Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2002/12/10 12:0 a.m.34 views

wget contains directory traversal vulnerability

Overview The wget utility contains directory traversal vulnerabilities that allow a malicious FTP server to overwrite files on the client host. Description In a typical file transfer operation, one participant the client requests a file while a second participant the server provides the requested...

5CVSS6AI score0.04249EPSS
Exploits0References1
CERT
CERT
added 2002/09/27 12:0 a.m.34 views

Alchemy Eye HTTP Server does not adequately validate user input thereby allowing remote command execution

Overview Alchemy Eye does not properly validate HTTP requests, allowing arbitrary command execution. Description Alchemy Eye includes an HTTP server for remote system monitoring and control. In versions 2.0 through 2.6 of Alchemy Eye, the HTTP server component does not adequately validate HTTP...

7.5CVSS7.3AI score0.02966EPSS
Exploits0References4
CERT
CERT
added 2002/09/16 12:0 a.m.34 views

X11 vulnerable to buffer overflow in handling of -xrm option

Overview The X11 library included with many UNIX variants contains a buffer-overflow vulnerability that may allow attackers to gain root privileges. Description The X11 library contains an unspecified buffer-overflow vulnerability. Programs that use this library and accept the -xrm option includi...

7.2CVSS6.8AI score0.0046EPSS
Exploits0References4
CERT
CERT
added 2002/07/15 12:0 a.m.34 views

Uudecode performs inadequate checks on user-specified output files

Overview The uudecode utility contains a vulnerability that allows an attacker to overwrite arbitrary files, symbolic links, and named pipes. Description The uudecode utility is used to decode files that have been encoded in the 7-bit printable format generated by uuencode. This format allows for...

7.2CVSS6.1AI score0.00622EPSS
Exploits0References3
CERT
CERT
added 2002/07/11 12:0 a.m.34 views

Network Associates PGP Outlook Plug-in contains buffer overflow in decoding mechanism

Overview A remotely exploitable buffer overflow exists in the Network Associates PGP Outlook Plug-in. Description As reported in eEye Digital Security Advisory AD20020710, a remotely exploitable buffer overflow exists in the PGP Outlook Plug-in. By sending a specially crafted message to a victim,...

7.5CVSS7.4AI score0.02647EPSS
Exploits0References3
CERT
CERT
added 2002/06/05 12:0 a.m.34 views

Yahoo! Messenger contains buffer overflow in "IMvironment" field

Overview Yahoo! Messenger is an instant messaging client. There is a remotely exploitable buffer overflow vulnerability in the "imv" field of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the "imv" field that may permit a remote attacker to execute arbitrary code ...

7.5CVSS7.9AI score0.06955EPSS
Exploits0References3
CERT
CERT
added 2002/06/04 12:0 a.m.34 views

ISC BIND 9 fails to process additional data chains in responses correctly thereby causing the server to fail an internal consistency check

Overview A denial-of-service vulnerability exists in version 9 of the Internet Software Consortium's ISC Berkeley Internet Name Domain BIND server. ISC BIND versions 8 and 4 are not affected. Exploiting this vulnerability will cause vulnerable BIND servers to shut down. Description BIND is an...

5CVSS6.9AI score0.14218EPSS
Exploits0References6
CERT
CERT
added 2002/05/08 12:0 a.m.34 views

ISC DHCPD contains format string vulnerability when logging DNS-update requests

Overview The DHCP daemon DHCPD is a server that is used to allocate network addresses and assign configuration parameters to dynamically configured hosts. A format string vulnerability may permit an intruder to execute code with the privileges of the DHCP daemon typically root. Description The...

10CVSS7AI score0.31139EPSS
Exploits0References3
CERT
CERT
added 2002/02/27 12:0 a.m.34 views

PHP contains vulnerability in "php_mime_split" function allowing arbitrary code execution

Overview Vulnerabilities in PHP versions 3 and 4 could allow an intruder to execute arbitrary code with the privileges of the web server. Description PHP is a scripting language widely used in web development. PHP can be installed on a variety of web servers, including Apache, IIS, Caudium,...

7.5CVSS6.8AI score0.24256EPSS
Exploits0References4
CERT
CERT
added 2001/12/14 12:0 a.m.34 views

Microsoft Internet Explorer download dialog may not display complete filenames

Overview There is a vulnerability in the download dialog box in Internet Explorer versions 5.5 and 6.0. The vulnerability allows an attacker to mislead users, causing them to inadvertently execute arbitrary code on the user's system. Description When downloading files included in web pages, users...

