Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2007/07/27 12:0 a.m.41 views

ISC BIND generates cryptographically weak DNS query IDs

Overview ISC Internet Systems Consortiuim BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Description From the ISC Bind security page:The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of...

4.3CVSS7.2AI score0.1309EPSS
Exploits0References6
CERT
CERT
added 2007/02/16 12:0 a.m.41 views

Apple iChat AIM URI handler format string vulnerability

Overview Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. Description The Apple iChat AIM URI handler fails to properly sanitize user-controlled data that is supplied to a formatted output function. This...

7.5CVSS6.6AI score0.22974EPSS
Exploits1References5
CERT
CERT
added 2007/02/15 12:0 a.m.41 views

Mozilla browsers "location.hostname" cross-domain vulnerability

Overview Mozilla-based browsers contain a cross-domain vulnerability, which may allow an attacker to access data in other sites. Description Mozilla uses a same origin security model to maintain separation between browser frames from different sources. This model is designed to prevent code in on...

7.5CVSS9.2AI score0.12144EPSS
Exploits7References26
CERT
CERT
added 2006/12/20 12:0 a.m.41 views

Mozilla SVG memory corruption vulnerability

Overview Mozilla products contain a memory corruption vulnerability related to SVG processing. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Scalable Vector Graphics SVG processing code in Mozilla Firefox and SeaMonke...

9.3CVSS6.7AI score0.08604EPSS
Exploits0References14
CERT
CERT
added 2006/12/15 12:0 a.m.41 views

Symantec Veritas NetBackup bpcd daemon buffer overflow

Overview Symantec Veritas NetBackup contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon is...

10CVSS7.7AI score0.11948EPSS
Exploits0References6
CERT
CERT
added 2006/11/29 12:0 a.m.41 views

Apple Mac OS X PPP driver fails to properly validate PADI packets

Overview The Apple Mac OS X PPP driver fails to properly handle PPPoE Active Discovery Initiation PADI packets. This vulnerability may allow a remote attacker to execute arbitrary code with system privileges. Description The Apple Mac OS X PPP driver fails to properly handle PADI packets allowing...

7.5CVSS7.4AI score0.07456EPSS
Exploits2References3
CERT
CERT
added 2006/11/16 12:0 a.m.41 views

Sky Software FileView ActiveX control buffer overflow vulnerability

Overview The Sky Software FileView ActiveX control contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Sky Software FileView object is an ActiveX control that is provided with several...

7.1AI score
Exploits0References4
CERT
CERT
added 2006/11/10 12:0 a.m.41 views

Citrix Access Gateway LDAP authentication bypass

Overview An error with LDAP authentication in Citrix Access Gateway appliances may allow an attacker to successfully authenticate without providing correct login credentials. Description Citrix Access Gateway appliances use SSL VPN technology to give remote users secure access shared resources...

5.1CVSS6.5AI score0.0367EPSS
Exploits0References4
CERT
CERT
added 2006/10/11 12:0 a.m.41 views

Microsoft Office fails to properly parse malformed records

Overview A vulnerability in the way Microsoft Office parses files containing malformed records may lead to execution of arbitrary code. Description Microsoft Office contains a vulnerability that could be exploited when Office attempts to parse specially crafted records. According to Microsoft...

9.3CVSS7AI score0.32242EPSS
Exploits0References1
CERT
CERT
added 2006/09/28 12:0 a.m.41 views

OpenSSL may fail to properly parse invalid ASN.1 structures

Overview A vulnerability in OpenSSL may allow an attacker to create a denial-of-service condition. Description OpenSSL is an Open Source toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols.When parsing certain invalid ASN.1 structures, OpenSSL...

7.8CVSS8.5AI score0.10629EPSS
Exploits1References15
CERT
CERT
added 2006/09/27 12:0 a.m.41 views

Microsoft PowerPoint fails to properly handle malformed records

Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed records, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoint opens...

9.3CVSS6.8AI score0.12458EPSS
Exploits4References3
CERT
CERT
added 2006/08/22 12:0 a.m.41 views

Microsoft Internet Explorer long URL buffer overflow

Overview Microsoft Internet Explorer is vulnerable to a buffer overflow when processing a long URL on a web site that uses HTTP 1.1 compression. This could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer 6 Service...

