Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2003/03/18 12:0 a.m.43 views

MySQL allows default user to be changed to root via custom "my.cnf" file

Overview MySQL reads configuration options from world-writeable files. This can lead to a remote user gaining elevated privileges. Description A message posted to the bugtraq mailing list details a vulnerability affecting versions of MySQL prior to 3.23.56. MySQL would permit users with 'FILE'...

9CVSS5.8AI score0.44831EPSS
Exploits4References1
CERT
CERT
added 2002/09/27 12:0 a.m.43 views

Microsoft Word does not check for macros contained in linked template file when opening RTF document

Overview There is a vulnerability caused by a failure to detect macros embedded in templates used by rich text format documents opened in Microsoft Word. This vulnerability may allow the author of a malicious document to execute arbitrary commands as the user who opens the document. Description...

4.6CVSS7.1AI score0.01432EPSS
Exploits0References2
CERT
CERT
added 2002/06/27 12:0 a.m.43 views

Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows

Overview Buffer overflow vulnerabilities exists in the DNS stub resolver library used by BSD, ISC BIND, and GNU glibc. Other systems that use DNS resolver code derived from ISC BIND may also be affected. An attacker who is able to control DNS responses could exploit arbitrary code or cause a deni...

7.5CVSS9.7AI score0.13476EPSS
Exploits0References7
CERT
CERT
added 2002/04/10 12:0 a.m.43 views

Microsoft Internet Information Server (IIS) 4.0 and 5.0 buffer overflow in chunked encoding transfer mechanism for ASP

Overview A buffer overflow vulnerability in IIS 4.0 and 5.0 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the ASP ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to a web...

7.5CVSS7.5AI score0.71195EPSS
Exploits4References5
CERT
CERT
added 2001/10/09 12:0 a.m.43 views

diffutils sdiff creates temporary files insecurely

Overview diffutils, a set of utilities distributed with many versions of linux, contains a utility called sdiff, which creates temporary files of predictable names in an insecure fashion. Using a symbolic link attack, an intruder can cause overwrite of any file writable by the user executing sdif...

1.2CVSS6.2AI score0.00373EPSS
Exploits0References5
CERT
CERT
added 2001/09/18 12:0 a.m.43 views

Microsoft IIS vulnerable to DoS via invalid request for very long WebDAV requests

Overview Intruders can disrupt the normal operation of an IIS 5.0 server using a malicious Web Distributed Authoring and Versioning WebDAV request. Description WebDAV is an extension to HTTP used to manage content on web servers. Quoting from RFC 2518: WebDAV is an extension to the HTTP/1.1...

5CVSS6.3AI score0.25205EPSS
Exploits1References3
CERT
CERT
added 2001/07/24 12:0 a.m.43 views

Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options

Overview The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. Description There is a remotely...

10CVSS8AI score0.37896EPSS
Exploits2References3
CERT
CERT
added 2001/06/28 12:0 a.m.43 views

Microsoft Frontpage Server Remote Application Deployment (RAD) component vulnerable to buffer overflow via malformed packet sent to server component

Overview Microsoft Frontpage Server Remote Application Deployment RAD component contains an unchecked buffer which can allow an intruder to execute arbitrary code with the privileges of IUSRmachinename or system. Description A buffer overflow in the Microsoft Frontpage Server Remote Application...

7.5CVSS7.5AI score0.45109EPSS
Exploits1References3
CERT
CERT
added 2001/05/21 12:0 a.m.43 views

gpm-root fails to correctly release GID 0 membership for user defined menus

Overview gpm-root does not properly drop group privileges. Local users can gain group privileges by starting a utility from gpm-root. The gpm package is usually included in Linux distributions, and can be started from the command line or in the startup script /etc/rc.d/rc.local. Description gpm...

7.2CVSS7.1AI score0.00805EPSS
Exploits0References3
CERT
CERT
added 2000/10/31 12:0 a.m.43 views

HHOpen ActiveX Control buffer overflow in OpenHelp method

Overview Description The HHOpen ActiveX control hhopen.ocx has a buffer overflow in the OpenHelp method. Because the control is marked safe-for-scripting, an attacker may be able to script this control and exploit the vulnerability when you visit a web page.The classID for the vulnerable control...

