Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
added 2001/01/29 12:0 a.m.42 views

ISC BIND 8 contains buffer overflow in transaction signature (TSIG) handling code

Overview The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS by the Internet Software Consortium ISC. There is a buffer overflow vulnerability in BIND 8.2.x, which may allow remote intruders to gain access to systems running BIND. DNS servers running BIND 8 a...

10CVSS7.7AI score0.31624EPSS
Exploits0References6
CERT
CERT
added 2001/01/28 12:0 a.m.42 views

BIND T_NXT record processing may cause buffer overflow

Overview A vulnerability in BIND, repaired in verison 8.2.2p5, allows remote attackers to execute code with the privileges of the process running named. This vulnerability was widely exploited from November 1999 to December 2000. Description There is a buffer overflow in the processing of NXT...

7.5CVSS7.8AI score0.02141EPSS
Exploits0References5
CERT
CERT
added 2001/01/28 12:0 a.m.42 views

phf CGI Script fails to guard against newline characters

Overview This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. Description The phf CGI script constructs a partial command line consisting of the ph command and appropriate arguments, and completes the command line based on the input fro...

10CVSS6.8AI score0.86871EPSS
Exploits0References4
CERT
CERT
added 2000/10/31 12:0 a.m.42 views

HHOpen ActiveX Control buffer overflow in OpenHelp method

Overview Description The HHOpen ActiveX control hhopen.ocx has a buffer overflow in the OpenHelp method. Because the control is marked safe-for-scripting, an attacker may be able to script this control and exploit the vulnerability when you visit a web page.The classID for the vulnerable control...

10CVSS7.3AI score0.24429EPSS
Exploits0References3
CERT
CERT
added 2024/04/16 12:0 a.m.41 views

Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models

Overview Lambda Layers in third party TensorFlow-based Keras models allow attackers to inject arbitrary code into versions built prior to Keras 2.13 that may then unsafely run with the same permissions as the running application. For example, an attacker could use this feature to trojanize a...

9.8CVSS9.7AI score0.01745EPSS
Exploits1References6
CERT
CERT
added 2022/04/28 12:0 a.m.41 views

Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

Overview Prior to version 5.14, Qt hard-codes the qtprfxpath value to a fixed value, which may lead to privilege escalation vulnerabilities in Windows software that uses Qt. Description Prior to version 5.14, Qt hard-codes the qtprfxpath value to a value that reflects the path where Qt exists on...

8.2CVSS8.6AI score0.00402EPSS
Exploits1References3
CERT
CERT
added 2017/04/25 12:0 a.m.41 views

Portrait Displays SDK applications are vulnerable to arbitrary code execution and privilege escalation

Overview Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. Description CWE-276: Incorrect Default Permissions - CVE-2017-3210A number of applications developed using the Portrait Displays SDK...

7.8CVSS7.8AI score0.00909EPSS
Exploits2References3
CERT
CERT
added 2016/10/25 12:0 a.m.41 views

TrackR Bravo contains multiple vulnerabilities

Overview TrackR Bravo contains multiple vulnerabilities including sensitive information exposure and missing authentication. Description CWE-313:Cleartext Storage in a File or on Disk - CVE-2016-6538The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in...

8.8CVSS6.8AI score0.01286EPSS
Exploits2References2
CERT
CERT
added 2015/12/10 12:0 a.m.41 views

ReadyNet WRT300N-DD Wireless Router contains multiple vulnerabilities

Overview ReadyNet WRT300N-DD Wireless Router, firmware version 1.0.26, uses default credentials, is vulnerable to cross-site request forgery, and uses insufficiently random values for DNS queries. Description CWE-255: Credentials Management - CVE-2015-7280The ReadyNet WRT300N-DD Wireless Router...

10CVSS8.3AI score0.02431EPSS
Exploits0References1
CERT
CERT
added 2014/10/08 12:0 a.m.41 views

IBM WebSphere Application Server contains multiple vulnerabilities

Overview IBM WebSphere Application Server, including the Hypervisor Edition, contains cross-site scripting and cross-site request forgery vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-4770IBM WebSphere Applicatio...