7.5CVSS7.2AI score0.41087EPSS
Exploits0References7
CERT
CERT
added 2006/08/21 12:0 a.m.41 views

BlackBerry Enterprise Server fails to properly handle Microsoft Word attachments

Overview A buffer overflow vulnerability in BlackBerry Enterprise Server may allow a remote attacker to execute arbitrary code. Description A buffer overflow vulnerability exists in the BlackBerry Attachment Service component of BlackBerry Enterprise Server. This vulnerability may allow a remote...

5.1CVSS7.3AI score0.02724EPSS
Exploits0References2
CERT
CERT
added 2006/08/08 12:0 a.m.41 views

MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls

Overview Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the...

9.6AI score
Exploits0References3
CERT
CERT
added 2006/07/27 12:0 a.m.41 views

Mozilla products contain a race condition

Overview Mozilla products contain a race condition. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Mozilla products JavaScript garbage collection process may delete a variable while that variable is still in use. This may corrupt...

5.1CVSS6.8AI score0.04378EPSS
Exploits0References6
CERT
CERT
added 2006/02/14 12:0 a.m.41 views

Microsoft Windows TCP/IP fails to properly validate IGMP packets

Overview Microsoft Windows implementations of the TCP/IP protocol fail to properly validate IGMP packets, leading to a denial-of-service condition. Description TCP and IGMP The Transmission Control Protocol TCP is defined in RFC 793 as a means to provide reliable host-to-host transmission between...

7.8CVSS6.1AI score0.62882EPSS
Exploits0References3
CERT
CERT
added 2005/12/28 12:0 a.m.41 views

Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability

Overview Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the Windows operating...

7.5CVSS6.8AI score0.86476EPSS
Exploits14References26
CERT
CERT
added 2005/09/27 12:0 a.m.41 views

Apple Mac OS X ImageIO fails to properly handle corrupt GIF files

Overview The Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code. Description Apple ImageIO is an image processing framework that was introduced in OS X 10.4 Tiger. ImageIO is used by several applications, including WebCore and...

7.5CVSS7.7AI score0.04848EPSS
Exploits0References7
CERT
CERT
added 2005/09/22 12:0 a.m.41 views

Mozilla Firefox fails to properly sanitize user-supplied URIs via shell script

Overview A lack of input validation in a supplemental shell script included with some Mozilla browsers may allow a remote, unauthenticated attacker to execute arbitrary commands. Description The Linux versions of the Mozilla Firefox and Mozilla Suite web browsers include a wrapper shell script fo...

7.5CVSS6.7AI score0.10718EPSS
Exploits0References5
CERT
CERT
added 2005/07/13 12:0 a.m.41 views

WebEOC is vulnerable to cross-site scripting attacks

Overview WebEOC contains multiple cross-site scripting vulnerabilities that may allow a remote attacker to inject and execute arbitrary script using a vulnerable WebEOC site. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate,...

4.3CVSS6.5AI score0.01008EPSS
Exploits0References3
CERT
CERT
added 2005/07/12 12:0 a.m.41 views

Microsoft Word buffer overflow in font processing routine

Overview A buffer overflow in the font processing routine used by Microsoft Word may allow a remote attacker to execute code on a vulnerable system. Description Microsoft Word contains a buffer overflow in the routine that processes fonts. An remote attacker may be able to trigger the buffer...

7.5CVSS7.3AI score0.25652EPSS
Exploits0References1
CERT
CERT
added 2005/03/30 12:0 a.m.41 views

Mozilla products vulnerable to heap overflow via specially crafted GIF file

Overview Mozilla products, including the Mozilla Suite, Mozilla Firefox, and Mozilla Thunderbird, are vulnerable to a heap-based overflow in the GIF image-processing routines. Description The Mozilla project produces an application suite Mozilla Suite, web browsers Mozilla Firefox, email software...

5.1CVSS6.9AI score0.15116EPSS
Exploits4References5
CERT
CERT
added 2005/03/10 12:0 a.m.41 views

Cisco ACNS RealServer RealSubscruber vulnerable to DoS via malformed IP packets

Overview A vulnerability in Cisco ACNS RealServer RealSubscriber may allow a remote attacker to cause a denial of service on an affected device via malformed IP packets. Description Cisco Application and Content Networking System ACNS is an integrated caching and content-delivery platform. ACNS 5...

