Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2002/08/19 12:0 a.m.33 views

Low BandWidth X proxy vulnerable to buffer overflow via crafted display command line option

Overview A locally exploitable buffer overflow exists in the Low BandWidth X proxy. Description The Low BandWidth X proxy is a component of XFree86 a freely redistributable open-source implementation of the X Window System. The Low BandWidth X proxy allows applications to transparently take...

7.2CVSS6.9AI score0.00514EPSS
Exploits0References4
CERT
CERT
added 2002/07/11 12:0 a.m.33 views

Network Associates PGP Outlook Plug-in contains buffer overflow in decoding mechanism

Overview A remotely exploitable buffer overflow exists in the Network Associates PGP Outlook Plug-in. Description As reported in eEye Digital Security Advisory AD20020710, a remotely exploitable buffer overflow exists in the PGP Outlook Plug-in. By sending a specially crafted message to a victim,...

7.5CVSS7.4AI score0.02647EPSS
Exploits0References3
CERT
CERT
added 2002/07/09 12:0 a.m.33 views

Microsoft ASP.NET contains buffer overflow

Overview Microsoft ASP.NET contains buffer overflow in routine that handles the processing of cookies in StateServer mode. Description ASP.NET is a programming framework provided by Microsoft. For more details about this framework, please see the official web page.A remotely exploitable buffer...

10CVSS6.8AI score0.24346EPSS
Exploits0References3
CERT
CERT
added 2002/05/22 12:0 a.m.33 views

Cisco Content Service Switch performs soft reset when XML data is sent to web management interface

Overview The Cisco Content Service Switch contains a denial-of-service vulnerability that allows remote attackers to perform a soft reset on affected devices. Description The Cisco Content Service Switch CSS products include support for the session and application layers. This additional...

5CVSS6.3AI score0.02512EPSS
Exploits0References2
CERT
CERT
added 2002/04/05 12:0 a.m.33 views

AOL Instant Messenger vulnerable to denial of service via crafted file name

Overview AOL Instant Messenger AIM 4.1 and prior are vulnerable to a denial of service vulnerability. A denial of service occurs when filenames that contain a "%s" are sent to a victim. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM...

5CVSS7.1AI score0.02209EPSS
Exploits0References1
CERT
CERT
added 2002/03/29 12:0 a.m.33 views

Netwin Surge FTP Server does not adequately validate user input thereby allowing directory traversal

Overview Surge FTP Server 2.0a contains a directory traversal vulnerability. Description Surge FTP Server 2.0a allows remote users to list files outside the FTP root directory. --- Impact Attackers may list files from directories to which access was not granted. --- Solution Upgrade to version...

5CVSS6.4AI score0.02276EPSS
Exploits1References3
CERT
CERT
added 2002/02/27 12:0 a.m.33 views

PHP contains vulnerability in "php_mime_split" function allowing arbitrary code execution

Overview Vulnerabilities in PHP versions 3 and 4 could allow an intruder to execute arbitrary code with the privileges of the web server. Description PHP is a scripting language widely used in web development. PHP can be installed on a variety of web servers, including Apache, IIS, Caudium,...

7.5CVSS6.8AI score0.24256EPSS
Exploits0References4
CERT
CERT
added 2001/11/15 12:0 a.m.33 views

Syskey reuses keystream

Overview Versions of SYSKEY in use prior to December, 1999 leave the SAM database vulnerable to cryptanalytic attacks. Description SYSKEY is a utility introduced in Microsoft Windows NT 4.0 service pack 3 to provide strong cryptographic protection to the SAM password database. The protection SYSK...

5CVSS6AI score0.07194EPSS
Exploits0References6
CERT
CERT
added 2001/11/15 12:0 a.m.33 views

Digital Unix msgchk vulnerable to file contents disclosure via symlink redirection of profile

Overview msgchk, a part of the MH mail system, reads the user's .mhprofile in order to obtain configuration options. If the .mhprofile is linked to another file with illegal format, the first line of that file will be displayed in an error message by msgchk. Description msgchk is the portion of t...