10CVSS7.3AI score0.24429EPSS
Exploits0References3
CERT
CERT
added 2022/04/28 12:0 a.m.42 views

Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

Overview Prior to version 5.14, Qt hard-codes the qtprfxpath value to a fixed value, which may lead to privilege escalation vulnerabilities in Windows software that uses Qt. Description Prior to version 5.14, Qt hard-codes the qtprfxpath value to a value that reflects the path where Qt exists on...

8.2CVSS8.6AI score0.00402EPSS
Exploits1References3
CERT
CERT
added 2021/05/25 12:0 a.m.42 views

Checkbox Survey insecurely deserializes ASP.NET View State data

Overview Checkbox Survey prior to version 7.0 insecurely deserializes ASP.NET View State data, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable server. Description CVE-2021-27852 Checkbox Survey insecurely deserializes ASP.NET View State data. Checkbox...

9.8CVSS9.8AI score0.31946EPSS
Exploits0References4
CERT
CERT
added 2016/12/06 12:0 a.m.42 views

Sungard eTRAKiT3 may be vulnerable to SQL injection

Overview According to the reporter, the Sungard eTRAKiT3 software version 3.2.1.17 may be vulnerable to SQL injection which may allow a remote unauthenticated attacker to run a subset of SQL commands against the back-end database. Description CWE-89: Improper Neutralization of Special Elements us...

9.8CVSS9.7AI score0.11769EPSS
Exploits2References1
CERT
CERT
added 2016/10/25 12:0 a.m.42 views

iTrack Easy contains multiple vulnerabilities

Overview iTrack Easy contains multiple vulnerabilities including sensitive information exposure and missing authentication. Description CWE-200: Information Exposure - CVE-2016-6542The iTrack device tracking ID number is the device's BLE MAC address. It can be obtained by being in range of the...

9.8CVSS6.7AI score0.03435EPSS
Exploits1References2
CERT
CERT
added 2015/02/27 12:0 a.m.42 views

Multiple Toshiba products are vulnerable to trusted service path privilege escalation

Overview Bluetooth Stack for Windows by Toshiba and TOSHIBA Service Station contain a trusted service path privilege escalation vulnerability. Description CWE-428: Unquoted Search Path or Element Bluetooth Stack for Windows by Toshiba versions 9.10.27T and earlier, as well as TOSHIBA Service...

6.9CVSS9.3AI score0.00382EPSS
Exploits0References4
CERT
CERT
added 2015/02/23 12:0 a.m.42 views

Adtrustmedia PrivDog fails to validate SSL certificates

Overview Adtrustmedia PrivDog fails to validate SSL certificates, making systems broadly vulnerable to HTTPS spoofing. Description Adtrustmedia PrivDog is a Windows application that advertises "... safer, faster and more private web browsing." Privdog installs a Man-in-the-Middle MITM proxy as we...

7.2AI score
Exploits0References9
CERT
CERT
added 2014/12/05 12:0 a.m.42 views

Zenoss Core contains multiple vulnerabilities

Overview The Zenoss Core application, server, and network management platform software contains multiple vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code. Description The Zenoss Core application, server, and network management platform software...

9.3CVSS8.4AI score0.19683EPSS
Exploits0References1
CERT
CERT
added 2014/08/07 12:0 a.m.42 views

Cobham SATCOM products' web interface contains a weak password recovery vulnerability

Overview Some Cobham products have a web interface that contains a weak password recovery mechanism for the administrator account. Description CWE-640: Weak Password Recovery Mechanism for Forgotten Password IOActive has reported that Cobham SAILOR 900 VSAT, SAILOR FleetBroadBand 150/250/500,...

7.8CVSS6.9AI score0.01882EPSS
Exploits0References6
CERT
CERT
added 2014/08/07 12:0 a.m.42 views

Cobham Aviator satellite terminals contain multiple vulnerabilities

Overview Cobham Aviator 700D and 700E satellite terminals contain multiple vulnerabilities. Description Cobham Aviator 700D and 700E satellite communication terminals contain the following vulnerabilities:CWE-327:Use of a Broken or Risky Cryptographic Algorithm - CVE-2014-2942 Please note that th...