6CVSS5.4AI score0.01932EPSS
Exploits0References3
CERT
CERT
added 2014/07/07 12:0 a.m.41 views

AVG Safeguard and Secure Search ActiveX controls provides insecure methods

Overview The AVG Secure Search toolbar, also known as AVG Safeguard includes an ActiveX control that provides a number of unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. Description AVG Secure Search is a toolbar add-on...

9.3CVSS6.5AI score0.04166EPSS
Exploits0References8
CERT
CERT
added 2014/02/11 12:0 a.m.41 views

DELL SonicWALL GMS/Analyzer/UMA contains a cross-site scripting (XSS) vulnerability

Overview DELL SonicWALL GMS/Analyzer/UMA version 7.1, and possibly earlier versions, contains a cross-site scripting XSS vulnerability. CWE-79 Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' DELL SonicWALL GMS/Analyzer/UMA version 7.1 contain...

4.3CVSS6.1AI score0.02761EPSS
Exploits1References3
CERT
CERT
added 2013/08/26 12:0 a.m.41 views

Real Media Player filename handler stack buffer overflow vulnerability

Overview Real Media Player fails to parse filenames correctly, which may allow a remote, unauthenticated attacker to execute arbitrary code in the context of the logged in user. Description CWE-121: Stack-based Buffer Overflow - CVE-2013-4973Real Media Player versions prior to version 16.0.3.51 a...

9.3CVSS8AI score0.06063EPSS
Exploits1References2
CERT
CERT
added 2012/11/14 12:0 a.m.41 views

Dell OpenManage Server Administrator contains a cross-site scripting vulnerability

Overview Dell OpenManage Server Administrator version 7.1 and earlier contains a cross-site scripting vulnerability. Description Dell OpenManage Server Administrator version 7.1 and earlier contains a cross-site scripting vulnerability CWE-79. --- Impact A remote attacker may be able to execute...

4.3CVSS6.3AI score0.02469EPSS
Exploits0References4
CERT
CERT
added 2011/05/25 12:0 a.m.41 views

Erlang/OTP SSH library uses a weak random number generator

Overview The Erlang/OTP SSH library's random number generator is not cryptographically strong because it relies on predictable seed material. Description Geoff Cant's report states:The Erlang/OTP ssh library implements a number of cryptographic operations that depend on cryptographically strong...

7.8CVSS7.3AI score0.03046EPSS
Exploits1References3
CERT
CERT
added 2011/04/05 12:0 a.m.41 views

NetGear WNAP210 remote password disclosure and password bypass vulnerability

Overview NetGear WNAP210 is vulnerable to remote administrator password disclosure and administrative web page login bypass. Description Netgear's ProSafe Wireless-N Access Point WNAP210 contains a vulnerability which may allow a remote unauthenticated attacker to recover the device's administrat...

7.2AI score
Exploits0References2
CERT
CERT
added 2010/12/13 12:0 a.m.41 views

Exim alternate configuration privilege escalation vulnerability

Overview A vulnerability in the way that the Exim mail server handles configuration files may allow a local attacker to gain escalated privileges on an affected system. Description Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to t...

7.8CVSS7.9AI score0.17794EPSS
Exploits4References5
CERT
CERT
added 2010/08/10 12:0 a.m.41 views

Adobe Flash 10.1 ActionScript AVM1 ActionPush vulnerability

Overview Adobe Flash contains a vulnerability in the handling of the ActionScript, AVM1 ActionPush command, which can allow a remote, unauthenticated attacker to execute arbitrary code. Description Adobe Flash supports two main types of ActionScript, which is the scripting language for Flash...

9.3CVSS8.6AI score0.0459EPSS
Exploits0References5
CERT
CERT
added 2010/03/01 12:0 a.m.41 views

Internet Explorer VBScript Windows Help arbitrary code execution

Overview Microsoft Internet Explorer is vulnerable to arbitrary code execution through the use of VBScript and Windows Help. Description Microsoft Internet Explorer supports the use of VBScript, in addition to the more widely-used JavaScript scripting language. Several VBScript commands allow a...

