Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2025/01/14 12:0 a.m.40 views

Howyar Reloader UEFI bootloader vulnerable to unsigned software execution

Overview The Howyar UEFI Application "Reloader" 32-bit and 64-bit, distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded path. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure...

8.2CVSS9.5AI score0.01036EPSS
Exploits1References13
CERT
CERT
added 2021/02/18 12:0 a.m.40 views

Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs

Overview Atlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows user to run arbitrary code with SYSTEM privileges. Description The Atlassian Bitbucket Windows installer fails to set a secure access-control list ACL on the default installation directory,...

7.8CVSS7.8AI score0.00265EPSS
Exploits0References1
CERT
CERT
added 2016/12/13 12:0 a.m.40 views

EpubCheck 4.0.1 contains a XML external entity processing vulnerability

Overview EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks. Description EpubCheck is a tool to validate that EPUB files follow the proper format. It can be used as a stand alone command line utility, or included in a project most commonly being epub readers as a...

7.8CVSS7.9AI score0.01279EPSS
Exploits0References4
CERT
CERT
added 2016/11/07 12:0 a.m.40 views

D-Link routers HNAP service contains stack-based buffer overflow

Overview D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action. Description CWE-121:Stack-based Buffer Overflow - CVE-2016-6563 Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack. The vulnerable XML fields...

10CVSS9.9AI score0.79947EPSS
Exploits6References3
CERT
CERT
added 2016/09/06 12:0 a.m.40 views

Fortinet FortiWAN load balancer appliance contains multiple vulnerabilities

Overview The Fortinet FortiWAN Ascernlink network load balancer appliance contains multiple vulnerabilities. Description According to the reporter, the Fortinet FortiWAN network load balancer appliance contains the following vulnerabilities.CWE-78: Improper Neutralization of Special Elements used...

9CVSS7.7AI score0.04115EPSS
Exploits0References2
CERT
CERT
added 2016/07/13 12:0 a.m.40 views

Accela Civic Platform Citizen Access portal contains multiple vulnerabilities

Overview Accela Civic Platform Citizen Access portal contains cross-site scripting and arbitrary file upload vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2016-5660Accela Civic Platform Citizen Access portal contains ...

8.8CVSS7.4AI score0.02557EPSS
Exploits0References1
CERT
CERT
added 2016/05/02 12:0 a.m.40 views

libarchive contains a heap-based buffer overflow due to improper input validation

Overview An attacker may be able to coerce a user into executing arbitrary code in the context of the current user by attempting to unzip a crafted zip file provided by the attacker. Description CWE-20: Improper Input Validation - CVE-2016-1541A crafted zip file can provide an incorrect compresse...

8.8CVSS7.3AI score0.10284EPSS
Exploits1References2
CERT
CERT
added 2016/02/29 12:0 a.m.40 views

IKE/IKEv2 protocol implementations may allow network amplification attacks

Overview Implementations of the IKEv2 protocol are vulnerable to network amplification attacks. Description CWE-406: Insufficient Control of Network Message Volume Network Amplification IKE/IKEv2 and other UDP-based protocols can be used to amplify denial-of-service attacks. In some scenarios, an...

7.8CVSS7.4AI score0.03151EPSS
Exploits0References6
CERT
CERT
added 2016/01/20 12:0 a.m.40 views

Oracle Outside In 8.5.2 contains multiple stack buffer overflows

Overview Oracle Outside In versions 8.5.2 and earlier contain stack buffer overflow vulnerabilities in the parsers for WK4, Doc, and Paradox DB files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of...

10CVSS7.7AI score0.08383EPSS
Exploits0References1
CERT
CERT
added 2015/10/19 12:0 a.m.40 views

HP ArcSight Logger contains multiple vulnerabilities

Overview HP ArcSight Logger contains multiple vulnerabilities, allowing authentication bypass and privilege escalation in certain scenarios. Description CWE-285: Improper Authorization- CVE-2015-2136A remote authenticated user without Logger Search permissions may be able to bypass authorization...