2.1CVSS6AI score0.01107EPSS
Exploits1References1
CERT
CERT
added 2001/11/15 12:0 a.m.33 views

Netscape vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview During installation, Netscape 6.0.1 creates a temporary file with insecure options and a predictable name in a world-writable location. By using a symbolic link attack, an attacker could cause overwrite of arbitrary files. Description The installation script for Netscape 6.0.1 creates a...

2.1CVSS6.2AI score0.00333EPSS
Exploits0References1
CERT
CERT
added 2001/11/15 12:0 a.m.34 views

Tripwire vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview Tripwire is a file integrity verification utility for Unix and Linux operating systems. In some implementations, tripwire opens insecure temporary files with predictable names in publically-writable directories. Using a symbolic link attack, a local intruder may overwrite or create...

4.6CVSS6.2AI score0.00367EPSS
Exploits0References4
CERT
CERT
added 2001/10/03 12:0 a.m.33 views

Common Desktop Environment (CDE) ToolTalk RPC Server rpc.ttdbserverd contains format string vulnerability

Overview A vulnerability exists in CDE ToolTalk that may allow a remote attacker to execute arbitrary code with root privileges. Description Internet Security Systems ISS X-Force has discovered a format string vulnerability in the Common Desktop Environment CDE ToolTalk Remote Procedure Call RPC...

10CVSS7.6AI score0.05714EPSS
Exploits0References4
CERT
CERT
added 2001/08/17 12:0 a.m.33 views

Apache Tomcat vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the Apache Tomcat Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from...

5.1CVSS5.4AI score0.1382EPSS
Exploits1References5
CERT
CERT
added 2001/07/31 12:0 a.m.33 views

HPUX kmmodreg allows arbitrary file overwriting via symlink redirection of temporary file

Overview The kmmodreg program distributed with some HPUX versions creates two temporary files with predictable names. Due to insecure handling of these files, an intruder may use them to overwrite arbitrary files during system boot via a symbolic link attack. Description The kmmodreg program...

1.2CVSS7AI score0.06116EPSS
Exploits0References2
CERT
CERT
added 2001/07/27 12:0 a.m.33 views

Curses library vulnerable to buffer overflow

Overview The curses library derived from System V contains a buffer overflow. A local user can execute a command that uses this library to exploit the vulnerability and gain elevated privileges. Description There is a buffer overflow in the curses library that could permit a local user to gain...

4.6CVSS7.2AI score0.00366EPSS
Exploits0References1
CERT
CERT
added 2001/07/24 12:0 a.m.33 views

SSH Secure Shell sshd2 does not adequately authenticate logins to accounts with encrypted password fields containing two or fewer characters

Overview A vulnerability exists in SSH Secure Shell that allows an intruder to log to an account which contains a stored encrypted password of two or fewer characters in length. An intruder may leverage the privileges of such an account to gain full control of the system. Description Certain Unix...

7.2CVSS6.8AI score0.01335EPSS
Exploits1References3
CERT
CERT
added 2001/05/17 12:0 a.m.33 views

Microsoft Windows 2000 Kerberos service vulnerable to DoS via repeated invalid requests

Overview A core service of Microsoft Windows 2000 domain controllers fails to correctly handle certain invalid requests. After receiving a number of invalid requests, the domain controller may have to be rebooted to return it to correct operation. A disabled domain controller can interfere with t...

5CVSS6.4AI score0.20025EPSS
Exploits0References6
CERT
CERT
added 2001/05/10 12:0 a.m.33 views

AT&T WinVNC allows user access to passwords and configuration via weak registry permissions

Overview The default installation of WinVNC on certain Microsoft Windows systems permits unauthenticated access to the WinVNC service. Description AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be available on the desktop of a remote...

9CVSS6.4AI score0.01505EPSS
Exploits0References3
CERT
CERT
added 2001/02/06 12:0 a.m.33 views

SSH authentication agent follows symlinks via a UNIX domain socket

Overview Older versions of SSH allow local attackers to to establish ssh sessions as the victim user without authentication. Description The text of this document was originally released on January 20, 1998, as SNI-23, developed by Secure Networks, Inc. SNI. To more widely broadcast this...

