Lucene search
K
CertMost viewed

3704 matches found

CERT
CERT
added 2001/10/03 12:0 a.m.33 views

Common Desktop Environment (CDE) ToolTalk RPC Server rpc.ttdbserverd contains format string vulnerability

Overview A vulnerability exists in CDE ToolTalk that may allow a remote attacker to execute arbitrary code with root privileges. Description Internet Security Systems ISS X-Force has discovered a format string vulnerability in the Common Desktop Environment CDE ToolTalk Remote Procedure Call RPC...

10CVSS7.6AI score0.05714EPSS
Exploits0References4
CERT
CERT
added 2001/07/31 12:0 a.m.33 views

HPUX kmmodreg allows arbitrary file overwriting via symlink redirection of temporary file

Overview The kmmodreg program distributed with some HPUX versions creates two temporary files with predictable names. Due to insecure handling of these files, an intruder may use them to overwrite arbitrary files during system boot via a symbolic link attack. Description The kmmodreg program...

1.2CVSS7AI score0.06116EPSS
Exploits0References2
CERT
CERT
added 2001/07/24 12:0 a.m.33 views

SSH Secure Shell sshd2 does not adequately authenticate logins to accounts with encrypted password fields containing two or fewer characters

Overview A vulnerability exists in SSH Secure Shell that allows an intruder to log to an account which contains a stored encrypted password of two or fewer characters in length. An intruder may leverage the privileges of such an account to gain full control of the system. Description Certain Unix...

7.2CVSS6.8AI score0.01335EPSS
Exploits1References3
CERT
CERT
added 2001/05/10 12:0 a.m.33 views

AT&T WinVNC allows user access to passwords and configuration via weak registry permissions

Overview The default installation of WinVNC on certain Microsoft Windows systems permits unauthenticated access to the WinVNC service. Description AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be available on the desktop of a remote...

9CVSS6.4AI score0.01505EPSS
Exploits0References3
CERT
CERT
added 2001/05/06 12:0 a.m.33 views

Sun Solaris SNMP proxy agent /opt/SUNWssp/bin/snmpd contains buffer overflow

Overview The SNMP proxy agent on certain large Solaris systems contains a buffer overflow. It may be possible, though it is unconfirmed, that an intruder could use this flaw to execute code with root privileges. Description The Sun Enterprise 10000 is monitored and controlled by a systems called ...

7.2CVSS7.1AI score0.00388EPSS
Exploits0References2
CERT
CERT
added 2001/04/10 12:0 a.m.33 views

Alcatel ADSL modems provide EXPERT administrative account with an easily reversible encrypted password

Overview The San Diego Supercomputer Center SDSC has recently discovered several vulnerabilities in the Alcatel Speed Touch line of Asymmetric Digital Subscriber Line ADSL modems. These vulnerabilities are the result of weak authentication and access control policies and result in one or more of...

7.8AI score
Exploits0References3
CERT
CERT
added 2001/02/06 12:0 a.m.33 views

SSH authentication agent follows symlinks via a UNIX domain socket

Overview Older versions of SSH allow local attackers to to establish ssh sessions as the victim user without authentication. Description The text of this document was originally released on January 20, 1998, as SNI-23, developed by Secure Networks, Inc. SNI. To more widely broadcast this...

2.1CVSS6.2AI score0.01015EPSS
Exploits0References1
CERT
CERT
added 2000/10/19 12:0 a.m.33 views

MIT Kerberos 5 ksu may allow either the '-r' or '-l' time-interval parameter to overflow the stack with the characters ''d', 'h', 'm', or 's'

Overview Description From the reporter: Time-interval parsing for the "-r" and "-l" command-line options calls a library routine which uses sscanf"%d%d" and passes the address of an automatic int variable to correspond to the second %-sequence. But the % sequence needs an arbitrarily large string...

7.2CVSS6.5AI score0.00442EPSS
Exploits0
CERT
CERT
added 2021/02/01 12:0 a.m.32 views

Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs

Overview Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description The Adobe ColdFusion installer fails to set a secure access-control list ACL on the default installation directory, such as...

