Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
added 2001/05/17 12:0 a.m.30 views

Macromedia Flash plug-in contains buffer overflow

Overview Incorrectly formatted sound wave SWF files may cause a buffer overflow in the Macromedia Flash plug-in. Description If the length fields in an SWF file specify fewer data than are actually present in the file, processing the file may cause a buffer overflow in the Macromedia Flash plug-i...

7.6CVSS7.1AI score0.01704EPSS
Exploits0References1
CERT
CERT
added 2001/05/14 12:0 a.m.30 views

glibc does not check SUID bit on libraries in /etc/ld.so.cache

Overview The GNU libc library fails to perform a check for the SETUID bit for cached libraries in the /etc/ld.so.cache file. As a result, malicious users may create or modify privileged files. Description The GNU libc library allows preloading libraries via the LDPRELOAD environment variable,...

2.1CVSS5.8AI score0.00861EPSS
Exploits0References10
CERT
CERT
added 2001/04/06 12:0 a.m.30 views

Compaq web-enabled management software contains buffer overflow in authentication username

Overview The Compaq web-enabled management software contains a buffer overflow in the authentication component of the product. Remote intruders may be able to execute arbitrary code with privileges on affected systems. Many Compaq products are affected, from personal computers to commercial UNIX...

10CVSS7.9AI score0.0401EPSS
Exploits0References3
CERT
CERT
added 2001/01/10 12:0 a.m.31 views

Borland/Inprise Interbase SQL database server contains backdoor superuser account with known password

Overview Description Interbase is an open source database package that is distributed by Borland/Inprise. The server contains a compiled-in backdoor account with a known password.In the following interbase code, references are made about a LOCKSMITH user: ./jrd/dyn.e ./jrd/isc.c ./jrd/jrd.c...

10CVSS7AI score0.07024EPSS
Exploits1References13
CERT
CERT
added 2000/12/22 12:0 a.m.30 views

Input validation error in quikstore.cgi allows attackers to execute commands

Overview The quikstore shopping cart script contains an input validation error that allows attackers to execute commands on affected web servers. Description The quikstore.cgi script is written in Perl and provides its users with shopping cart software for e-commerce transactions. In November 200...

5CVSS7AI score0.02369EPSS
Exploits0References3
CERT
CERT
added 2000/12/21 12:0 a.m.30 views

BSD-derived ftpd replydirname() in ftpd.c contains one-byte overflow

Overview There is a off-by-one vulnerability in several BSD-derived ftpd servers. Description The ftp server in several BSD distributions contains a defect which allows one byte of the program memory allocated within a stack frame to be overwritten with a NUL byte '\0'. The byte in question is...

10CVSS7.3AI score0.17929EPSS
Exploits1References6
CERT
CERT
added 2000/12/19 12:0 a.m.30 views

KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely

Overview The environment variables krb4proxy and KRBCONFDIR may be respected by client programs such as login or su, in such a way that local or remote intruders can cause the client program to accept authentication requests from a malicious KDC. The vulnerabilites may be exploited remotely by...

7.2CVSS7.2AI score0.00409EPSS
Exploits0References2
CERT
CERT
added 2000/12/04 12:0 a.m.30 views

LPRng can pass user-supplied input as a format string parameter to syslog() calls

Overview A popular replacement software package to the BSD lpd printing service called LPRng contains at least one software defect known as a "format string vulnerability" which may allow remote users to execute arbitrary code on vulnerable systems. The privileges of such code will probably be...

10CVSS7.1AI score0.78658EPSS
Exploits4References17
CERT
CERT
added 2000/11/07 12:0 a.m.30 views

Format string vulnerability in libutil pw_error(3) function

Overview There is an input validation vulnerability in the OpenBSD libutil system library that allows local users to gain superuser access via the chpass utility. Description On June 30, 2000, the OpenBSD development team repaired an input validation vulnerability in the pwerror function of the...

7.2CVSS6.5AI score0.01671EPSS
Exploits1References3
CERT
CERT
added 2000/10/31 12:0 a.m.30 views

Wang/Kodak Image Thumbnail ActiveX Control

Overview Description The Image Thumbnail control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Thumbnail control is one of several controls used to provide image editting services through a web site. Becaus...