7.6CVSS6.3AI score0.86367EPSS
Exploits7References6
CERT
CERT
added 2009/12/09 12:0 a.m.41 views

DISA UNIX SRR scripts execute untrusted programs as root

Overview The Defense Information Systems Agency DISA UNIX Security Readiness Review SRR scripts find1 and execute -exec various programs to obtain version information. The SRR scripts are designed to be run as root. An attacker who can write a file under the root file system may be able to exploi...

9.3CVSS6.9AI score0.01691EPSS
Exploits1References5
CERT
CERT
added 2008/05/06 12:0 a.m.41 views

Wonderware SuiteLink null pointer dereference

Overview A vulnerability in the way Wonderware SuiteLink handles malformed TCP packets could result in a denial of service. Description Wonderware SuiteLink is a protocol based on TCP/IP that runs as a service listening for connections on port 5413/tcp on Microsoft Windows operating systems. A...

5CVSS6.4AI score0.1632EPSS
Exploits7References8
CERT
CERT
added 2008/03/18 12:0 a.m.41 views

MIT Kerberos contains array overrun in RPC library used by kadmind

Overview Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. Description The MIT krb5 Kerberos implementation includes a GSS RPC library used in the Kerberos administration server kadmind. Two flaws exist ...

9.8AI score
Exploits0References1
CERT
CERT
added 2007/09/06 12:0 a.m.41 views

Earth Resource Mapping NCSView ActiveX control stack buffer overflows

Overview The Earth Resource Mapping NCSView ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Earth Resource Mapping NCSView ActiveX control, which is provided by...

9.3CVSS7.3AI score0.06628EPSS
Exploits0References4
CERT
CERT
added 2007/06/26 12:0 a.m.41 views

MIT Kerberos kadmind RPC library gssrpc__svcauth_gssapi() uninitialized pointer free vulnerability

Overview The MIT Kerberos administration daemon kadmind can free an uninitialized pointer, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description The gssrpcsvcauthgssapi function used by the Kerberos administration daemon can free an...

10CVSS10AI score0.11376EPSS
Exploits1References6
CERT
CERT
added 2007/02/16 12:0 a.m.41 views

Apple iChat AIM URI handler format string vulnerability

Overview Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. Description The Apple iChat AIM URI handler fails to properly sanitize user-controlled data that is supplied to a formatted output function. This...

7.5CVSS6.6AI score0.22974EPSS
Exploits1References5
CERT
CERT
added 2006/12/20 12:0 a.m.41 views

Mozilla SVG memory corruption vulnerability

Overview Mozilla products contain a memory corruption vulnerability related to SVG processing. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Scalable Vector Graphics SVG processing code in Mozilla Firefox and SeaMonke...

9.3CVSS6.7AI score0.08604EPSS
Exploits0References14
CERT
CERT
added 2006/12/15 12:0 a.m.41 views

Symantec Veritas NetBackup bpcd daemon buffer overflow

Overview Symantec Veritas NetBackup contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon is...

10CVSS7.7AI score0.11948EPSS
Exploits0References6
CERT
CERT
added 2006/11/29 12:0 a.m.41 views

Apple Mac OS X PPP driver fails to properly validate PADI packets

Overview The Apple Mac OS X PPP driver fails to properly handle PPPoE Active Discovery Initiation PADI packets. This vulnerability may allow a remote attacker to execute arbitrary code with system privileges. Description The Apple Mac OS X PPP driver fails to properly handle PADI packets allowing...

7.5CVSS7.4AI score0.07456EPSS
Exploits2References3
CERT
CERT
added 2006/11/16 12:0 a.m.41 views

Sky Software FileView ActiveX control buffer overflow vulnerability

Overview The Sky Software FileView ActiveX control contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Sky Software FileView object is an ActiveX control that is provided with several...

7.1AI score
Exploits0References4
CERT
CERT
added 2006/11/10 12:0 a.m.41 views

Citrix Access Gateway LDAP authentication bypass

Overview An error with LDAP authentication in Citrix Access Gateway appliances may allow an attacker to successfully authenticate without providing correct login credentials. Description Citrix Access Gateway appliances use SSL VPN technology to give remote users secure access shared resources...