7.8CVSS7.8AI score0.00501EPSS
Exploits0References4
CERT
CERT
added 2015/06/08 12:0 a.m.32 views

Toshiba CHEC contains a hard-coded cryptographic key

Overview Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key. Description CWE-321: Use of Hard-coded Cryptographic Key - CVE-2014-4875Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key in the...

5CVSS6AI score0.02063EPSS
Exploits0References1
CERT
CERT
added 2014/07/21 12:0 a.m.32 views

MicroPact iComplaints cross-site scripting vulnerability

Overview MicroPact iComplaints contains a persistent cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' MicroPact iComplaints contains a persistent cross-site scripting vulnerability. The AddStdLetter.jsp file...

3.5CVSS6.5AI score0.00912EPSS
Exploits0References1
CERT
CERT
added 2014/06/17 12:0 a.m.32 views

Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities

Overview Symantec Web Gateway 5.1.1.24, and possibly earlier versions, contains cross-site scripting and SQL injection vulnerabilities. Description CVE-2014-1652 -CWE-79: Improper Neutralization of Input During Web Page Generation Symantec Web Gateway 5.1.1.24, and possibly earlier versions,...

5.8CVSS9.5AI score0.01976EPSS
Exploits0References1
CERT
CERT
added 2014/06/10 12:0 a.m.32 views

Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability

Overview Cisco AsyncOS contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-3289 Cisco AsyncOS, the underlying OS for the Cisco Email Security Appliance, Web Security Applianc...

4.3CVSS5.8AI score0.02426EPSS
Exploits4References3
CERT
CERT
added 2014/06/09 12:0 a.m.32 views

Unauthorized modification of UEFI variables in UEFI systems

Overview Certain firmware implementations may not correctly protect and validate information contained in certain UEFI variables. Exploitation of such vulnerabilities could potentially lead to bypass of security features and/or denial of service for the platform. Description As discussed in recen...

6.8AI score
Exploits0References3
CERT
CERT
added 2014/01/09 12:0 a.m.32 views

VASCO IDENTIKEY Authentication Server contains an authentication bypass vulnerability

Overview VASCO IDENTIKEY Authentication Server version 3.4.x contains an authentication bypass vulnerability which could allow an attacker to login to a system without needing the user's Active Directory password credentials. Description CWE-305: Authentication Bypass by Primary WeaknessVASCO's...

7.6AI score
Exploits0References3
CERT
CERT
added 2013/09/23 12:0 a.m.32 views

KnowledgeView Editorial and Management application cross-site scripting vulnerability

Overview KnowledgeView Editorial and Management application contains a reflected cross-site scripting XSS vulnerability CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' KnowledgeView Editorial and Management application contains a...

4.3CVSS6AI score0.01012EPSS
Exploits0References2
CERT
CERT
added 2013/01/25 12:0 a.m.32 views

SUSE WebYaST remotely accessible hosts list vulnerability

Overview The WebYaST hosts list is remotely accessible by unauthenticated attackers. An attacker may be able to add a malicious host to the list and perform a man-in-the-middle attack against WebYaST. Description The SUSE security advisory states:The hosts list used by WebYaST for connecting to...

5.8CVSS6.4AI score0.02081EPSS
Exploits0References2
CERT
CERT
added 2012/12/12 12:0 a.m.32 views

IBM Power 5 Service Processor privilege escalation vulnerability

Overview IBM Power 5 Service Processor contain a vulnerability which could allow an attacker to operate with elevated privileges. Description IBM's security advisory states, "A security issue has been identified on IBM Power 5 Systems such that the firewall code does not get executed in certain...

7.9CVSS6.5AI score0.01172EPSS
Exploits0References1
CERT
CERT
added 2012/07/09 12:0 a.m.32 views

Netsweeper Internet Filter WebAdmin Portal multiple vulnerabilities

Overview Netsweeper Internet Filter WebAdmin Portal contains XSS, CSRF and SQLi vulnerabilities. Description Netsweeper Internet Filter's WebAdmin Portal contains the following XSS, CSRF and SQLi vulnerabilities.CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site...