7.2CVSS7.6AI score0.04439EPSS
Exploits0References5
CERT
CERT
added 2015/10/12 12:0 a.m.40 views

QNAP QTS is vulnerable to a path traversal attack when used with the AFP protocol and OS X

Overview QNAP QTS is a Network-Attached Storage NAS system. The QNAP QTS is vulnerable to a path traversal attack when used with the AFP protocol and OS X. Description CWE-23: Relative Path Traversal - CVE-2015-6003 When the Apple Filing Protocol AFP is enabled, any OS X user account including th...

9.3CVSS6.6AI score0.04077EPSS
Exploits0References5
CERT
CERT
added 2015/06/15 12:0 a.m.40 views

Retrospect Backup Client uses weak password hashing

Overview Retrospect Backup Client is a client to a network-based backup utility. This client stores passwords in a hashed format that is weak and susceptible to collision, allowing an attacker to generate a password hash collision and gain access to the target's backup files. Description CWE-916:...

5CVSS7.1AI score0.03338EPSS
Exploits1References3
CERT
CERT
added 2015/02/02 12:0 a.m.40 views

SerVision HVG Video Gateway web interface contains multiple vulnerabilities

Overview SerVision HVG Video Gateway web interface contains multiple vulnerabilities affecting multiple firmware versions. Description CWE-288: Authentication Bypass Using an Alternate Path or Channel, andCWE-284: Improper Access Control - CVE-2015-0929By visiting time.htm, a user is issued a...

10CVSS7AI score0.03445EPSS
Exploits1References4
CERT
CERT
added 2015/01/23 12:0 a.m.40 views

LabTech contains privilege escalation vulnerability

Overview LabTech startup scripts and directories on Linux platforms are world-writeable and the scripts execute with root privileges. Description CWE-284: Improper Access Control LabTech startup scripts and directories on Linux platforms are world-writeable and the scripts execute with root...

6.8CVSS6.6AI score0.00353EPSS
Exploits0References1
CERT
CERT
added 2015/01/05 12:0 a.m.40 views

Tianocore UEFI implementation reclaim function vulnerable to buffer overflow

Overview The reclaim function in the Tianocore open source implementation of UEFI contains a buffer overflow vulnerability. Description The open source Tianocore project provides a reference implementation of the Unified Extensible Firmware Interface UEFI. Some commercial UEFI implementations...

6.8CVSS6.9AI score0.00405EPSS
Exploits0References4
CERT
CERT
added 2014/12/12 12:0 a.m.40 views

Honeywell OPOS suite Stack Buffer Overflow vulnerability

Overview The Honeywell OPOS OLE for Retail Point-of-Sale POS Suite is vulnerable to a stack buffer overflow attack. Description The Honeywell OPOS Suite provides a standard programming interface that allows POS hardware to be easily integrated into retail POS systems based on Microsoft Windows...

7.5CVSS7.5AI score0.04747EPSS
Exploits0References3
CERT
CERT
added 2014/07/28 12:0 a.m.40 views

Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting

Overview Silver Peak VX version 6.2.2.047968 is vulnerable to cross-site request forgery and cross-site scripting. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2014-2974Silver Peak VX version 6.2.2.047968 contains a cross-site request forgery vulnerability in /php/useraccount.php...

6.8CVSS7.8AI score0.01681EPSS
Exploits0References3
CERT
CERT
added 2014/06/23 12:0 a.m.40 views

SpamTitan contains a reflected cross-site scripting (XSS) vulnerability

Overview SpamTitan contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'SpamTitan contains a reflected cross-site scripting vulnerability in the auth-settings-x.php page of the management...

4.3CVSS6AI score0.02499EPSS
Exploits0References2
CERT
CERT
added 2014/04/10 12:0 a.m.40 views

Microsoft Office file format converter memory corruption vulnerability

Overview The Microsoft Office file format converter contains a memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. Description Microsoft Office file format converter is a component that converts legacy...

9.3CVSS8AI score0.17315EPSS
Exploits0References2
CERT
CERT
added 2014/01/08 12:0 a.m.40 views

QNAP QTS path traversal vulnerability

Overview QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal vulnerability. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2013-7174QNAP QTS is a Network-Attached Storage NAS system accessible via a web interface. QNAP QTS...