10CVSS6.2AI score0.24429EPSS
Exploits0References2
CERT
CERT
added 2024/08/30 12:0 a.m.29 views

Insecure Platform Key (PK) used in UEFI system firmware signature

Overview A vulnerability in the user of hard-coded Platform Keys PK within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security mechanisms like Secure Boot, compromising the trust between the platform owner and firmware and enabling...

6.4CVSS6.8AI score0.0024EPSS
Exploits0References8
CERT
CERT
added 2016/09/06 12:0 a.m.29 views

Dentsply Sirona CDR DICOM contains multiple hard-coded credentials

Overview The Dentsply Sirona previously known as Shick Technologies CDR DICOM is software for managing medical dental records. CDR DICOM contains several hard-coded credentials allowing administrative or root access. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6530 Dentsply...

10CVSS9.9AI score0.03108EPSS
Exploits0References2
CERT
CERT
added 2016/05/19 12:0 a.m.29 views

Up.time agent for Linux does not authenticate a user before allowing read access to the file system

Overview The up.time agent for Linux versions 7.5 and 7.6 may allow an unauthenticated remote attacker to read arbitrary files from a system. Description CWE-306: Missing Authentication for Critical Function - CVE-2015-8268According to the researcher, "The linux based uptime.agent version 7.5...

7.5CVSS8.1AI score0.02976EPSS
Exploits0References2
CERT
CERT
added 2015/12/08 12:0 a.m.29 views

TaxiHail Android mobile app contains multiple vulnerabilties

Overview Mobile Knowledge's TaxiHail is vulnerable to information disclosure and missing encryption of sensitive data. Description The Mobile Knowledge TaxiHail framework "allows passengers to book and manage their own reservations via iOS, android or the web in real-time, alleviating call...

6.7AI score
Exploits0References2
CERT
CERT
added 2015/11/24 12:0 a.m.29 views

Dell System Detect installs root certificate and private key (DSDTestProvider)

Overview Dell System Detect installs the DSDTestProvider certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle MiTM, and passive...

6.8AI score
Exploits0References7
CERT
CERT
added 2013/12/12 12:0 a.m.29 views

SketchUp Viewer buffer overflow vulnerability

Overview SketchUp Viewer version 13.0.4124 is vulnerable to a buffer overflow when opening a malformed .SKP file. Description CWE-121: Stack-based Buffer Overflow - CVE-2013-6038SketchUp Viewer version 13.0.4124 is vulnerable to a stack buffer overflow when parsing a specially crafted .SKP file...

6.8CVSS7.6AI score0.02569EPSS
Exploits0References3
CERT
CERT
added 2013/09/03 12:0 a.m.29 views

AdvancePro Technologies Advanceware software suite vulnerable to privilege bypass

Overview AdvancePro Technologies Advanceware software suite contains a privilege bypass vulnerability, resulting in information leakage CWE-200. Description CWE-200: Information Exposure AdvancePro Technologies Advanceware software suite contains a privilege bypass vulnerability, resulting in...

4CVSS6.1AI score0.01033EPSS
Exploits0References4
CERT
CERT
added 2013/04/25 12:0 a.m.29 views

Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability

Overview Citrix NetScaler and Access Gateway Enterprise Edition contain a vulnerability which could result in unauthorized access to network resources. Description Citrix NetScaler and Access Gateway Enterprise Edition contain a vulnerability which could allow a remote attacker to gain unauthoriz...

5.4CVSS6.6AI score0.01536EPSS
Exploits0References2
CERT
CERT
added 2013/04/15 12:0 a.m.29 views

pd-admin contains cross-site scripting vulnerabilities

Overview pd-admin, a web interface for users of hosting providers, is susceptible to cross-site scripting XSS vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' pd-admin, contains cross-site scripting XSS vulnerabilities. The...

3.5CVSS5.9AI score0.00815EPSS
Exploits0References3
CERT
CERT
added 2012/10/22 12:0 a.m.29 views

Mutiny Technology virtual appliance command injection vulnerability

Overview The Mutiny Technology virtual appliance contains a command injection vulnerability which could allow an attacker to inject commands into the appliance. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection'The Mutiny Technology virtual...