7.2CVSS6.8AI score0.00486EPSS
Exploits0References3
CERT
CERT
added 2014/05/07 12:0 a.m.42 views

Caldera 9.20 contains multiple vulnerabilities

Overview Caldera 9.20, and possibly earlier versions, contains multiple vulnerabilities. Description CWE-22 - Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2014-2933Caldera 9.20 and possibly earlier versions contains a path traversal vulnerability due to the...

10CVSS8.2AI score0.04373EPSS
Exploits2References2
CERT
CERT
added 2014/02/25 12:0 a.m.42 views

libpng denial-of-service vulnerability

Overview libpng versions 1.6.0 through 1.6.9 contain a denial-of-service vulnerability. Description CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' - CVE-2014-0333Glenn Randers Pehrson of the PNG Development Group reports: The progressive decoder in libpng16 enters an infinite loop,...

5CVSS9.2AI score0.03321EPSS
Exploits1References2
CERT
CERT
added 2014/02/11 12:0 a.m.42 views

DELL SonicWALL GMS/Analyzer/UMA contains a cross-site scripting (XSS) vulnerability

Overview DELL SonicWALL GMS/Analyzer/UMA version 7.1, and possibly earlier versions, contains a cross-site scripting XSS vulnerability. CWE-79 Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' DELL SonicWALL GMS/Analyzer/UMA version 7.1 contain...

4.3CVSS6.1AI score0.02761EPSS
Exploits1References3
CERT
CERT
added 2011/12/09 12:0 a.m.42 views

Power2Go buffer overflow vulnerability

Overview Power2Go 8 contains a buffer overflow in the handling of project .p2g files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description According to CyberLink's website, "Power2Go 8 features all the tools you need to easily copy all...

8.8AI score
Exploits0References1
CERT
CERT
added 2011/07/19 12:0 a.m.42 views

Oracle Outside In CorelDRAW file parser stack buffer overflow

Overview Oracle Outside In contains a stack buffer overflow in the CorelDRAW parser, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of libraries that can decode over 500 different file formats. Originally...

4.4CVSS7.7AI score0.31114EPSS
Exploits4References5
CERT
CERT
added 2011/06/22 12:0 a.m.42 views

LibreOffice 3.3 'Lotus Word Pro' document import filter contains multiple vulnerabilities

Overview LibreOffice 3.3.2 includes a feature to import 'Lotus Word Pro' .lwp documents. This import filter contains multiple vulnerabilities. CERT/CC has confirmed that code execution is possible by exploiting a stack buffer overflow. Description LibreOffice 3.3.2, 3.3.1, and possibly earlier...

9.3CVSS7.1AI score0.07042EPSS
Exploits0References4
CERT
CERT
added 2010/12/13 12:0 a.m.42 views

Exim alternate configuration privilege escalation vulnerability

Overview A vulnerability in the way that the Exim mail server handles configuration files may allow a local attacker to gain escalated privileges on an affected system. Description Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to t...

7.8CVSS7.9AI score0.17794EPSS
Exploits4References5
CERT
CERT
added 2010/08/24 12:0 a.m.42 views

Ghostscript Heap Corruption in TrueType bytecode interpreter

Overview The TrueType bytecode interpreter which is a part of Ghostscript is prone to heap corruption. Description Ghostscript includes a TrueType bytecode interpreter which is prone to an off by one bug which causes heap corruption. Further details can be found in the Ghostscript Bug 691044,...

9.3CVSS6.8AI score0.06755EPSS
Exploits0References3
CERT
CERT
added 2010/08/10 12:0 a.m.42 views

Adobe Flash 10.1 ActionScript AVM1 ActionPush vulnerability

Overview Adobe Flash contains a vulnerability in the handling of the ActionScript, AVM1 ActionPush command, which can allow a remote, unauthenticated attacker to execute arbitrary code. Description Adobe Flash supports two main types of ActionScript, which is the scripting language for Flash...

9.3CVSS8.6AI score0.0459EPSS
Exploits0References5
CERT
CERT
added 2010/01/05 12:0 a.m.42 views

Liferay Portal p_p_id parameter vulnerable to persistent cross-site scripting

Overview Liferay Portal is vulnerable to persistent cross-site scripting via the ppid parameter, which can allow a remote, unauthenticated attacker to execute arbitrary script in the context of the portal administrator. Description Liferay Portal is a web portal that can provide Java applets that...