7.8CVSS6.4AI score0.0206EPSS
Exploits0References2
CERT
CERT
added 2013/11/04 12:0 a.m.40 views

Attachmate Verastream Host Integrator (VHI) allows arbitrary file upload and execution

Overview The Attachmate Verastream Host Integrator VHI is vulnerable to arbitrary file uploads and execution. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2013-3626The Attachmate VHI Session Server, on all platforms, allows unauthenticated...

9.3CVSS7.1AI score0.02778EPSS
Exploits0References2
CERT
CERT
added 2013/10/30 12:0 a.m.40 views

Openbravo ERP contains an information disclosure vulnerability

Overview Openbravo ERP 2.5, 3, and possibly earlier versions contain an information disclosure vulnerability CWE-200. Description CWE-200: Information Exposure Openbravo ERP version 2.5 and version 3 contain an information disclosure vulnerability. This is due to the expanded use of XML External...

3.5CVSS5.9AI score0.21074EPSS
Exploits3References6
CERT
CERT
added 2012/12/12 12:0 a.m.40 views

Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.

Overview Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability. The vulnerability is found withi...

6.5CVSS6.8AI score0.0331EPSS
Exploits4References3
CERT
CERT
added 2012/10/30 12:0 a.m.40 views

CA ARCserve Backup authentication service denial-of-service vulnerability

Overview The CA ARCserve Backup authentication service, caauthd.exe, is susceptible to a denial-of-service vulnerability. CA ARCserve Backup r16 SP1 was reported to be vulnerable. Description The Offensive Security advisory states:By specifying an invalid field size for the encrypted username or...

5CVSS6.8AI score0.03467EPSS
Exploits0References1
CERT
CERT
added 2012/08/03 12:0 a.m.40 views

Solarwinds Network Performance Monitor 10.2.2 contains multiple vulnerabilities

Overview Solarwinds Network Performance Monitor 10.2.2 and possibly earlier versions contain a cross-site scripting XSS, and cross-site request forgery CSRF vulnerability. Description Solarwinds Network Performance Monitor 10.2.2 can be attacked by modifying the snmpd.conf file with malicious...

6.8CVSS7.5AI score0.1021EPSS
Exploits2References1
CERT
CERT
added 2011/10/27 12:0 a.m.40 views

Enspire eClient SQL injection allows authentication bypass

Overview Enspire eClient contains a SQL injection vulnerability that could allow an attacker to bypass authentication and access the system with administrative privileges. Description The Enspire software suite includes an eClient web front-end which is susceptible to SQL injection attacks. This...

7.5CVSS7.3AI score0.01131EPSS
Exploits0References1
CERT
CERT
added 2010/03/25 12:0 a.m.40 views

Broadcom NetXtreme management firmware ASF buffer overflow

Overview A buffer overflow vulnerability exists in the Broadcom NetXtreme management firmware. This vulnerability may allow a remote attacker to execute arbitrary code on an affected device. Description The Alert Standard Format ASF Specification is a protocol developed by Distributed Management...

10CVSS8.3AI score0.0651EPSS
Exploits0References3
CERT
CERT
added 2008/03/06 12:0 a.m.40 views

IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) allows buffer overflow via HTTP request

Overview The IBM Tivoli Provisioning Manager for OS Deployment TPMfOSD contains a buffer overflow vulnerability in the web server component. This vulnerability may allow an attacker to execute arbitrary code with SYSTEM privileges or cause a denial of service. Description IBM Tivoli Provisioning...

10CVSS7.6AI score0.08377EPSS
Exploits5References5
CERT
CERT
added 2008/01/25 12:0 a.m.40 views

inet_network() off-by-one buffer overflow

Overview The inetnetwork resolver function contains an off-by-one buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The inetnetwork function takes a character string representation for an internet address and returns...

10CVSS7.9AI score0.123EPSS
Exploits1References7
CERT
CERT
added 2007/12/18 12:0 a.m.40 views

Apple Safari code execution vulnerability

Overview The Apple Safari web browser contains a vulnerability that may allow an attacker to execute arbitrary code. Description Per Apple Security Update 2007-009:A memory corruption issue exists in Safari's handling of feed: URLs. By enticing a user to access a maliciously crafted URL, an...