7.5CVSS7.6AI score0.2806EPSS
Exploits1References2
CERT
CERT
added 2001/11/15 12:0 a.m.35 views

Tripwire vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview Tripwire is a file integrity verification utility for Unix and Linux operating systems. In some implementations, tripwire opens insecure temporary files with predictable names in publically-writable directories. Using a symbolic link attack, a local intruder may overwrite or create...

4.6CVSS6.2AI score0.00367EPSS
Exploits0References4
CERT
CERT
added 2001/11/15 12:0 a.m.34 views

Digital Unix msgchk vulnerable to file contents disclosure via symlink redirection of profile

Overview msgchk, a part of the MH mail system, reads the user's .mhprofile in order to obtain configuration options. If the .mhprofile is linked to another file with illegal format, the first line of that file will be displayed in an error message by msgchk. Description msgchk is the portion of t...

2.1CVSS6AI score0.01107EPSS
Exploits1References1
CERT
CERT
added 2001/10/19 12:0 a.m.34 views

RSA Security ACE/Agent for Windows, ACE/Agent for Windows NT, and ACE/Agent for Windows 2000 do not properly handle null characters in URL

Overview RSA Security ACE/Agent for Windows, ACE/Agent for Windows NT, and ACE/Agent for Windows 2000 contain a vulnerability in which the ACE/Agent does not properly handle null characters contained in a URL. A specially crafted request may cause ACE/Agent to enter a debugging mode, possibly...

6.6AI score
Exploits0References2
CERT
CERT
added 2001/10/16 12:0 a.m.34 views

IBM AIX line printer daemon contains a buffer overflow in chk_fhost()

Overview The Line Printer daemon lpd shipped with AIX systems contains a buffer overflow in chkfhost that potentially allow a malicious remote user to gain root privileges. Description A buffer overflow exists in the chkfhost function of the line printer daemon lpd on AIX systems. An intruder cou...

7.3AI score
Exploits0References2
CERT
CERT
added 2001/08/15 12:0 a.m.34 views

Hewlett-Packard Virtual Vault OS (VVOS) contains vulnerability in mkacct program

Overview There is a vulnerability in the /sbin/mkacct program, part of Hewlett Packard's Virtual Vault Operating System VVOS. Description Virtual Vault is an environment "designed for use in the financial services, telecommunications, manufacturing, and retail industries to provide services such ...

10CVSS6.2AI score0.03948EPSS
Exploits1References2
CERT
CERT
added 2001/08/14 12:0 a.m.34 views

TrendMicro InterScan WebManager contains buffer overflow in RegGo.dll

Overview A remotely exploitable buffer overflow exists in Trend Micro InterScan WebManager. Description InterScan WebManager is an application that inspects http traffic flowing into a network for known malicious code. This application also has the capability to restrict access to...

7.5CVSS7.5AI score0.03364EPSS
Exploits0References2
CERT
CERT
added 2001/07/18 12:0 a.m.34 views

Linux kernel does not properly validate user input via sysctl for negative value

Overview Unprivileged local users can exploit the sysctl Linux kernel program to gain privileged access. Description A program called sysctl in the Linux kernel allows a privileged local user to read or write runtime system settings. Unprivileged local users are also allowed to use sysctl to read...

4.6CVSS5.5AI score0.00776EPSS
Exploits0References15
CERT
CERT
added 2001/07/17 12:0 a.m.34 views

Multiple versions of OpenLDAP are vulnerable to denial-of-service attacks

Overview Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the...

5CVSS6.6AI score0.04093EPSS
Exploits0References4
CERT
CERT
added 2001/05/25 12:0 a.m.34 views

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

Overview A vulnerability exists in Microsoft Internet Information Server IIS which could disclose sensitive information contained in CGI-type files. Typically a CGI/script file on a web server should only be executable and not readable by remote users. Sensitive information contained in such a fi...

7.5CVSS6.2AI score0.50594EPSS
Exploits0References5
CERT
CERT
added 2001/05/17 12:0 a.m.34 views

KDE2 kdesu 'keep password' option does not verify socket listener potentially exposing su password

Overview kdesu is a interactive interface to the substitute user su command for the KDE environment. To pass authentication information, it creates a file that may be read by unauthorized users. Description kdesu communicates with su using a socket, implemented as a file in /tmp with a predictabl...