10CVSS8.2AI score0.02917EPSS
Exploits7References5
CERT
CERT
added 2012/05/21 12:0 a.m.32 views

Xelex Technologies MobileTrack contains multiple vulnerabilities

Overview Xelex Technologies' MobileTrack application has been reported to not verify the source of administrative SMS commands. An unauthenticated remote attacker can send commands over SMS to MobileTrack. User data is also exposed on an insecure FTP server account. Description The website for...

7.6CVSS7.4AI score0.022EPSS
Exploits0References7
CERT
CERT
added 2012/02/20 12:0 a.m.32 views

UTC Fire & Security Master Clock contains hardcoded default administrator login credentials

Overview UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock have default administrator login credentials that can not be modified by an administrator. Description UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock via Zigbee can sync up to 60,000 slave clocks located throughout a campus-area...

10CVSS6.7AI score0.03251EPSS
Exploits0References1
CERT
CERT
added 2011/09/13 12:0 a.m.32 views

Microsoft Office uninitialized object pointer vulnerability

Overview Microsoft Office fails to properly handle certain Word documents, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Code in the MSO.dll component of Microsoft Office 2003, 2007, and 2010 fails to properly initialize an object pointer when loading...

9.3CVSS6.5AI score0.27697EPSS
Exploits1References2
CERT
CERT
added 2011/03/21 12:0 a.m.32 views

Foolabs Xpdf contains a denial of service vulnerability

Overview Foolabs Xpdf contains a denial of service vulnerability caused by the t1lib library incorrectly parsing Type 1 fonts. Description According to Foolabs: Xpdf is an open source viewer for Portable Document Format PDF files. These are sometimes also called 'Acrobat' files, from the name of...

6.8CVSS7.1AI score0.13055EPSS
Exploits0References1
CERT
CERT
added 2011/02/11 12:0 a.m.32 views

Adobe Shockwave 11.5.9.615 contains multiple memory corruption vulnerabilities

Overview Adobe Shockwave Player 11.5.9.615 and earlier versions on the Windows and Macintosh operating systems contain critical vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Macromedia Shockwave Player is...

6.9AI score
Exploits0References1
CERT
CERT
added 2011/01/27 12:0 a.m.32 views

ISC DHCP server DHCPv6 decline message processing vulnerability

Overview ISC DHCPv6 versions 4.0.x - 4.2.x are susceptible to a denial-of-service vulnerability. Description The ISC Advisory states:"When the DHCPv6 server code processes a message for an address that was previously declined and internally tagged as abandoned it can trigger an assert failure...

7.8CVSS6.5AI score0.32751EPSS
Exploits0References2
CERT
CERT
added 2010/07/14 12:0 a.m.32 views

ISC DHCP server fails to handle zero-length client identifier

Overview A vulnerability in ISC DHCP could allow a remote attacker to cause the DHCP server to exit, resulting in a denial of service. Description ISC DHCP is a commonly redistributed reference implementation of the Dynamic Host Configuration Protocol DHCP, including a server, client, and relay...

5CVSS6.5AI score0.76412EPSS
Exploits7References4
CERT
CERT
added 2009/05/14 12:0 a.m.32 views

Cyrus SASL library buffer overflow vulnerability

Overview The Cyrus SASL library contains a buffer overflow vulnerability that could allow an attacker to execute code or cause a vulnerable program to crash. Description SASL Simple Authentication and Security Layer is a method for adding authentication support to various protocols. SASL is...

7.5CVSS9.6AI score0.08206EPSS
Exploits0References3
CERT
CERT
added 2008/12/05 12:0 a.m.32 views

Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control stack buffer overflow

Overview The Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Linksys WVC54GC wireless video camera provides an ActiveX control called...

9.3CVSS7.3AI score0.06205EPSS
Exploits1References1
CERT
CERT
added 2008/05/29 12:0 a.m.32 views

Apple Help Viewer vulnerable to buffer overflow

Overview A vulnerability in the way Apple Help Viewer handles specially crafted URLs may allow an attacker to execute arbitrary code or cause a denial of service. Description According to Apple Security Update 2008-003: An integer underflow in Help Viewer's handling of help:topic URLs may result ...

