Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
•added 2001/09/12 12:0 a.m.•44 views

Microsoft Exchange Outlook Web Access fails to authenticate users when searching the Global Address List

Overview Microsoft Exchange servers that offer the Outlook Web Access service are vulnerable to an information disclosure vulnerability that can reveal any email address stored in the Global Address List. Description The Outlook Web Access OWA component of Microsoft Exchange allows users to acces...

5CVSS5.5AI score0.2199EPSS
Exploits0References3
CERT
CERT
•added 2001/06/27 12:0 a.m.•44 views

Cisco IOS HTTP server authentication vulnerability allows remote attackers to execute arbitrary commands

Overview A problem with the HTTP server component of Cisco IOS system software allows an intruder to execute privileged commands on Cisco routers if local authentication databases are used. Description By sending a particular URL to a Cisco IOS device with the HTTP server enabled, a remote attack...

9.3CVSS6.9AI score0.6845EPSS
Exploits8References5
CERT
CERT
•added 2001/05/14 12:0 a.m.•44 views

Lotus Notes Java VM leaks file existence through timing difference in ECLs

Overview Lotus Notes JVM leaks information about the existence of a file. Description A malicious Java applet run in the Lotus Notes web browser can determine if a local file exists. Notes' preferences must be set to browse the web using the Notes browser, with execution of Java applets...

5CVSS6.1AI score0.02886EPSS
Exploits1References4
CERT
CERT
•added 2001/01/31 12:0 a.m.•44 views

HP-UX Support Tools Manager vulnerable to denial of service

Overview There is a vulnerability in the Hewlett-Packard Support Tools Manager that allows a local user to create a denial-of-service condition. Description The Hewlett-Packard Support Tools is a collection of diagnostic tools that allow operators of HP-UX systems to test and diagnose hardware...

2.1CVSS6AI score0.00492EPSS
Exploits0References1
CERT
CERT
•added 2024/01/16 12:0 a.m.•43 views

GPU kernel implementations susceptible to memory leak

Overview General-purpose graphics processing unit GPGPU platforms from AMD, Apple, and Qualcomm fail to adequately isolate process memory, thereby enabling a local attacker to read memory from other processes. An attacker with access to GPU capabilities using a vulnerable GPU's programmable...

6.5CVSS6.2AI score0.01175EPSS
Exploits1References14
CERT
CERT
•added 2023/09/06 12:0 a.m.•43 views

Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router

Overview An authentication bypass vulnerability exists in the N300 Wireless N VDSL2 Modem Router manufactured by Tenda. This vulnerability allows a remote, unauthenticated user to access sensitive information. Description CVE-2023-4498 is an authentication bypass vulnerability that enables an...

5.3CVSS5.9AI score0.0041EPSS
Exploits0References1
CERT
CERT
•added 2017/01/10 12:0 a.m.•43 views

ThreatMetrix SDK for iOS fails to validate SSL certificates

Overview On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle MITM attack. Description ThreatMetrix is a security library for mobile applications, which aims to...

6.8CVSS6.4AI score0.00346EPSS
Exploits0References1
CERT
CERT
•added 2016/02/25 12:0 a.m.•43 views

QNAP Signage Station and iArtist Lite contain multiple vulnerabilities

Overview The QNAP Signage Station prior to version 2.0.1 and the accompanying iArtist Lite application contain multiple vulnerabilities. Description CWE-434: Unrestricted Upload of File with Dangerous Type - CVE-2015-6022An authenticated attacker without administrative permissions may upload a...

9.8CVSS8.2AI score0.03096EPSS
Exploits0References4
CERT
CERT
•added 2016/02/16 12:0 a.m.•43 views

Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default

Overview Hirschmann "Classic Platform" switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257: Storing Passwords in a Recoverable Format For...

7.3AI score
Exploits0References2
CERT
CERT
•added 2016/02/02 12:0 a.m.•43 views

Fisher-Price Smart Toy platform allows some unauthenticated web API commands

Overview The Fisher-Price Smart Toy does not perform proper authentication of some API commands, and it may also use a vulnerable version of Android. Description The Fisher-Price Smart Toy bear is a new WiFi-connected Internet of Things IoT toy. The device utilizes network connectivity to provide...