2.1CVSS6.3AI score0.00362EPSS
Exploits0References6
CERT
CERT
added 2000/12/15 12:0 a.m.34 views

Filemaker Pro 5.0v3 and below does not adequately protect web-enabled databases

Overview FileMaker may expose data inadvertently. Description FileMaker Web Companion prior to version 5.0v4 permits unauthorized access to data even if the database manager believes that data is protected by Field Level Security. --- Impact Attackers can read information, including items such as...

5CVSS5.9AI score0.0155EPSS
Exploits0References5
CERT
CERT
added 2000/09/29 12:0 a.m.34 views

statd bounce vulnerability

Overview statd allows access to RPC services it shouldn't. Description Background rpc.statd and rpc.lockd are designed to work in conjunction with each other to manage NFS lock information in the event of a crash of an NFS client or server. The rpc service rpc.statd is a program designed to...

7.5CVSS7AI score0.04257EPSS
Exploits0References15
CERT
CERT
added 2000/09/26 12:0 a.m.34 views

Notes default ECL allows execution of unsigned code

Overview Lotus Notes prior to version 5.02, had permissive ECLs that allow for the execution of malicious mail messages. Description A Notes ECL is a list consisting of a Notes Username and a set of permissions from the following list for Notes 4.6.x: Access to file system Access to current...

7.5CVSS6.9AI score0.02988EPSS
Exploits1References5
CERT
CERT
added 2016/04/07 12:0 a.m.33 views

Lemur Vehicle Monitors BlueDriver LSB2 does not authenticate users for Bluetooth access

Overview The Lemur Vehicle Monitors BlueDriver is an aftermarket automotive device that connects to a vehicle's OBD-II port and provides information about the vehicle's performance. The BlueDriver does not require a PIN for Bluetooth access, which allows anyone in range to send arbitrary commands...

8.8CVSS9AI score0.01074EPSS
Exploits0References2
CERT
CERT
added 2015/09/03 12:0 a.m.33 views

OrientDB and Studio prior to version 2.1.1 contain multiple vulnerabilities

Overview Studio for OrientDB Server Community Edition version prior to version 2.1.1 contains several vulnerabilities. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2015-2912The Studio web interface to OrientDB contains a CSRF vulnerability. An attacker can perform actions with the...

8.8CVSS7.2AI score0.0186EPSS
Exploits0References2
CERT
CERT
added 2015/07/24 12:0 a.m.33 views

Fiat Chrysler Automobiles UConnect allows a vehicle to be remotely controlled

Overview Fiat Chrysler Automobiles FCA UConnect may allow a remote attacker to control physical vehicle functions. Description According to a WIRED news article, an unknown vulnerability in FCA UConnect software allows some functions of recent models of Jeep Cherokee to be controlled by a remote...

7.4AI score
Exploits0References17
CERT
CERT
added 2015/06/08 12:0 a.m.33 views

Aptexx Resident Anywhere exposes sensitive account information

Overview Aptexx Resident Anywhere does not require authentication to view and modify sensitive information contained in direct account and payment URLs, which can be leveraged to bypass authentication and access user accounts. Description CWE-288:Authentication Bypass Using an Alternate Path or...

7.5CVSS6.8AI score0.01663EPSS
Exploits0References2
CERT
CERT
added 2015/05/29 12:0 a.m.33 views

Blue Coat SSL Visibility Appliance contains multiple vulnerabilities

Overview Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800, versions 3.6.x to 3.8.3, contain multiple vulnerabilities. Description Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800, versions 3.6.x to 3.8.3, contain multiple vulnerabilities.CWE-352: Cross-Site...

6.8CVSS6.3AI score0.01539EPSS
Exploits0References8
CERT
CERT
added 2015/02/05 12:0 a.m.33 views

Ektron Content Management System (CMS) contains multiple vulnerabilities

Overview Ektron Content Management System CMS versions 8.5, 8.7, and 9.0 contain a XXE and a resource injection vulnerability. Description Note: A prior version of this report indicated incorrectly that Ektron CMS version 9.1 was vulnerable. The vendor indicated that the last version to ship with...

6.8CVSS6.8AI score0.22034EPSS
Exploits3References4
CERT
CERT
added 2014/07/21 12:0 a.m.33 views

Huawei E355 contains a stored cross-site scripting vulnerability

Overview The Huawei E355 built-in web interface contains a stored cross-site scripting vulnerability. Description Huawei E355 wireless broadband modems include a web interface for administration and additional services. The web interface allows users to receive SMS messages using the connected...