9.3CVSS7.5AI score0.0818EPSS
Exploits1References1
CERT
CERT
added 2008/05/27 12:0 a.m.32 views

Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

6.8CVSS7AI score0.05967EPSS
Exploits2References2
CERT
CERT
added 2008/01/09 12:0 a.m.32 views

AOL Radio AOLMediaPlaybackControl.exe stack buffer overflow

Overview The AOL AOLMediaPlaybackControl application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description AOL Radio includes several ActiveX controls to stream audio in web pages. The AOL AmpX and...

9.3CVSS7.3AI score0.24341EPSS
Exploits1References3
CERT
CERT
added 2007/12/04 12:0 a.m.32 views

Mortbay Jetty fails to properly handle cookies with quotes

Overview Mortbay Jetty fails to properly handle cookie quotes, which may allow session hijacking. Description Mortbay Jetty is a web server that is written in Java. Jetty fails to properly handle cookies with certain quote sequences. This can cause the Jetty cookie parsing mechanism to improperly...

7.5CVSS5.2AI score0.03978EPSS
Exploits0References2
CERT
CERT
added 2007/11/15 12:0 a.m.32 views

Apple QuickTime heap buffer overflow vulnerability

Overview Apple QuickTime contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute code. Description Apple QuickTime is a media player that includes a browser plugin. Color table atoms can set a list of preferred colors for displaying movieson...

9.3CVSS7.5AI score0.46662EPSS
Exploits0References2
CERT
CERT
added 2007/11/08 12:0 a.m.32 views

Mozilla-based browsers jar: URI cross-site scripting vulnerability

Overview Mozilla-based web browsers including Firefox contain a vulnerability that may allow an attacker to execute code, or conduct cross-site scripting attacks. Description The jar: protocol is designed to extract content from ZIP compressed files. Mozilla-based browsers include support for jar...

4.3CVSS5.7AI score0.02712EPSS
Exploits0References7
CERT
CERT
added 2007/09/12 12:0 a.m.32 views

Microsoft Windows Services for UNIX privilege escalation vulnerability

Overview Microsoft Windows Services for UNIX contains a vulnerability that may allow a local, authenticated attacker to gain elevated privileges. Description Windows Services for UNIX fails to properly handle setuid binary files. An attacker may be able to trigger this vulnerability by running a...

6.9CVSS5.9AI score0.02398EPSS
Exploits1References2
CERT
CERT
added 2007/08/15 12:0 a.m.32 views

Microsoft Windows Vista Feed Headlines Gadget vulnerability

Overview The Windows Vista Feed Headlines gadget contains a vulnerability that may allow and attacker to execute code. Description From Microsoft Security Bulletin MS07-048:Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets simil...

4.3CVSS6.5AI score0.28367EPSS
Exploits1References4
CERT
CERT
added 2007/07/10 12:0 a.m.32 views

SAP DB Web Server buffer overflow vulnerability

Overview The SAP Web Server contains a vulnerability that may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Description SAP DB is a database server that includes a series of web-based configuration tools.A stack based buffer overlfow exists in the SAP DB web...

7.5CVSS7.3AI score0.70004EPSS
Exploits4References6
CERT
CERT
added 2007/05/25 12:0 a.m.32 views

Apple Mac OS X iChat UPnP buffer overflow

Overview A vulnerabilty in the way Apple Mac OS X iChat handles specially crafted UPnP packets may allow execution of arbitrary code or denial of service. Description Apple iChat contains a vulnerability that could be exploited by an attacker on the local network when it attempts to handle...

10CVSS7.9AI score0.09454EPSS
Exploits1References1
CERT
CERT
added 2007/05/08 12:0 a.m.32 views

Research In Motion TeamOn Import Object ActiveX control buffer overflow

Overview The Research In Motion TeamOn Import Object ActiveX control contains a buffer overflow, which could allow an attacker to execute arbitrary code on a vulnerable system. Description The Research In Motion TeamOn Import Object is an ActiveX control, which is provided by the file TOImport.dl...

7.5CVSS7.2AI score0.07573EPSS
Exploits0References4
CERT
CERT
added 2007/05/02 12:0 a.m.32 views

Cisco PIX and ASA authentication bypass vulnerability

Overview The Cisco ASA and PIX firewalls contain an authentication bypass vulnerability. This vulnerability may allow a remote attacker to gain unauthorized access to the internal network or firewall. Description The Cisco Adaptive Security Appliance ASA is firewall that includes routing and...