5CVSS6.8AI score0.03467EPSS
Exploits0References6
CERT
CERT
added 2005/02/04 12:0 a.m.41 views

Multiple devices process HTTP requests inconsistently

Overview Multiple interconnected devices process valid HTTP request headers inconsistently and in this may manner may allow a remote attacker to poison a cache, conduct cross-site scripting attacks, and hijack user sessions. Attackers may use these flaws to launch a class of attacks referred to a...

5CVSS5.5AI score0.40977EPSS
Exploits0References2
CERT
CERT
added 2005/02/02 12:0 a.m.41 views

SMB filesystem read system call vulnerable to buffer overflow

Overview The SMB filesystem read system call contains buffer overflow vulnerability that may allow an attacker to cause a denial-of-service condition. Description "Server Message Block SMB is an application-level protocol that supports file, printer, and other resource sharing. The SMB filesystem...

6.4CVSS7.8AI score0.04156EPSS
Exploits0References2
CERT
CERT
added 2004/12/16 12:0 a.m.41 views

Microsoft Windows Internet Naming Service (WINS) contains a buffer overflow

Overview A buffer overflow in the WINS service may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description The Microsoft WINS service maps IP addresses to NETBIOS computer names.The WINS protocol contains a vulnerability that may allow a remote attack...

7.5CVSS7.6AI score0.72286EPSS
Exploits1References2
CERT
CERT
added 2004/07/14 12:0 a.m.41 views

Microsoft Windows Utility Manager launches applications with system privileges

Overview The Microsoft Windows 2000 Utility Manager allows authenticated local users to launch applications with SYSTEM privileges. Description The Microsoft Windows 2000 Utility Manager is a program that permits users to monitor and launch various accessibility applications. This program contain...

7.8CVSS7.5AI score0.21261EPSS
Exploits0References1
CERT
CERT
added 2004/03/08 12:0 a.m.41 views

Apple Mac OS X TruBlueEnvironment vulnerable to buffer overflow

Overview Apple Mac OS X contains a buffer overflow in TruBlueEnvironment which could allow a local, authenticated attacker to execute arbitrary code with root privileges. Description Mac OS X allows older Macintosh applications to run in an environment called Classic. TruBlueEnvironment is part o...

4.6CVSS7.7AI score0.00438EPSS
Exploits0References2
CERT
CERT
added 2004/02/26 12:0 a.m.41 views

Apple Mac OS X Point-to-Point Protocol daemon (pppd) contains format string vulnerability

Overview Apple Mac OS X Point-to-Point Protocol daemon contains a format string vulnerability in the handling of invalid command line arguments. Description The Point-to-Point Protocol PPP provides a method for transmitting datagrams over serial point-to-point links. There is a format string...

5CVSS6.5AI score0.03807EPSS
Exploits1References2
CERT
CERT
added 2003/12/18 12:0 a.m.41 views

Cisco ACNS contains buffer overflow vulnerability in the authentication module when supplied an overly long password

Overview Cisco Application and Content Networking Software ACNS contains a buffer overflow that may enable an attacker to execute arbitrary code on the affected device. Description Cisco ACNS Software "...combines demand-pull caching and pre-positioning for accelerated delivery of web application...

7.5CVSS8AI score0.04374EPSS
Exploits0References4
CERT
CERT
added 2003/11/19 12:0 a.m.41 views

Microsoft Internet Explorer does not adequately validate javascript: protocol URL

Overview Microsoft Internet Explorer IE does not adequately validate javascript: protocol URLs. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary code wit...

7.5CVSS7.4AI score0.48374EPSS
Exploits0References18
CERT
CERT
added 2003/11/14 12:0 a.m.41 views

Microsoft FrontPage Server Extensions contains denial of service vulnerability in the SmartHTML interpreter

Overview The Microsoft FrontPage Server Extensions contains a vulnerability that allows unauthenticated remote attackers to conduct denial of service attacks. Description Microsoft FrontPage Server Extensions FPSE is an optional set of tools that adds functionality to a web site. This functionali...