9.3CVSS9.7AI score0.05589EPSS
Exploits1References1
CERT
CERT
added 2007/10/19 12:0 a.m.40 views

Mozilla XUL web applications may hide the titlebar

Overview Mozilla's XUL contains a vulnerability that may allow a web application to cover an active window's titlebar. Description XUL is Mozilla's XML-based user interface language. XUL can be used to create Mozilla applications, extensions, and web applications.From Mozilla Foundation Security...

4.3CVSS5.7AI score0.03017EPSS
Exploits1References3
CERT
CERT
added 2007/10/05 12:0 a.m.40 views

Sun Java JRE vulnerable to unauthorized network access

Overview The Sun Java Runtime Environment JRE contains a vulnerability that may allow unintended access to network resources. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for multiple...

4CVSS6.1AI score0.03418EPSS
Exploits0References4
CERT
CERT
added 2007/08/28 12:0 a.m.40 views

Oracle JInitiator ActiveX control stack buffer overflows

Overview The Oracle JInitiator ActiveX control contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle JInitiator allows users to run Oracle Developer Server applications within a web...

9.3CVSS6.9AI score0.21066EPSS
Exploits1References7
CERT
CERT
added 2007/06/26 12:0 a.m.40 views

MIT Kerberos kadmind principal renaming stack buffer overflow

Overview The MIT Kerberos administration daemon kadmind contains a stack buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the principal renaming operation used by the Kerberos...

9CVSS9.9AI score0.07519EPSS
Exploits1References8
CERT
CERT
added 2007/04/26 12:0 a.m.40 views

IncrediMail IMMenuShellExt ActiveX control stack buffer overflow vulnerability

Overview The IncrediMail IMMenuShellExt ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description IncrediMail is an email application that includes animations and 1000's of emoticons...

6.8CVSS7.2AI score0.37744EPSS
Exploits1References1
CERT
CERT
added 2007/03/05 12:0 a.m.40 views

WordPress fails to properly sanitize input passed to the ix parameter in wp-includes/feed.php

Overview WordPress fails to properly sanitize input to the ix parameter in wp-includes/feed.php, which could allow a remote, unauthenticated attacker to execute arbitrary PHP code. Description WordPress is a blogging application that is written in PHP. WordPress 2.1.1 fails to properly sanitize...

7.5CVSS6.8AI score0.27006EPSS
Exploits2References4
CERT
CERT
added 2007/01/19 12:0 a.m.40 views

Adobe Acrobat allows pointer overwrite via specially crafted PDF file

Overview Adobe Acrobat and Adobe Reader fail to properly handle a specially crafted PDF file, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Adobe Acrobat and Adobe Reader are applications designed to create and view Portable Document Format PDF...

9.3CVSS7.2AI score0.09089EPSS
Exploits0References8
CERT
CERT
added 2007/01/18 12:0 a.m.40 views

Mozilla products vulnerable to privilege escalation via a JavaScript watch() function

Overview A vulnerability exists in Mozilla products that may allow a remote attacker to gain elevated privileges. Description Mozilla products contain a vulnerability in the way the JavaScript watch function is handled that may result in privilege escalation. According to the Mozilla Foundation...

6.8CVSS6.2AI score0.0283EPSS
Exploits0References13
CERT
CERT
added 2006/11/29 12:0 a.m.40 views

Apple Mac OS X Finder fails to properly handle malformed .DS_Store files

Overview Apple Finder fails to properly handle malformed .DSStore files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description .DSStore files are hidden files used by Apple Finder to control the display of a folder and its contents.According to App...

5.1CVSS7.7AI score0.06232EPSS
Exploits2References2
CERT
CERT
added 2006/08/24 12:0 a.m.40 views

Barracuda Spam Firewall contains hardcoded default login credentials

Overview Barracuda Spam Firewalls from version 3.3.01.001 to 3.3.02.053 have default login credentials that can not be modified by an administrator. Description Barracuda Spam Firewall appliances provide ingress and egress spam filtering for local area networks. An administrator will typically lo...

7.2CVSS6.4AI score0.00365EPSS
Exploits0References2
CERT
CERT
added 2006/07/11 12:0 a.m.40 views

Microsoft Office fails to properly handle malformed strings

Overview Microsoft Office fails to properly handle specially crafted strings. This vulnerability could allow a remote attacker to execute arbitrary code. Description Microsoft Office applications fail to properly validate strings. When an Office document containing malformed string is opened with...