4.3CVSS6.5AI score0.01072EPSS
Exploits0References2
CERT
CERT
added 2008/09/05 12:0 a.m.42 views

NetBSD malformed ICMPv6 MLD-QUERY denial of service

Overview NetBSD fails to properly handle ICMPv6 MLD query packets, which can allow a remote, unauthenticated attacker to cause a denial of service. Description ICMPv6, which is defined in RFC 4443, is a version of the ICMP protocol for IPv6. Multicast Listener Discovery MLD for IPv6, which is...

7.1CVSS6.3AI score0.0243EPSS
Exploits2References5
CERT
CERT
added 2008/05/06 12:0 a.m.42 views

Wonderware SuiteLink null pointer dereference

Overview A vulnerability in the way Wonderware SuiteLink handles malformed TCP packets could result in a denial of service. Description Wonderware SuiteLink is a protocol based on TCP/IP that runs as a service listening for connections on port 5413/tcp on Microsoft Windows operating systems. A...

5CVSS6.4AI score0.1632EPSS
Exploits7References8
CERT
CERT
added 2008/03/25 12:0 a.m.42 views

Adobe Flash Player may load arbitrary, malformed cross-domain policy files

Overview Adobe Flash Player may load arbitrary, malformed cross-domain policy files. This could allow an attacker to control cross-domain data loading, potentially allowing the attacker to gain access to sensitive information or to manipulate content in other domains. Description Adobe Flash Play...

9.3CVSS5.6AI score0.08467EPSS
Exploits1References6
CERT
CERT
added 2008/03/18 12:0 a.m.42 views

MIT Kerberos contains array overrun in RPC library used by kadmind

Overview Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. Description The MIT krb5 Kerberos implementation includes a GSS RPC library used in the Kerberos administration server kadmind. Two flaws exist ...

9.8AI score
Exploits0References1
CERT
CERT
added 2008/03/15 12:0 a.m.42 views

UltraVNC buffer overflow vulnerability

Overview UltraVNC viewer contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute arbitrary code. Description UltraVNC viewer is a remote desktop application that allows a user to control compatible VNC servers. The UltraVNC viewer includes a...

9.3CVSS7.2AI score0.38757EPSS
Exploits7References6
CERT
CERT
added 2007/09/06 12:0 a.m.42 views

Earth Resource Mapping NCSView ActiveX control stack buffer overflows

Overview The Earth Resource Mapping NCSView ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Earth Resource Mapping NCSView ActiveX control, which is provided by...

9.3CVSS7.3AI score0.06628EPSS
Exploits0References4
CERT
CERT
added 2007/08/14 12:0 a.m.42 views

Microsoft XML Core Services XMLDOM substringData() buffer overflow

Overview Microsoft XML Core Services contains an unspecified memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft XML Core Services MSXML allow developers who use JScript, Visual Basic Scripting...

9.3CVSS6.9AI score0.48722EPSS
Exploits1References6
CERT
CERT
added 2007/06/26 12:0 a.m.42 views

MIT Kerberos kadmind RPC library gssrpc__svcauth_gssapi() uninitialized pointer free vulnerability

Overview The MIT Kerberos administration daemon kadmind can free an uninitialized pointer, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description The gssrpcsvcauthgssapi function used by the Kerberos administration daemon can free an...

10CVSS10AI score0.11376EPSS
Exploits1References6
CERT
CERT
added 2007/05/08 12:0 a.m.42 views

Microsoft Office drawing object vulnerability

Overview Microsoft Office fails to properly handle malformed drawing objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Office fails to properly handle malformed drawing objects embedded within Office documents. By convincing ...

9.3CVSS6.9AI score0.31562EPSS
Exploits0References1
CERT
CERT
added 2007/03/07 12:0 a.m.42 views

Mozilla Network Security Services (NSS) fails to properly handle the client master key

Overview A vulnerability in the way Mozilla Network Security Services NSS handles the client master key may lead to execution of arbitrary code. Description The SSLv2 protocol uses a client master key to generate all subsequent session keys. The validity of the client master key is determined...