2.1CVSS6.2AI score0.01015EPSS
Exploits0References1
CERT
CERT
added 2000/12/15 12:0 a.m.33 views

Filemaker Pro 5.0v3 and below does not adequately protect web-enabled databases

Overview FileMaker may expose data inadvertently. Description FileMaker Web Companion prior to version 5.0v4 permits unauthorized access to data even if the database manager believes that data is protected by Field Level Security. --- Impact Attackers can read information, including items such as...

5CVSS5.9AI score0.0155EPSS
Exploits0References5
CERT
CERT
added 2000/10/19 12:0 a.m.33 views

MIT Kerberos 5 ksu may allow either the '-r' or '-l' time-interval parameter to overflow the stack with the characters ''d', 'h', 'm', or 's'

Overview Description From the reporter: Time-interval parsing for the "-r" and "-l" command-line options calls a library routine which uses sscanf"%d%d" and passes the address of an automatic int variable to correspond to the second %-sequence. But the % sequence needs an arbitrarily large string...

7.2CVSS6.5AI score0.00442EPSS
Exploits0
CERT
CERT
added 2021/02/01 12:0 a.m.32 views

Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs

Overview Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description The Adobe ColdFusion installer fails to set a secure access-control list ACL on the default installation directory, such as...

7.8CVSS7.8AI score0.00501EPSS
Exploits0References4
CERT
CERT
added 2016/09/28 12:0 a.m.32 views

Aternity version 9 vulnerable to cross-site scripting and remote code execution

Overview The Aternity webserver, version 9 and prior, is reportedly vulnerable to cross-site scripting XSS on several web pages, and remote code execution via inclusion of untrusted functionality by default due to improper authentication before execution. Description CWE-80: Improper Neutralizati...

9.8CVSS8.1AI score0.03898EPSS
Exploits0References2
CERT
CERT
added 2016/03/30 12:0 a.m.32 views

Patterson Dental Eaglesoft uses a hard-coded database password across installations

Overview Patterson Dental Eaglesoft is a dental records software. Eaglesoft uses a hard-coded database password that is shared across all installations. Description CWE-798: Use of Hard-coded Credentials- CVE-2016-2343 According to the researcher, Eaglesoft uses hard-coded credentials to access a...

10CVSS9.6AI score0.02431EPSS
Exploits0References3
CERT
CERT
added 2015/07/24 12:0 a.m.32 views

Fiat Chrysler Automobiles UConnect allows a vehicle to be remotely controlled

Overview Fiat Chrysler Automobiles FCA UConnect may allow a remote attacker to control physical vehicle functions. Description According to a WIRED news article, an unknown vulnerability in FCA UConnect software allows some functions of recent models of Jeep Cherokee to be controlled by a remote...

7.4AI score
Exploits0References17
CERT
CERT
added 2015/06/08 12:0 a.m.32 views

Toshiba CHEC contains a hard-coded cryptographic key

Overview Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key. Description CWE-321: Use of Hard-coded Cryptographic Key - CVE-2014-4875Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key in the...

5CVSS6AI score0.02063EPSS
Exploits0References1
CERT
CERT
added 2014/07/21 12:0 a.m.32 views

MicroPact iComplaints cross-site scripting vulnerability

Overview MicroPact iComplaints contains a persistent cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' MicroPact iComplaints contains a persistent cross-site scripting vulnerability. The AddStdLetter.jsp file...

3.5CVSS6.5AI score0.00912EPSS
Exploits0References1
CERT
CERT
added 2014/07/21 12:0 a.m.32 views

Huawei E355 contains a stored cross-site scripting vulnerability

Overview The Huawei E355 built-in web interface contains a stored cross-site scripting vulnerability. Description Huawei E355 wireless broadband modems include a web interface for administration and additional services. The web interface allows users to receive SMS messages using the connected...

4.3CVSS5.9AI score0.00798EPSS
Exploits0References2
CERT
CERT
added 2014/06/17 12:0 a.m.32 views

Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities

Overview Symantec Web Gateway 5.1.1.24, and possibly earlier versions, contains cross-site scripting and SQL injection vulnerabilities. Description CVE-2014-1652 -CWE-79: Improper Neutralization of Input During Web Page Generation Symantec Web Gateway 5.1.1.24, and possibly earlier versions,...