7.5CVSS8.2AI score0.02289EPSS
Exploits0References2
CERT
CERT
•added 2015/10/20 12:0 a.m.•43 views

Medicomp MEDCIN Engine contains multiple vulnerabilities

Overview Medicomp's MEDCIN Engine provide electronic health records EHR tools and information to medical professionals. MEDCIN Engine versions before version 2.22.20153.226 are vulnerable to several buffer overflows. Description Medicomp MEDCIN Engine prior to version 2.22.20153.226 is vulnerable...

7.5CVSS7.1AI score0.03665EPSS
Exploits0References6
CERT
CERT
•added 2015/03/16 12:0 a.m.•43 views

D-Link DCS-93xL model family allows unrestricted upload

Overview The D-Link DCS-93xL family of devices specifically the DCS-930L, DCS-931L, DCS-932L, and DCS-933L models allows an attacker to upload arbitrary files from the attackers system. Description CWE-434: Unrestricted Upload of File with Dangerous Type The D-Link DCS-93xL family of devices allo...

9CVSS7AI score0.66674EPSS
Exploits5References6
CERT
CERT
•added 2015/01/05 12:0 a.m.•43 views

Intel BIOS locking mechanism contains race condition that enables write protection bypass

Overview A race condition exists in Intel chipsets that rely solely on the BIOSCNTL.BIOSWE and BIOSCNTL.BLE bits as a BIOS write locking mechanism. Successful exploitation of this vulnerability may result in a bypass of this locking mechanism. Description CWE-362: Concurrent Execution using Share...

6.3AI score
Exploits0References3
CERT
CERT
•added 2014/04/27 12:0 a.m.•43 views

Microsoft Internet Explorer CMarkup use-after-free vulnerability

Overview Microsoft Internet Explorer contains a use-after-free vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a use-after-free vulnerability. This can allow for arbitrary code...

10CVSS9.7AI score0.88013EPSS
Exploits1References6
CERT
CERT
•added 2013/10/04 12:0 a.m.•43 views

McAfee Managed Agent contains a denial-of-service (DoS) vulnerability

Overview McAfee Managed Agent versions 4.5, 4.6, and possibly earlier versions contain a denial-of-service DoS vulnerability CWE-400. Description CWE-400:Uncontrolled Resource Consumption 'Resource Exhaustion' McAfee Managed Agent versions 4.5 and 4.6 contain a denial-of-service DoS vulnerability...

5CVSS6.4AI score0.01991EPSS
Exploits1References2
CERT
CERT
•added 2012/11/16 12:0 a.m.•43 views

Novell File Reporter contains multiple vulnerabilities

Overview Novell File Reporter 1.0.2 contains multiple vulnerabilities including a heap overflow, arbitrary file retrieval, and arbitrary file upload. Description The Rapid7 advisory states:CVE-2012-4956 - Heap Overflow When handling requests of name "SRS", the NFRAgent.exe fails to generate a...

10CVSS7.6AI score0.73514EPSS
Exploits23References3
CERT
CERT
•added 2011/10/24 12:0 a.m.•43 views

Multiple MIT KRB5 KDC daemon vulnerabilities

Overview MIT's KRB5 KDC version 1.8 and 1.9 contain multiple vulnerabilities. Description The MIT krb5 Security Advisory 2011-006 states:CVE-2011-1527: In releases krb5-1.9 and later, the KDC can crash due to a null pointer dereference if configured to use the LDAP back end. A trigger condition i...

7.8CVSS6.5AI score0.04177EPSS
Exploits0References5
CERT
CERT
•added 2011/10/11 12:0 a.m.•43 views

Windows font library file buffer overflow

Overview Microsoft Windows contains a buffer overflow vulnerability in the handling of font library files, which may allow a remote, unauthenticated attacker to execute arbitrary code with kernel privileges. Description Microsoft Windows supports a variety of font formats. One of which is the fon...

9.3CVSS7AI score0.27772EPSS
Exploits4References2
CERT
CERT
•added 2011/04/05 12:0 a.m.•43 views

Oracle Solaris 10 password hashes leaked through back-out patch files

Overview Oracle Solaris 10 back-out patch files undo.Z contain password hashes which may be readable by unprivileged users. Description The root password hash along with other users' password hashes may be contained in the back-out patch files. In some instances, these files may be readable by...

2.1CVSS5.8AI score0.00381EPSS
Exploits1
CERT
CERT
•added 2009/04/16 12:0 a.m.•43 views

Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data

Overview Xpdf and poppler contain multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Xpdf is an open source viewer for Portable Document Format PDF files. Several PDF viewing applications and libraries, such a...