6.8CVSS9.9AI score0.5036EPSS
Exploits0References30
CERT
CERT
added 2007/02/23 12:0 a.m.42 views

Mozilla JavaScript engine vulnerable to memory corruption

Overview The Mozilla JavaScript engine contains multiple memory corruption vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, or create a denial of service condition. Description The Mozilla Foundation supports several Open Source projects, including the...

9.3CVSS9.9AI score0.07558EPSS
Exploits0References25
CERT
CERT
added 2007/02/14 12:0 a.m.42 views

Microsoft MFC component vulnerable to remote code execution via malformed embedded OLE object

Overview A memory corruption vulnerability exists in the MFC component that is provided with Microsoft Windows and Visual Studio Description The Microsoft Foundation Class Library MFC, is a Microsoft library that wraps parts of the Windows API in C++ classes. MFC is included in Microsoft Visual...

9.3CVSS7.2AI score0.36509EPSS
Exploits0References10
CERT
CERT
added 2006/10/10 12:0 a.m.42 views

Microsoft PowerPoint fails to properly handle malformed object pointers

Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed object pointers, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoi...

9.3CVSS6.8AI score0.3634EPSS
Exploits0References3
CERT
CERT
added 2006/09/20 12:0 a.m.42 views

SISCO OSI stack fails to properly validate packets

Overview A vulnerability exists in the SISCO OSI stack for Windows. If successfully exploited, an attacker could cause a denial-of-service condition. Description Inter-control Center Communications Protocol ICCP The Inter-control Center Communications Protocol ICCP is a protocol that is used to...

7.8CVSS6.5AI score0.03842EPSS
Exploits0References3
CERT
CERT
added 2006/09/19 12:0 a.m.42 views

gzip contains an infinite loop vulnerability in its LZH handling

Overview The gzip program contains a infinite loop vulnerability that may allow an attacker to create a denial-of-service condition. Description The gzip program is used to compress and decompress archived files. A infinite loop vulnerability exists in the way gzip handles certain files. An...

5CVSS6.3AI score0.03607EPSS
Exploits1References2
CERT
CERT
added 2006/09/05 12:0 a.m.42 views

BIND vulnerable to an assertion failure when querying for SIG records

Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A flaw exists in the...

7.7AI score
Exploits0References4
CERT
CERT
added 2006/08/21 12:0 a.m.42 views

Xsan Filesystem fails to properly process path names

Overview A buffer overflow vulnerability in Apple's Xsan product may allow a local attacker to run arbitrary code with root privileges or create a denial-of-service condition. Description Xsan FilesystemXsan is a Storage Area Network SAN filesystem designed for use by Apple OS X and OS X Server...

4.6CVSS7.3AI score0.00489EPSS
Exploits0References2
CERT
CERT
added 2006/08/08 12:0 a.m.42 views

Microsoft Internet Explorer fails to properly interpret layout positioning

Overview Microsoft Internet Explorer fails to properly handle certain combinations of layout positioning. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the handling of certain combinations of...

7.5CVSS6.9AI score0.41112EPSS
Exploits0References4
CERT
CERT
added 2006/07/27 12:0 a.m.42 views

Mozilla products VCard attachment buffer overflow

Overview Mozilla products fail to properly handle malformed VCard attachments, which allows a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-49:A VCard...

5CVSS7.4AI score0.03245EPSS
Exploits0References3
CERT
CERT
added 2006/07/11 12:0 a.m.42 views

Juniper JUNOS IPv6 denial-of-service vulnerability

Overview Juniper JUNOS Internet Software contains a vulnerability in IPv6 handling that could allow a remote attacker to cause a denial of service. Description Juniper router operating system software JUNOS does not properly free memory allocated for certain IPv6 packets. If a fixed amount of...

5CVSS6.5AI score0.04241EPSS
Exploits0References3
CERT
CERT
added 2006/06/09 12:0 a.m.42 views

Linux Kernel may fail to properly handle SNMP packets

Overview A memory freeing vulnerability in the Linux kernel module ipnatsnmpbasic can be exploited to create a denial-of-service condition. Description ipnatsnmpbasic The ipnatsnmpbasic IP NAT module is intended for use with SNMP network discovery and monitoring applications where target networks...

7.8CVSS7AI score0.20561EPSS
Exploits5References3
Total number of security vulnerabilities3704