5.8CVSS9.5AI score0.01976EPSS
Exploits0References1
CERT
CERT
added 2014/06/10 12:0 a.m.32 views

Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability

Overview Cisco AsyncOS contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-3289 Cisco AsyncOS, the underlying OS for the Cisco Email Security Appliance, Web Security Applianc...

4.3CVSS5.8AI score0.02426EPSS
Exploits4References3
CERT
CERT
added 2014/06/09 12:0 a.m.32 views

Unauthorized modification of UEFI variables in UEFI systems

Overview Certain firmware implementations may not correctly protect and validate information contained in certain UEFI variables. Exploitation of such vulnerabilities could potentially lead to bypass of security features and/or denial of service for the platform. Description As discussed in recen...

6.8AI score
Exploits0References3
CERT
CERT
added 2014/04/11 12:0 a.m.32 views

Fortinet FortiADC D-series contains a cross-site scripting vulnerability

Overview Fortinet FortiADC D-series 3.2.0, and possibly earlier versions, contains a cross-site scripting vulnerability. CWE-79 Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Fortinet FortiADC D-series 3.2.0, and possibly earlier versions,...

4.3CVSS6.1AI score0.0188EPSS
Exploits2References4
CERT
CERT
added 2014/01/09 12:0 a.m.32 views

VASCO IDENTIKEY Authentication Server contains an authentication bypass vulnerability

Overview VASCO IDENTIKEY Authentication Server version 3.4.x contains an authentication bypass vulnerability which could allow an attacker to login to a system without needing the user's Active Directory password credentials. Description CWE-305: Authentication Bypass by Primary WeaknessVASCO's...

7.6AI score
Exploits0References3
CERT
CERT
added 2013/10/01 12:0 a.m.32 views

L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack

Overview L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack, resulting in information leakage. allowing a local attacker to derive the contents of memory not belonging to the attacker. Description Common L3 CPU shared cache architecture is susceptible to a...

1.9CVSS6.7AI score0.00533EPSS
Exploits0References4
CERT
CERT
added 2013/09/23 12:0 a.m.32 views

KnowledgeView Editorial and Management application cross-site scripting vulnerability

Overview KnowledgeView Editorial and Management application contains a reflected cross-site scripting XSS vulnerability CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' KnowledgeView Editorial and Management application contains a...

4.3CVSS6AI score0.01012EPSS
Exploits0References2
CERT
CERT
added 2013/01/25 12:0 a.m.32 views

SUSE WebYaST remotely accessible hosts list vulnerability

Overview The WebYaST hosts list is remotely accessible by unauthenticated attackers. An attacker may be able to add a malicious host to the list and perform a man-in-the-middle attack against WebYaST. Description The SUSE security advisory states:The hosts list used by WebYaST for connecting to...

5.8CVSS6.4AI score0.02081EPSS
Exploits0References2
CERT
CERT
added 2012/12/12 12:0 a.m.32 views

IBM Power 5 Service Processor privilege escalation vulnerability

Overview IBM Power 5 Service Processor contain a vulnerability which could allow an attacker to operate with elevated privileges. Description IBM's security advisory states, "A security issue has been identified on IBM Power 5 Systems such that the firewall code does not get executed in certain...

7.9CVSS6.5AI score0.01172EPSS
Exploits0References1
CERT
CERT
added 2012/05/21 12:0 a.m.32 views

Xelex Technologies MobileTrack contains multiple vulnerabilities

Overview Xelex Technologies' MobileTrack application has been reported to not verify the source of administrative SMS commands. An unauthenticated remote attacker can send commands over SMS to MobileTrack. User data is also exposed on an insecure FTP server account. Description The website for...

7.6CVSS7.4AI score0.022EPSS
Exploits0References7
CERT
CERT
added 2012/02/20 12:0 a.m.32 views

UTC Fire & Security Master Clock contains hardcoded default administrator login credentials

Overview UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock have default administrator login credentials that can not be modified by an administrator. Description UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock via Zigbee can sync up to 60,000 slave clocks located throughout a campus-area...

10CVSS6.7AI score0.03251EPSS
Exploits0References1
CERT
CERT
added 2011/09/13 12:0 a.m.32 views

Microsoft Office uninitialized object pointer vulnerability

Overview Microsoft Office fails to properly handle certain Word documents, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Code in the MSO.dll component of Microsoft Office 2003, 2007, and 2010 fails to properly initialize an object pointer when loading...

