/02 12:0 a.m.•45 views

MIT Kerberos 5 ASN.1 decoding function asn1buf_skiptail() does not properly terminate loop

Overview The asn1bufskiptail function in the MIT Kerberos 5 library does not properly terminate a loop, allowing an unauthenticated, remote attacker to cause a denial of service in a Kerberos Distribution Center KDC, application server, or Kerberos client. Description As described on the MIT...

5CVSS9.3AI score0.05585EPSS
Exploits0References8
CERT
CERT
•added 2004/08/27 12:0 a.m.•45 views

isakmpd crashes when handling ISAKMP packets with malformed "Delete Payload"

Overview A vulnerability exists in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security Association and Key Manageme...

5CVSS6.4AI score0.03619EPSS
Exploits0
CERT
CERT
•added 2004/07/14 12:0 a.m.•45 views

Microsoft Windows contains a buffer overflow in the POSIX subsystem

Overview A buffer overflow vulnerability exists in the Portable Operating System Interface for UNIX POSIX subsystem for Windows NT 4.0 and Windows 2000. This vulnerability may be exploited by a local authenticated user to gain full system privileges. Description Windows NT 4.0 and Windows 2000...

7.8CVSS7.6AI score0.07606EPSS
Exploits0References1
CERT
CERT
•added 2004/04/30 12:0 a.m.•45 views

Gaim contains a buffer overflow vulnerability in the gaim_quotedp_decode() function

Overview There is a buffer overflow vulnerability in the Gaim gaimquotedpdecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature tha...

9.8CVSS9.7AI score0.11214EPSS
Exploits1References5
CERT
CERT
•added 2004/04/14 12:0 a.m.•45 views

Microsoft Windows 2000 LSASS fails to properly handle certain LDAP messages

Overview A vulnerability exists in the Lightweight Directory Access Protocol LDAP message processing of the Windows 2000 domain controller. An attacker may be able to cause a denial-of-service condition to the vulnerable Active Directory domain. Description A vulnerability exists in the processin...

5CVSS7.4AI score0.31881EPSS
Exploits0References1
CERT
CERT
•added 2004/03/10 12:0 a.m.•45 views

Linux kernel mremap(2) system call does not properly check return value from do_munmap() function

Overview A vulnerability in the Linux mremap2 system call could allow an authenticated, local attacker to execute arbitrary code with root privileges. Description The Linux kernel uses a linked list of vitrual memory area VMA descriptors to reference valid regions of the page table for a given...

6.6AI score
Exploits0References7
Total number of security vulnerabilities3704