4.3CVSS5.9AI score0.00798EPSS
Exploits0References2
CERT
CERT
added 2014/05/28 12:0 a.m.33 views

Alfresco Enterprise contains multiple cross-site scripting vulnerabilities

Overview Alfresco Enterprise 4.1.6 and possibly earlier versions are vulnerable to multiple cross-site scripting XSS vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Alfresco Enterprise is vulnerable to a stored cross-site...

4.3CVSS5.6AI score0.01012EPSS
Exploits0References1
CERT
CERT
added 2014/05/01 12:0 a.m.33 views

Google Search Appliance dynamic navigation cross-site scripting vulnerability

Overview Google Search Appliance GSA devices contain a cross-site scripting XSS vulnerability when dynamic navigation is enabled. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Google Search Appliance versions earlier than 7.2.0.G.114 and...

4.3CVSS5.5AI score0.01177EPSS
Exploits0References2
CERT
CERT
added 2013/11/18 12:0 a.m.33 views

Adobe ColdFusion is vulnerable to cross-site scripting via the logviewer directory

Overview Adobe ColdFusion 10 update 11 and possibly earlier versions contain a reflected cross-site scripting XSS CWE-79 vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Adobe ColdFusion 10 update 11 and possibly earlier version...

3.5CVSS6.2AI score0.01842EPSS
Exploits0References3
CERT
CERT
added 2013/10/28 12:0 a.m.33 views

Cisco Identity Services Engine contains an input validation vulnerability

Overview Cisco Identity Services Engine contains an input validation vulnerability CWE-20. Description CWE-20: Improper Input Validation Cisco Identity Services Engine ISE contains an input validation vulnerability. The ISE device contains a TCP Dump option for analyzing traffic on the device. By...

9CVSS7.3AI score0.02291EPSS
Exploits0References3
CERT
CERT
added 2013/07/12 12:0 a.m.33 views

Wave EMBASSY Remote Administration Server SQL injection vulnerabilities

Overview The Wave EMBASSY Remote Administration Server ERAS contains the ERAS Help Desk application that fails to filter user input allowing for the exploitation of SQL injection vulnerabilities. These vulnerabilities may allow a remote authenticated attacker to execute procedures or SQL queries...

9CVSS8.8AI score0.02463EPSS
Exploits0References4
CERT
CERT
added 2012/09/17 12:0 a.m.33 views

CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent account vulnerability

Overview CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent accounts. Description According to the CoSoSys's website the Endpoint Protector 4 appliance is a DLP product used to prevent users from taking unauthorized data outside the company or bringing...

7.5CVSS6.5AI score0.06269EPSS
Exploits0References1
CERT
CERT
added 2012/08/16 12:0 a.m.33 views

CuteSoft Cute Editor 6.4 reflected cross site scripting

Overview CuteSoft Cute Editor 6.4, and possibly other verions, contains a reflected cross-site scripting XSS CWE-79 vulnerability. Description CuteSoft Cute Editor 6.4 has been reported to contain a reflected cross-site scripting XSS CWE-79 vulnerability. The GET request parameter called UploadID...

3.5CVSS6AI score0.00825EPSS
Exploits0References2
CERT
CERT
added 2012/06/05 12:0 a.m.33 views

Symantec Endpoint Protection network threat protection module Microsoft IIS denial of service vulnerability

Overview Symantec Endpoint Protection SEP Network Threat Protection module running on a Microsoft Internet Information Services IIS webserver contains a denial of service vulnerability when probed by an audit tool. Description Symantec Security Advisory SYM12-007 states:Overview Versions of...

5CVSS6.3AI score0.0287EPSS
Exploits0References1
CERT
CERT
added 2012/05/16 12:0 a.m.33 views

HP Business Service Management 9.12 remote code execution vulnerability

Overview The HP Business Service Management HPBSM application contains a remote code execution vulnerability. Version 9.12 has been reported to be affected but other versions may also be affected. Description HPBSM uses the JBOSS application server. In the default configuration, HPBSM contains op...

10CVSS7.1AI score0.08659EPSS
Exploits0References1
CERT
CERT
added 2011/11/02 12:0 a.m.33 views

NJStar Communicator MiniSmtp packet processing buffer overflow vulnerability

Overview NJStar Communicator MiniSmtp server contains a buffer overflow vulnerability when processing malicious packets. Description According to the NJStar's website, "NJStar Communicator enables Chinese, Japanese and Korean CJK language input, display, print and conversions on your English or...