8.3AI score
Exploits0References13
CERT
CERT
•added 2008/12/24 12:0 a.m.•43 views

Microsoft SQL Server fails to properly validate parameters to the sp_replwritetovarbin extended stored procedure

Overview A vulnerability in the Microsoft SQL Server spreplwritetovarbin extended stored procedure could allow an authenticated attacker to execute arbitrary code on an affected server. Description Some versions of Microsoft SQL Server contain a vulnerability in the spreplwritetovarbin stored...

9CVSS9.1AI score0.87036EPSS
Exploits12References7
CERT
CERT
•added 2008/06/11 12:0 a.m.•43 views

Citect CitectSCADA ODBC service buffer overflow

Overview Citect CitectSCADA contains a remotely accessible buffer overflow vulnerability which may allow a remote attacker to execute arbitrary code. Description Citect CitectSCADA is software used for monitoring and control in Supervisory Control And Data Acquisition SCADA systems. A buffer...

7.6CVSS8.1AI score0.77717EPSS
Exploits12References19
CERT
CERT
•added 2008/02/14 12:0 a.m.•43 views

Apache mod_jk2 host header buffer overflow

Overview A vulnerability exists in the legacy version of the modjk2 Apache module. If successfully exploited, the vulnerability may allow an attacker to run arbitrary code on affected system. Description The host header field allows HTTP 1.1 RFC 2616 compliant servers to host multiple domains usi...

7.5CVSS7.8AI score0.40847EPSS
Exploits0References4
CERT
CERT
•added 2008/02/11 12:0 a.m.•43 views

Mozilla products may allow directory traversal

Overview A vulnerability exists in the way Mozilla products with certain extensions handle chrome: URIs that may allow directory traversal. Description Mozilla extensions are small add-ons that can be integrated with Mozilla products to provide added functionality. Mozilla products contain a...

4.3CVSS9AI score0.08633EPSS
Exploits0References4
CERT
CERT
•added 2008/02/06 12:0 a.m.•43 views

KAME project IPv6 IPComp header denial of service vulnerability

Overview The KAME project's IPv6 implementation does not properly process IPv6 packets that contain the IPComp header. If exploited, this vulnerability may allow an attacker to cause a vulnerable system to crash. Description Per RFC 3173:IP payload compression is a protocol to reduce the size of ...

7.8CVSS5.8AI score0.15542EPSS
Exploits6References8
CERT
CERT
•added 2008/01/03 12:0 a.m.•43 views

OpenSSL FIPS Object Module fails to properly generate random seeds

Overview The OpenSSL FIPS Module fails to perform auto-seeding, which may allow an attacker to predict pseudo-randomly generated data. Description OpenSSL is a toolkit that provides SSL and TLS protocols as well as a general purpose cryptography library. The OpenSSL FIPS Object Module provides an...

6.4CVSS5.8AI score0.02312EPSS
Exploits0References8
CERT
CERT
•added 2007/12/04 12:0 a.m.•43 views

Mortbay Jetty Dump Servlet vulnerable to cross-site scripting

Overview The Mortbay Jetty Dump Servlet contains a cross-site scripting vulnerability. Description Mortbay Jetty is a web server that is written in Java. The Dump Servlet that is included with Jetty is vulnerable to cross-site scripting. Note that according to the vendor, the Dump Servlet is for...

4.3CVSS6.9AI score0.02893EPSS
Exploits0References3
CERT
CERT
•added 2007/08/01 12:0 a.m.•43 views

RSA key reconstruction vulnerability

Overview Various implementations of RSA may contain a vulnerability that could allow an attacker to retrieve encryption keys. Description Some implementations of RSA may contain a vulnerability that could allow a local attacker to retrieve encryption keys. OpenSSL is a widely used open source...

1.2CVSS7AI score0.00409EPSS
Exploits1References4
CERT
CERT
•added 2007/07/22 12:0 a.m.•44 views

Apache Tomcat SendMailServlet example vulnerable to cross-site scripting via FROM field

Overview The example SendMailServlet page that comes with Apache Tomcat is vulnerable to cross-site scripting via the "From" field. Description Apache Tomcat is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat includes a sample page called SendMailServlet,...