10CVSS6.9AI score0.06451EPSS
Exploits0References4
CERT
CERT
added 2007/04/18 12:0 a.m.32 views

Second Sight Software ActiveGS ActiveX control stack buffer overflows

Overview The Second Sight Software ActiveGS ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Second Sight Software ActiveGS is an Apple IIGS emulator that is provided as an...

6.8CVSS7.2AI score0.0585EPSS
Exploits0References3
CERT
CERT
added 2007/03/08 12:0 a.m.32 views

Novell Netmail WebAdmin buffer overflow vulnerability

Overview Novell NetMail contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description Novell NetMail is an email and messenging software package developed by Novell. It is designed to offer mail and calendaring services to large groups of users.WebAdmi...

6.8CVSS7.1AI score0.19398EPSS
Exploits5References8
CERT
CERT
added 2007/03/06 12:0 a.m.32 views

Apple QuickTime fails to properly process specially crafted MIDI files

Overview The Apple Quicktime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description Apple QuickTime contains a heap buffer overflow vulnerability. This vulnerability may allow an...

9.3CVSS7.3AI score0.06893EPSS
Exploits1References12
CERT
CERT
added 2007/02/19 12:0 a.m.32 views

Apple Mac OS X UserNotificationCenter privilege escalation vulnerability

Overview Apple's UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges. Description The Apple UserNotificationCenter contains a privilege escalation vulnerability. This vulnerability occurs because the Apple UserNotificationCenter runs with elevate...

6.9CVSS6.3AI score0.01538EPSS
Exploits2References7
CERT
CERT
added 2007/02/15 12:0 a.m.32 views

Microsoft Word fails to properly handle malformed strings

Overview A vulnerability in the way Microsoft Word handles malformed Word Document streams could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word contains a memory corruption vulnerability that could be triggered when Word opens...

7.6CVSS6.9AI score0.2052EPSS
Exploits0References9
CERT
CERT
added 2007/02/07 12:0 a.m.32 views

Samba AFS ACL mapping VFS plug-in format string vulnerability

Overview Samba AFS ACL mapping VFS plug-in contains a format string vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Samba AFS ACL mapping VFS plug-in fails to properly sanitize user-controlled file names that are used in ...

7.5CVSS6.8AI score0.06412EPSS
Exploits1References9
CERT
CERT
added 2007/01/12 12:0 a.m.32 views

Acer LunchApp ActiveX Control fails to properly restrict access to methods

Overview The Acer LunchApp ActiveX control contains methods that can allow a remote, unauthenticated attacker to run arbitrary commands on a vulnerable system. Description The Acer LunchApp ActiveX control is provided by LunchApp.ocx. It contains a method called Run, which takes three parameters:...

9.3CVSS5.8AI score0.1187EPSS
Exploits1References7
CERT
CERT
added 2007/01/09 12:0 a.m.32 views

Microsoft Excel vulnerable to arbitrary code execution via malformed record

Overview A vulnerability in Microsoft Excel may allow an attacker to execute arbitrary code on a vulnerable system. Description A vulnerability exists in the way Microsoft Excel handles malformed records.Per Microsoft Security Bulletin MS07-002: A remote code execution vulnerability exists in...

9.3CVSS7.3AI score0.32981EPSS
Exploits0References6
CERT
CERT
added 2007/01/09 12:0 a.m.32 views

Kerberos administration daemon fails to properly initialize function pointers

Overview The Kerberos administration daemon fails to properly initialize pointers. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the Kerberos administration daemon handles...

9.3CVSS9.5AI score0.07926EPSS
Exploits0References12
CERT
CERT
added 2007/01/02 12:0 a.m.32 views

Wireshark HTTP dissector vulnerability

Overview Wireshark contains a vulnerability in the HTTP dissector that may allow an attacker to cause a denial of service condition. Description Wireshark contains a vulnerability in the HTTP dissector that may allow an attacker to cause a denial of service condition. This vulnerability may be...

5CVSS7.4AI score0.02674EPSS
Exploits0References9
Total number of security vulnerabilities3704