9.3CVSS6.7AI score0.15244EPSS
Exploits0References1
CERT
CERT
added 2006/06/13 12:0 a.m.40 views

Microsoft Internet Explorer exception handling vulnerability

Overview Microsoft Internet Explorer fails to properly handle exception conditions. This may allow a remote, unauthenticated attacker to execute arbitrary code. Description Internet Explorer allows objects to register exception handlers. These handlers may not properly handle some conditions, whi...

9.3CVSS6.5AI score0.32784EPSS
Exploits0References2
CERT
CERT
added 2006/06/02 12:0 a.m.40 views

Mozilla contains multiple memory corruption vulnerabilities

Overview Mozilla contains several memory corruption vulnerabilities. This may allow a remote attacker to execute arbitrary code. Description Mozilla team members have discovered multiple vulnerabilities that cause the browser engine to crash. In certain circumstances, these vulnerabilities may...

9.3CVSS7.4AI score0.0696EPSS
Exploits0References2
CERT
CERT
added 2006/06/02 12:0 a.m.40 views

Mozilla may associate persisted XUL attributes with an incorrect URL

Overview Mozilla can allow persisted XUL attributes to associate with the wrong URL. This may allow a remote attacker to execute arbitrary code. Description XULXUL is an XML-based user interface language, which is used by Mozilla. Persisted XUL XUL elements with the persist attribute maintain the...

7.5CVSS6.4AI score0.04566EPSS
Exploits0References5
CERT
CERT
added 2006/06/02 12:0 a.m.40 views

Mozilla privilege escalation using addSelectionListener

Overview A privilege escalation vulnerability exists in the Mozilla addSelectionListener method. This may allow a remote attacker to execute arbitrary code. Description addSelectionListener Web content can add a SelectionListener to the Selection object by using addSelectionListener method of the...

7.5CVSS6.9AI score0.06027EPSS
Exploits0References5
CERT
CERT
added 2006/05/16 12:0 a.m.40 views

LiveData ICCP Server heap buffer overflow vulnerability

Overview LiveData ICCP Server contains a heap-based buffer overflow. This vulnerability may allow a remote attacker to crash the server. Description Inter-Control Center Communications Protocol ICCP According to the LiveData ICCP Server white paper: The Inter-Control Center Communications Protoco...

7.5CVSS7.2AI score0.04728EPSS
Exploits0References5
CERT
CERT
added 2006/04/17 12:0 a.m.40 views

Mozilla XBL binding vulnerability

Overview Mozilla products fail to properly restrict access to privileged XBL bindings. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description XBL According to Mozilla, XBL "is a markup language that defines special new elements, or 'bindings' for XU...

6.8CVSS6.8AI score0.05077EPSS
Exploits0References5
CERT
CERT
added 2006/03/24 12:0 a.m.40 views

Pubcookie login server contains cross-site scripting vulnerabilities

Overview Cross-site scripting vulnerabilities in the Pubcookie login server could allow a remote attacker to gain access to sensitive information. Description Pubcookie is a software package that provides intra-institutional single-sign-on authentication for end-users over the web. The Pubcookie...

4.3CVSS6.3AI score0.0165EPSS
Exploits0References1
CERT
CERT
added 2006/02/14 12:0 a.m.40 views

Microsoft Windows Korean Input Method Editor vulnerability

Overview The Microsoft Windows Korean Input Method Editor IME contains a privilege escalation vulnerability. Description According to Microsoft: An IME is a program that allows computer users to enter complex characters and symbols, such as Japanese characters, using a standard keyboard. The...

7.2CVSS6.5AI score0.01657EPSS
Exploits0References2
CERT
CERT
added 2005/11/10 12:0 a.m.40 views

Optimistic TCP acknowledgements can cause denial of service

Overview A vulnerability in the TCP congestion control mechanism could be leveraged by an attacker to cause a denial of service. Description The Transmission Control Protocol TCP is described in RFC 793 as a means to provide reliable host-to-host transmission in a packet-switched computer network...

7.8CVSS6.4AI score0.02317EPSS
Exploits0References7
Total number of security vulnerabilities3704