9.3CVSS6.5AI score0.27697EPSS
Exploits1References2
CERT
CERT
added 2011/03/21 12:0 a.m.32 views

Foolabs Xpdf contains a denial of service vulnerability

Overview Foolabs Xpdf contains a denial of service vulnerability caused by the t1lib library incorrectly parsing Type 1 fonts. Description According to Foolabs: Xpdf is an open source viewer for Portable Document Format PDF files. These are sometimes also called 'Acrobat' files, from the name of...

6.8CVSS7.1AI score0.13055EPSS
Exploits0References1
CERT
CERT
added 2011/02/11 12:0 a.m.32 views

Adobe Shockwave 11.5.9.615 contains multiple memory corruption vulnerabilities

Overview Adobe Shockwave Player 11.5.9.615 and earlier versions on the Windows and Macintosh operating systems contain critical vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Macromedia Shockwave Player is...

6.9AI score
Exploits0References1
CERT
CERT
added 2011/01/27 12:0 a.m.32 views

ISC DHCP server DHCPv6 decline message processing vulnerability

Overview ISC DHCPv6 versions 4.0.x - 4.2.x are susceptible to a denial-of-service vulnerability. Description The ISC Advisory states:"When the DHCPv6 server code processes a message for an address that was previously declined and internally tagged as abandoned it can trigger an assert failure...

7.8CVSS6.5AI score0.32751EPSS
Exploits0References2
CERT
CERT
added 2010/07/14 12:0 a.m.32 views

ISC DHCP server fails to handle zero-length client identifier

Overview A vulnerability in ISC DHCP could allow a remote attacker to cause the DHCP server to exit, resulting in a denial of service. Description ISC DHCP is a commonly redistributed reference implementation of the Dynamic Host Configuration Protocol DHCP, including a server, client, and relay...

5CVSS6.5AI score0.76412EPSS
Exploits7References4
CERT
CERT
added 2009/05/14 12:0 a.m.32 views

Cyrus SASL library buffer overflow vulnerability

Overview The Cyrus SASL library contains a buffer overflow vulnerability that could allow an attacker to execute code or cause a vulnerable program to crash. Description SASL Simple Authentication and Security Layer is a method for adding authentication support to various protocols. SASL is...

7.5CVSS9.6AI score0.08206EPSS
Exploits0References3
CERT
CERT
added 2008/12/05 12:0 a.m.32 views

Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control stack buffer overflow

Overview The Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Linksys WVC54GC wireless video camera provides an ActiveX control called...

9.3CVSS7.3AI score0.06205EPSS
Exploits1References1
CERT
CERT
added 2008/05/29 12:0 a.m.32 views

Apple Help Viewer vulnerable to buffer overflow

Overview A vulnerability in the way Apple Help Viewer handles specially crafted URLs may allow an attacker to execute arbitrary code or cause a denial of service. Description According to Apple Security Update 2008-003: An integer underflow in Help Viewer's handling of help:topic URLs may result ...

9.3CVSS7.5AI score0.0818EPSS
Exploits1References1
CERT
CERT
added 2008/05/27 12:0 a.m.32 views

Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

6.8CVSS7AI score0.05967EPSS
Exploits2References2
CERT
CERT
added 2008/03/06 12:0 a.m.32 views

Sun Java WebStart stack buffer overflow

Overview Sun Java WebStart contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Sun Java WebStart is a technology for launching stand-alone Java applications. On Microsoft Windows systems, Java WebStart ...

6.8CVSS8.8AI score0.07255EPSS
Exploits0References3
CERT
CERT
added 2008/01/25 12:0 a.m.32 views

GE Fanuc Proficy Information Portal transmits authentication credentials in plain text

Overview GE Fanuc Proficy Information Portal can transmit authentication credentials in plain text. An attacker could monitor traffic, obtain valid credentials, and gain access to the portal. Description GE Fanuc Proficy Information Portal is a web-based systems reporting tool often used to...

9.8CVSS9.6AI score0.01957EPSS
Exploits0References11
Total number of security vulnerabilities3704