4.3CVSS6.1AI score0.09479EPSS
Exploits0References2
CERT
CERT
•added 2007/04/17 12:0 a.m.•43 views

Akamai Download Manager ActiveX control buffer overflow

Overview The Akamai Download Manager ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Akamai Download Manager is software designed to enhance the ability to download content. The Akamai...

9.3CVSS6.9AI score0.06772EPSS
Exploits0References5
CERT
CERT
•added 2007/04/03 12:0 a.m.•43 views

MIT Kerberos 5 GSS-API library double-free vulnerability

Overview The GSS-API library provided with MIT krb5 contains a vulnerability that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability in the way the GSS-API library provided with MIT krb5 handles messages with an invalid...

9CVSS9.4AI score0.09878EPSS
Exploits0References8
CERT
CERT
•added 2007/04/03 12:0 a.m.•43 views

MIT Kerberos 5 administration daemon stack overflow in krb5_klog_syslog()

Overview The Kerberos administration daemon contains a buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the krb5klogsyslog function used by the Kerberos administration daemon handl...

9CVSS9.7AI score0.10327EPSS
Exploits1References13
CERT
CERT
•added 2007/03/14 12:0 a.m.•43 views

Apple Mac OS X ImageIO memory corruption vulnerability

Overview Apple's ImageIO framework contains an memory corruption vulnerability that may allow an attacker to execute code on a vulnerable system. Description The RAW Image file format is a popular image format supported by many Apple Mac OS X applications. The ImageIO framework allows application...

9.3CVSS8.3AI score0.07258EPSS
Exploits0References4
CERT
CERT
•added 2007/02/25 12:0 a.m.•43 views

Mozilla Firefox SVG viewer vulnerable to integer overflow

Overview The Mozilla SVG viewer contains an integer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code, or create a denial-of-service condition. Description Scalable Vector Graphics SVG is an XML markup language for describing and displaying animated or...

9.3CVSS9.6AI score0.06736EPSS
Exploits0References29
CERT
CERT
•added 2007/01/09 12:0 a.m.•43 views

Sun Java JRE vulnerable to arbitrary code execution via an unspecified error

Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...

9.3CVSS7.6AI score0.03632EPSS
Exploits0References8
CERT
CERT
•added 2006/07/20 12:0 a.m.•43 views

Microsoft Server Service may disclose information used to store SMB traffic

Overview A vulnerability in the Microsoft Server service may allow an attacker to view fragments of memory used to store SMB traffic. Description Microsoft Server Service The Microsoft Server service supports file, print, and named-pipe sharing over the network. Server Message Block Server Messag...

5CVSS6.3AI score0.49031EPSS
Exploits0References1
CERT
CERT
•added 2006/04/17 12:0 a.m.•43 views

Mozilla products vulnerable to memory corruption via large regular expression in JavaScript

Overview A vulnerability in the way the JavaScript engine of Mozilla products and derivative programs handles a large regular expression could allow a remote attacker to crash the application or execute arbitrary code on a vulnerable system. Description A regular expression is a special text stri...

9.3CVSS7.2AI score0.04801EPSS
Exploits0References1
CERT
CERT
•added 2005/12/02 12:0 a.m.•43 views

Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities

Overview Multiple vulnerabilities in the Sun Java Reflection API may allow an untrusted Java applet to bypass security restrictions and execute arbitrary code. Description The Sun Java Reflection API allows Java classes to determine information about other Java classes, such as public methods...

7.5CVSS7.3AI score0.05168EPSS
Exploits0References4
CERT
CERT
•added 2005/10/05 12:0 a.m.•43 views

Ruby safe-level security model bypass

Overview Ruby contains a vulnerability that may allow arbitrary code to be run without the intended safe-level checks being applied. Description Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: taint flagging and safe levels. Safe levels...

7.5CVSS6.2AI score0.03256EPSS
Exploits0References4
CERT
CERT
•added 2005/06/14 12:0 a.m.•43 views

Microsoft Outlook Web Access vulnerable to cross-site scripting

Overview Microsoft Outlook Web Access may be vulnerable to cross-site scripting attacks. Description Microsoft Outlook Web Access OWA allows users to access their email accounts on a Microsoft Exchange server from another host through a web browser.Microsoft Outlook Web Access for Exchange Server...