5CVSS6.4AI score0.34428EPSS
Exploits1References2
CERT
CERT
added 2003/08/26 12:0 a.m.41 views

Microsoft Internet Explorer contains buffer overflow in Type attribute of OBJECT element on double-byte character set systems

Overview Certain versions of Microsoft Internet Explorer IE that support double-byte character sets DBCS contain a buffer overflow vulnerability in the Type attribute of the OBJECT element. A remote attacker could execute arbitrary code with the privileges of the user running IE. Description...

7.7AI score
Exploits0References5
CERT
CERT
added 2002/10/04 12:0 a.m.41 views

Microsoft Services for Unix 3.0 Interix SDK vulnerable to buffer overrun via RPC request containing improper parameter size check

Overview Microsoft Services for Unix 3.0 Interix SDK contains a remotely exploitable buffer overflow. Description Quoting from Microsoft's Services for Unix 3.0 homepage, "Windows Services for UNIX version 3.0 provides a full range of cross-platform services for integrating Windows into existing...

5CVSS6.9AI score0.13903EPSS
Exploits0References1
CERT
CERT
added 2002/10/03 12:0 a.m.41 views

Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS

Overview Versions of the Apache HTTPD server with wildcard DNS enabled and UseCanonicalName disabled, are vulnerable to a cross-site scripting attack. Description Apache HTTPD servers versions 2.0.42 and prior, and 1.3.26 and prior, with wildcard DNS enabled and UseCanonicalName disabled, are...

6.8CVSS8.7AI score0.94006EPSS
Exploits0References1
CERT
CERT
added 2002/09/26 12:0 a.m.41 views

4D WebServer does not adequately validate user input thereby allowing directory traversal

Overview 4D WebServer does not properly validate HTTP requests, allowing directory traversal outside the root web directory. Description 4D WebServer versions 6.5.7 and earlier do not properly validate HTTP requests, allowing directory traversal outside the root web directory. --- Impact Remote...

5CVSS6.3AI score0.02197EPSS
Exploits1References2
CERT
CERT
added 2002/09/03 12:0 a.m.41 views

Cisco VPN 3000 series concentrator does not properly handle malformed ISAKMP packets

Overview Cisco VPN 3000 series concentrators do not properly handle specially crafted Internet Security Association and Key Management Protocol ISAKMP packets, which can cause a vulnerable device to reload, denying service to legitimate users. Description According to information on the Cisco web...

5CVSS7AI score0.01417EPSS
Exploits0References7
CERT
CERT
added 2002/07/26 12:0 a.m.41 views

Microsoft SQL Server 2000 contains stack buffer overflow in SQL Server Resolution Service

Overview Microsoft SQL Server 2000 contains a remotely exploitable stack buffer overflow that allows attackers to execute arbitrary code with the same privileges as the SQL server. Description The SQL Server Resolution Service SSRS was introduced in Microsoft SQL Server 2000 to provide referral...

7.5CVSS7.7AI score0.8475EPSS
Exploits7References9
CERT
CERT
added 2002/07/26 12:0 a.m.41 views

Microsoft SQL Server contains buffer overflow vulnerabilities in multiple extended stored procedures

Overview Microsoft SQL Server 7.0 and SQL Server 2000 contain buffer overflow vulnerabilities in multiple extended stored procedures. A remote attacker could cause a denial of service or execute arbitrary code or commands with the privileges of the SQL Server process, potentially gaining complete...

7.5CVSS8.3AI score0.24864EPSS
Exploits0References5
CERT
CERT
added 2002/06/13 12:0 a.m.41 views

Microsoft Internet Information Server (IIS) contains remote buffer overflow in chunked encoding data transfer mechanism for HTR

Overview A buffer overflow vulnerability in IIS 4.0 and 5.0 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the HTR ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to a web...

7.5CVSS7.6AI score0.23901EPSS
Exploits4References1
CERT
CERT
added 2002/01/09 12:0 a.m.41 views

Oracle9i Application Server Apache PL/SQL module does not properly decode URL

Overview A vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS in which the module does not properly decode double URL encoded strings. This vulnerability could allow an intruder to read files outside the web...