8.5CVSS6.9AI score0.2731EPSS
Exploits4References2
CERT
CERT
added 2012/09/10 12:0 a.m.29 views

F5 Networks ASM appliance contains a cross-site scripting vulnerability

Overview F5 Networks ASM appliance versions 10.0.0 through 11.2.0 HF2 are susceptible to a cross-site scripting vulnerability in the traffic overview page. Description A cross-site scripting XSS CWE-79 vulnerability exists in the traffic overview page. By sending several malicious requests, an...

4.3CVSS5.9AI score0.01513EPSS
Exploits1References3
CERT
CERT
added 2011/11/08 12:0 a.m.29 views

Dell KACE K2000 Appliance database administration account allows arbitrary command execution

Overview The Dell KACE K2000 System Deployment Appliance contains a vulnerability that could allow a remote attacker to execute arbitrary commands on an affected device. Description The Dell KACE K2000 Deployment Appliance is an integrated systems provisioning product for large-scale operating...

9.3CVSS7.1AI score0.03297EPSS
Exploits0References1
CERT
CERT
added 2011/10/03 12:0 a.m.29 views

Investintech.com SlimPDF Reader contains multiple vulnerabilities

Overview Investintech.com's SlimPDF viewer contains multiple vulnerabilities which may result in a denial of service and possibly arbitrary code execution. Description Investintech.com's SlimPDF viewer contains multiple vulnerabilities, which include; user mode write access violations, read acces...

8.6AI score
Exploits0References2
CERT
CERT
added 2011/09/26 12:0 a.m.29 views

Multiple Quagga remote component vulnerabilities

Overview Quagga contains five remote component vulnerabilities due to issues when handling BGP, OSPF, and OSPFv3 packets. Description CERT-FI reports:Quagga is an open source routing software that can handle various routing protocols such as RIP, BGP and OSPF. Five vulnerabilities have been found...

7.5CVSS10AI score0.07615EPSS
Exploits0References1
CERT
CERT
added 2011/02/03 12:0 a.m.29 views

SCADA Engine BACnet OPC Client buffer overflow vulnerability

Overview SCADA Engine BACnet OPC Client contains a buffer overflow when parsing .csv files. This vulnerability may allow an attacker to execute arbitrary code. Description According to SCADA Engine website: "The SCADA Engine BACnet OPC Server is a server that provides data access DA, Alarms and...

7.9AI score
Exploits0References5
CERT
CERT
added 2011/01/11 12:0 a.m.29 views

Libpng 1.5.0 png_set_rgb_to_gray() vulnerability

Overview Libpng-1.5.0 introduced a vulnerability in the rgb-to-gray transform function. Description Libpng based applications that call the pngsetrgbtogray function from pngrtran.c are vulnerable. Libpng versions prior to 1.5.0 are not vulnerable. --- Impact An attacker may cause the application ...

6.8CVSS7.2AI score0.05608EPSS
Exploits0References4
CERT
CERT
added 2010/09/30 12:0 a.m.29 views

Unexpected ACL Behavior in BIND 9.7.2

Overview A flaw exists in BIND 9.7.2 through 9.7.2-P1 pertaining to how an ACL is applied. Description There is a flaw in BIND 9.7.2 through 9.7.2-P1 where the wrong ACL is applied. This flaw could allow access to a cache via recursion even though the ACL disallowed it. This bug is primarily a ri...

5CVSS5.7AI score0.03572EPSS
Exploits0References2
CERT
CERT
added 2008/12/05 12:0 a.m.29 views

Linksys WVC54GC wireless video camera vulnerable to information disclosure

Overview The Linksys WVC54GC wireless video camera insecurely sends initial configuration information over the network, which can allow a remote, unauthenticated attacker to intercept video streams, access wireless network authentication credentials, modify the device firmware, or cause a...

10CVSS7.7AI score0.03293EPSS
Exploits1References1
CERT
CERT
added 2008/06/20 12:0 a.m.29 views

Apple Safari automatically executes downloaded files based on Internet Explorer zone settings

Overview Apple Safari automatically executes downloaded files based on Internet Explorer zone settings, which can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Apple Safari is a web browser that is available for OS X and Microsoft Windows platforms. Apple...

9.3CVSS6.7AI score0.03814EPSS
Exploits1References2
CERT
CERT
added 2008/06/06 12:0 a.m.29 views

HP Online Support Services ActiveX AppendStringToFile() arbitrary file writing

Overview The HP Online Support Services ActiveX control contains a method called AppendStringToFile. This may allow a remote, unauthenticated attacker to write to files on a vulnerable system. Description HP Services provides online product support services including HP Instant Support. The...