4.3CVSS6.2AI score0.14217EPSS
Exploits0References2
CERT
CERT
•added 2005/04/12 12:0 a.m.•43 views

Microsoft Windows opens OLE2 documents using a program specified internally by the document

Overview Microsoft Windows may allow remote code execution through specially crafted OLE2 documents. Description Microsoft object linking and embedding OLE is a technology that allows applications to create and edit compound documents. Compound documents can contain embedded documents or links to...

7.5CVSS6.9AI score0.51684EPSS
Exploits0References4
CERT
CERT
•added 2005/03/29 12:0 a.m.•43 views

Multiple Telnet clients fail to properly handle the "LINEMODE" SLC suboption

Overview Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. Description The Telnet network protocol is described in RFC854 and RFC855 as a general, bi-directional communications facility. The Telnet protoco...

7.5CVSS9.7AI score0.08635EPSS
Exploits0References6
CERT
CERT
•added 2005/01/05 12:0 a.m.•43 views

Konqueror fails to restrict access to Java classes

Overview The Konqueror web browser may allow Java applets and JavaScripts to bypass the Java security settings and access restricted Java classes. Exploitation may allow a remote attacker to read and write arbitrary files on a vulnerable system. Description Konqueror is a web browser and file...

5CVSS5.8AI score0.0413EPSS
Exploits0References4
CERT
CERT
•added 2004/10/01 12:0 a.m.•43 views

GdkPixbuf BMP parser may enter an infinite loop

Overview A vulnerability exists in the BMP handling of GdkPixbuf. This vulnerability can lead to a denial-of-service condition. Description GdkPixbuf is a library used by GTK+ 2 for loading and rendering images. GTK+ is a multi-platform toolkit for creating graphical user interfaces. It is used b...

7.7AI score
Exploits0References4
CERT
CERT
•added 2004/08/27 12:0 a.m.•43 views

tcpdump contains integer underflow vulnerability in ISAKMP "Identification Payload" handling

Overview A vulnerability in tcpdump could allow a remote attacker to cause a denial of service on an affected system. Description The tcpdump tool allows for the inspection of network packets and contains decoders for many standard protocols, including the Internet Security Association and Key...

7.6AI score
Exploits0References3
CERT
CERT
•added 2004/08/03 12:0 a.m.•43 views

BlackJumboDog contains buffer overflow vulnerability

Overview BlackJumboDog fails to verify the length of several FTP commands, creating a buffer overflow vulnerability. Exploitation of this vulnerability may result in code execution on the target system with privileges of the FTP service. Description BlackJumboDog is a multi-function server for...

8.3AI score
Exploits0References2
CERT
CERT
•added 2004/03/25 12:0 a.m.•43 views

Ethereal fails to properly decode Transaction IDs within TCAP packets

Overview Ethereal contains a vulnerability in the way the Transaction Capabilities Application Part TCAP protocol dissector parses ASN.1 encoded Transaction IDs within TCAP packets. Description Ethereal is a network traffic analysis package. It includes the ability to decode packets containing TC...

5CVSS7.9AI score0.67092EPSS
Exploits0References4
CERT
CERT
•added 2004/03/09 12:0 a.m.•43 views

Libxml2 URI parsing errors in nanohttp and nanoftp

Overview Libxml is the XML parser for Gnome, a desktop suite and development platform for Linux systems. Libxml2, the latest version of the library as of this writing, has a buffer overflow vulnerability which may allow execution of arbitrary code. Description Gnome, a desktop suite and developme...

7.2AI score
Exploits0References10
CERT
CERT
•added 2003/08/20 12:0 a.m.•43 views

Nokia Gateway GPRS support node vulnerable to DoS

Overview A vulnerability in the Nokia Gateway GPRS support node GGSN may allow a remote attacker to cause a denial of service. Description A vulnerability in the GGSN may allow a remote attacker to restart the device. For technical details, please see the @stake Security Advisory Nokia GGSN IP650...

5CVSS6.5AI score0.02008EPSS
Exploits0References7
CERT
CERT
•added 2003/07/28 12:0 a.m.•43 views

Cisco Aironet AP1100 fails to provide universal login error messages thereby disclosing validity of user account

Overview A vulnerability in the Cisco Aironet 1100 Series Access Point may allow a remote attacker to discover valid accounts on the access point. Description Cisco describes the Aironet 1100 Series Access Point as, "an affordable and upgradable 802.11b wireless LAN WLAN solution, setting the...

5CVSS6.6AI score0.03202EPSS
Exploits0References5
Total number of security vulnerabilities3704