5CVSS9.1AI score0.54383EPSS
Exploits0References9
CERT
CERT
added 2001/11/07 12:0 a.m.41 views

Weak CRC allows packet injection into SSH sessions encrypted with block ciphers

Overview There is an information integrity vulnerability in the SSH1 protocol that allows packets encrypted with a block cipher to be modified without notice. Description Preconditions: Attacker has a fragment of plaintext and its corresponding ciphertext. Attacker must be able to actively...

5CVSS9.2AI score0.03211EPSS
Exploits0References7
CERT
CERT
added 2001/07/18 12:0 a.m.41 views

Linux kernel contains race condition via ptrace/procfs/execve

Overview Unprivileged local users can use the ptrace function to take advantage of a privileged program, while that program is performing a privileged operation, to gain privileged access. Description Ptrace is a function, which is often used for debugging, that allows one process to attach to...

3.7CVSS6.5AI score0.00716EPSS
Exploits0References3
CERT
CERT
added 2001/07/12 12:0 a.m.41 views

The Oracle Internet Directory LDAP (oidldapd) contains buffer overflow

Overview Oracle Internet Directory version 2.0.6, which ships with Oracle version 8i for Linux 8.1.6, contains a program, oidldapd, that is an LDAP Daemon. There is a buffer overflow in the LDAP Daemon that allows a local user to obtain the euid of the oidldapd process, typically user oracle...

4.6CVSS6.2AI score0.01364EPSS
Exploits0References6
CERT
CERT
added 2001/05/30 12:0 a.m.41 views

Due to insecure creation of configuration files via KApplication-class, local users can create arbitrary files when running setuid root KDE programs

Overview KApplication-class, a class used to create KDE applications, creates configuration files without checking for proper ownership or prior existence. Description KApplication-class, a class used to create KDE applications, creates configuration files. These files are created in a local...

7.2CVSS6.1AI score0.01181EPSS
Exploits1References2
CERT
CERT
added 2001/05/11 12:0 a.m.41 views

ISC BIND 8.2.2-P6 vulnerable to DoS when processing SRV records, aka the "srv bug"

Overview There is a denial-of-service vulnerability in several versions of the Internet Software Consortium's ISC BIND software. This vulnerability is referred to by the ISC as the "srv bug" and affects ISC BIND versions 8.2 through 8.2.2-P6. Description This vulnerability can cause affected DNS...

5CVSS6.3AI score0.07548EPSS
Exploits0References2
CERT
CERT
added 2001/05/10 12:0 a.m.41 views

Cisco IOS vulnerable to DoS via unrecognized transitive attribute in BGP UPDATE

Overview There is a denial-of-service vulnerability in several specific but common configurations of Cisco IOS. Description There is a problem involving BGP updates on Cisco routers with BGP4 Prefix Filtering and Inbound Route Maps enabled. A route update with an unrecognized transitive attribute...

5CVSS6.3AI score0.02361EPSS
Exploits0References4
CERT
CERT
added 2001/04/05 12:0 a.m.41 views

Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function

Overview There is a buffer overflow defect in the ctlgetitem function of the Network Time Protocol NTP daemon responsible for providing accurate time reports used for synchronizing the clocks on installed systems. All NTP daemons based on code maintained at the University of Delaware since NTPv2...

10CVSS7.6AI score0.91679EPSS
Exploits6References7
CERT
CERT
added 2000/10/31 12:0 a.m.41 views

Netscape Java Security Manager fails to prevent URLConnections through netscape.net.URLConnection Class

Overview Netscape Communicator and Navigator ship with Java classes that allow an unsigned Java applet to access local and remote resources in violation of the security policies for applets. Description Failures in the netscape.net package permit a Java applet to read files from the local file...

5CVSS5.9AI score0.20485EPSS
Exploits1References5
CERT
CERT
added 2025/04/25 12:0 a.m.40 views

Various GPT services are vulnerable to two systemic jailbreaks, allows for bypass of safety guardrails

Overview Two systemic jailbreaks, affecting a number of generative AI services, were discovered. These jailbreaks can result in the bypass of safety protocols and allow an attacker to instruct the corresponding LLM to provide illicit or dangerous content. The first jailbreak, called “Inception,” ...

7.3AI score
Exploits0
Total number of security vulnerabilities3704