5.1CVSS6.5AI score0.0367EPSS
Exploits0References4
CERT
CERT
added 2006/10/10 12:0 a.m.41 views

Microsoft PowerPoint fails to properly handle malformed object pointers

Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed object pointers, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoi...

9.3CVSS6.8AI score0.3634EPSS
Exploits0References3
CERT
CERT
added 2006/09/20 12:0 a.m.41 views

SISCO OSI stack fails to properly validate packets

Overview A vulnerability exists in the SISCO OSI stack for Windows. If successfully exploited, an attacker could cause a denial-of-service condition. Description Inter-control Center Communications Protocol ICCP The Inter-control Center Communications Protocol ICCP is a protocol that is used to...

7.8CVSS6.5AI score0.0377EPSS
Exploits0References3
CERT
CERT
added 2006/09/19 12:0 a.m.41 views

gzip contains an infinite loop vulnerability in its LZH handling

Overview The gzip program contains a infinite loop vulnerability that may allow an attacker to create a denial-of-service condition. Description The gzip program is used to compress and decompress archived files. A infinite loop vulnerability exists in the way gzip handles certain files. An...

5CVSS6.3AI score0.03607EPSS
Exploits1References2
CERT
CERT
added 2006/08/22 12:0 a.m.41 views

Microsoft Internet Explorer long URL buffer overflow

Overview Microsoft Internet Explorer is vulnerable to a buffer overflow when processing a long URL on a web site that uses HTTP 1.1 compression. This could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer 6 Service...

7.5CVSS7.2AI score0.41087EPSS
Exploits0References7
CERT
CERT
added 2006/08/08 12:0 a.m.41 views

Microsoft Internet Explorer fails to properly interpret layout positioning

Overview Microsoft Internet Explorer fails to properly handle certain combinations of layout positioning. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the handling of certain combinations of...

7.5CVSS6.9AI score0.41112EPSS
Exploits0References4
CERT
CERT
added 2006/08/08 12:0 a.m.41 views

MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls

Overview Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the...

9.6AI score
Exploits0References3
CERT
CERT
added 2006/07/27 12:0 a.m.41 views

Mozilla products VCard attachment buffer overflow

Overview Mozilla products fail to properly handle malformed VCard attachments, which allows a buffer overflow to occur. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-49:A VCard...

5CVSS7.4AI score0.03245EPSS
Exploits0References3
CERT
CERT
added 2006/07/11 12:0 a.m.41 views

Juniper JUNOS IPv6 denial-of-service vulnerability

Overview Juniper JUNOS Internet Software contains a vulnerability in IPv6 handling that could allow a remote attacker to cause a denial of service. Description Juniper router operating system software JUNOS does not properly free memory allocated for certain IPv6 packets. If a fixed amount of...

5CVSS6.5AI score0.04241EPSS
Exploits0References3
CERT
CERT
added 2006/04/17 12:0 a.m.41 views

Mozilla crypto.generateCRMFRequest() vulnerability

Overview A vulnerability exists in the Mozilla JavaScript routine generateCRMFRequest that may allow a remote attacker to execute arbitrary code. Description The crypto object and generateCRMFRequest The crypto object is used to provide services related to cryptography, such as handling digital...

6.9AI score
Exploits0References4
CERT
CERT
added 2006/04/11 12:0 a.m.41 views

RDS.Dataspace ActiveX control bypasses ActiveX security model

Overview The Microsoft RDS.Dataspace ActiveX control bypasses the ActiveX security model, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description ActiveX ActiveX is a technology that allows programmers to create reusable software components...

5.1CVSS7.2AI score0.825EPSS
Exploits6References3
CERT
CERT
added 2006/02/14 12:0 a.m.41 views

Microsoft Windows TCP/IP fails to properly validate IGMP packets

Overview Microsoft Windows implementations of the TCP/IP protocol fail to properly validate IGMP packets, leading to a denial-of-service condition. Description TCP and IGMP The Transmission Control Protocol TCP is defined in RFC 793 as a means to provide reliable host-to-host transmission between...