10CVSS6.7AI score0.65262EPSS
Exploits2References1
CERT
CERT
added 2011/09/15 12:0 a.m.33 views

Mercator SENTINEL SQL injection allows authentication bypass

Overview Mercator SENTINEL contains an SQL injection vulnerability that could allow an attacker to bypass authentication and access the system with administrative privileges. Description Mercator SENTINEL is a flight safety management system. The login form of the web interface contains an SQL...

7.5CVSS7.5AI score0.01591EPSS
Exploits0References4
CERT
CERT
added 2011/06/02 12:0 a.m.33 views

RSLinx Classic EDS Wizard buffer overflow vulnerability

Overview Rockwell Automation RSLinx Classic EDS Hardware Installation Tool contains a buffer overflow vulnerability. Description According to Rockwell Automation's website: RSLinx Classic provides plant-floor device connectivity for a wide variety of Rockwell Software applications such as RSLogix...

9.3CVSS7AI score0.07588EPSS
Exploits0References4
CERT
CERT
added 2011/04/18 12:0 a.m.33 views

Wireshark DECT dissector vulnerability

Overview Wireshark's DECT dissector contains a remote code execution vulnerability in the context of the user running a packet capture or reading a packet capture file. Description Paul Makowski's report states:/epan/dissectors/packet-dect.c contains a stack-based buffer overflow via a call to...

9.3CVSS8AI score0.41744EPSS
Exploits18References4
CERT
CERT
added 2011/02/03 12:0 a.m.33 views

Cisco Tandberg E, EX, and C Series default root credentials

Overview Cisco's Tandberg C series endpoints and E/EX personal video units that run software versions prior to TC4.0.0 have a root administrator account enabled by default with no password. Description Cisco Advisory cisco-sa-20110202-tandberg states:"This vulnerability affects Tandberg C Series...

10CVSS6.7AI score0.13988EPSS
Exploits4References3
CERT
CERT
added 2010/11/30 12:0 a.m.33 views

AWStats fails to properly handle "\\" when specifying a configuration file directory

Overview AWStats fails to properly handle "\" when specifying a configuration file directory. This could allow an attacker to specify an arbitrary configuration file located on an SMB share. Description From the AWStats project website: "AWStats is a free powerful and featureful tool that...

7.5CVSS6.5AI score0.27673EPSS
Exploits2References6
CERT
CERT
added 2010/11/19 12:0 a.m.33 views

OSIsoft PI Server provides an insecure authentication mechanism

Overview OSIsoft PI Server provides an insecure authentication mechanism that could allow attackers to read or modify information in databases. Description PI Server is a core component of the OSIsoft PI System.According to a report from C4 Security, OSISoft release notes login required for PI...

6.4CVSS6.9AI score0.00669EPSS
Exploits0References3
CERT
CERT
added 2009/06/19 12:0 a.m.33 views

Foxit Reader contains multiple vulnerabilities in the processing of JPX data

Overview Foxit Reader contains multiple vulnerabilities that may allow an attacker to execute arbitrary code. Description Foxit Reader is software designed to view Portable Document Format PDF files. Foxit Reader contains multiple vulnerabilities in the handling of JPX JPEG2000 streams. These...

6.9AI score
Exploits0References3
CERT
CERT
added 2009/06/09 12:0 a.m.33 views

Adobe Reader contains multiple vulnerabilities in the processing of JPX data

Overview Adobe Reader and Acrobat contain multiple vulnerabilities that may allow an attacker to execute arbitrary code. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view PDF...

9.3CVSS7.9AI score0.08601EPSS
Exploits0References1
CERT
CERT
added 2007/11/16 12:0 a.m.33 views

RealNetworks player "Lyrics3" buffer overflow

Overview Multiple RealNetworks media players contain a buffer overflow which could allow a remote attacker to execute arbitrary code on an affected system. Description The RealNetworks RealPlayer and Helix Player applications allow users to view local and remote audio and video content. These...

9.3CVSS7.5AI score0.07729EPSS
Exploits0References3
CERT
CERT
added 2007/09/11 12:0 a.m.33 views

Microsoft Agent fails to properly handle specially crafted URLs

Overview Microsoft Agent fails to properly handle specially crafted URLs, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system Description Microsoft Agent is software that provides animated characters to enhance interaction with computer systems...

9.3CVSS6.4AI score0.57217EPSS
Exploits6References4
Total number of security vulnerabilities3704