7.8CVSS6.1AI score0.62882EPSS
Exploits0References3
CERT
CERT
added 2005/12/28 12:0 a.m.41 views

Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability

Overview Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the Windows operating...

7.5CVSS6.8AI score0.86476EPSS
Exploits14References26
CERT
CERT
added 2005/12/02 12:0 a.m.41 views

Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities

Overview Multiple vulnerabilities in the Sun Java Reflection API may allow an untrusted Java applet to bypass security restrictions and execute arbitrary code. Description The Sun Java Reflection API allows Java classes to determine information about other Java classes, such as public methods...

7.5CVSS7.3AI score0.05168EPSS
Exploits0References4
CERT
CERT
added 2005/10/12 12:0 a.m.41 views

VERITAS NetBackup Java Administration Console contains a format string vulnerability in "bpjava-msvc"

Overview The VERITAS NetBackup Java Administration Console contains a format string vulnerability, which may allow an unauthenticated, remote attacker to execute arbitrary code with root or SYSTEM privileges. Description The Java Administration Console is an alternative administrative interface f...

8.3AI score
Exploits0References2
CERT
CERT
added 2005/09/22 12:0 a.m.41 views

Mozilla Firefox fails to properly sanitize user-supplied URIs via shell script

Overview A lack of input validation in a supplemental shell script included with some Mozilla browsers may allow a remote, unauthenticated attacker to execute arbitrary commands. Description The Linux versions of the Mozilla Firefox and Mozilla Suite web browsers include a wrapper shell script fo...

7.5CVSS6.7AI score0.10718EPSS
Exploits0References5
CERT
CERT
added 2005/03/10 12:0 a.m.41 views

Cisco ACNS RealServer RealSubscruber vulnerable to DoS via malformed IP packets

Overview A vulnerability in Cisco ACNS RealServer RealSubscriber may allow a remote attacker to cause a denial of service on an affected device via malformed IP packets. Description Cisco Application and Content Networking System ACNS is an integrated caching and content-delivery platform. ACNS 5...

5CVSS6.8AI score0.03467EPSS
Exploits0References6
CERT
CERT
added 2005/02/02 12:0 a.m.41 views

SMB filesystem read system call vulnerable to buffer overflow

Overview The SMB filesystem read system call contains buffer overflow vulnerability that may allow an attacker to cause a denial-of-service condition. Description "Server Message Block SMB is an application-level protocol that supports file, printer, and other resource sharing. The SMB filesystem...

6.4CVSS7.8AI score0.04156EPSS
Exploits0References2
CERT
CERT
added 2005/01/07 12:0 a.m.41 views

Microsoft Windows kernel vulnerable to a denial-of-service condition via animated cursor (.ani) frame number

Overview A vulnerability exists in the way the Microsoft Window's kernel processes animated cursor .ani files with a frame number set to zero. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Description A vulnerability exists in the way the...

5CVSS5.7AI score0.6236EPSS
Exploits0References5
CERT
CERT
added 2004/09/07 12:0 a.m.41 views

KDE DCOPServer insecurely creates temporary files

Overview KDE DCOPServer insecurely creates and maintains temporary files used for authentication purposes. Unauthorized local users may be able to modify user account information and execute arbitrary commands with the privileges of the compromised account. Description The Desktop COmmunications...

4.6CVSS7.1AI score0.00518EPSS
Exploits1References5
CERT
CERT
added 2004/09/02 12:0 a.m.41 views

MIT Kerberos 5 ASN.1 decoding function krb5_rd_cred() insecurely deallocates memory (double-free)

Overview The krb5rdcred function in the MIT Kerberos 5 library does not securely deallocate heap memory when decoding ASN.1 structures, resulting in a double-free vulnerability. A remote, authenticated attacker could execute arbitrary code or cause a denial of service on any system running an...

4.6CVSS9.5AI score0.01425EPSS
Exploits0References9
Total number of security vulnerabilities3702