6AI score
Exploits0References2
CERT
CERT
added 2008/05/19 12:0 a.m.29 views

PhotoStockPlus Uploader Tool ActiveX stack buffer overflows

Overview The PhotoStockPlus Uploader Tool ActiveX control contains several stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description PhotoStockPlus provides an image uploader ActiveX control, which is provided by the...

6.8CVSS7AI score0.03061EPSS
Exploits1References2
CERT
CERT
added 2008/04/08 12:0 a.m.29 views

Microsoft Office Project vulnerable to remote code execution via specially crafted Project file

Overview A vulnerability in the way Microsoft Office Project parses files may lead to execution of arbitrary code. Description Microsoft Office Project contains a vulnerability that could be exploited when Project attempts to parse specially crafted files. According to Microsoft Security Bulletin...

9.3CVSS7AI score0.31934EPSS
Exploits1References1
CERT
CERT
added 2008/03/12 12:0 a.m.29 views

Adobe Form Designer and Advanced Form Client ActiveX controls contain multiple buffer overflows

Overview Adobe Form Designer and Advanced Form Client contain multiple ActiveX buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Adobe Form Designer and Advanced Form Client software provide multiple ActiveX...

9.3CVSS7.3AI score0.07412EPSS
Exploits1References4
CERT
CERT
added 2008/02/12 12:0 a.m.29 views

Apple Mac OS X fails to properly handle a crafted URL

Overview A vulnerability in the way Apple Mac OS X handles specially crafted URLs may allow an attacker to execute arbitrary code. Description According to Apple Security Update 2008-001:An input validation issue exists in the processing of URL schemes handled by Terminal.app. By enticing a user ...

6.8CVSS7.2AI score0.04441EPSS
Exploits1References2
CERT
CERT
added 2007/12/11 12:0 a.m.29 views

Microsoft Windows Vista privilege escalation vulnerability

Overview Microsoft Windows Vista contains a local privilege escalation vulnerability. Description The Windows Advanced Local Procedure Call ALPC does not properly evaluate certain conditions in legacy reply paths.Per Microsoft Security Bulletin MS07-066: An elevation of privilege vulnerability...

7.2CVSS6.4AI score0.037EPSS
Exploits1References1
CERT
CERT
added 2007/11/09 12:0 a.m.29 views

Guidance EnCase Enterprise uses weak authentication to identify target machines

Overview Guidance Software's EnCase Enterprise uses IP authentication to identify target machines. An attacker may be able to provide the EnCase SAFE server with a disk image from a different machine than an investigator requested. Description Guidance Software's EnCase Enterprise allows...

4.3CVSS5.9AI score0.01207EPSS
Exploits0References6
CERT
CERT
added 2007/10/19 12:0 a.m.29 views

Mozilla products vulnerable to memory corruption in the browser engine

Overview A number of vulnerabilities in the Mozilla browser engine may allow the execution of arbitrary code or denial of service. Description The Mozilla browser engine contains several vulnerabilities that may result in memory corruption. The impact of this memory corruption in specific cases i...

4.3CVSS7.5AI score0.0343EPSS
Exploits1References2
CERT
CERT
added 2007/09/06 12:0 a.m.29 views

VUPlayer malformed playlist buffer overflow

Overview VUPlayer fails to properly handle malformed playlists. This vulnerability may allow a remote attacker to execute arbitrary code. Description VUPlayer is a freeware audio player for the Microsoft Windows platform. It can play various types of media files, such as MP3s. A Playlist .PLS or...

7.5CVSS7.4AI score0.67345EPSS
Exploits6References4
CERT
CERT
added 2007/08/17 12:0 a.m.29 views

Yahoo! Installer Plugin for Widgets ActiveX control stack buffer overflow

Overview The Yahoo! Installer Plugin for Widgets ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Widgets is a program for Windows that allows the user to run applications call...

9.3CVSS6.9AI score0.1296EPSS
Exploits6References4
CERT
CERT
added 2007/08/13 12:0 a.m.29 views

InterActual Player IAKey ActiveX control stack buffer overflow

Overview The InterActual Player IAKey ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

9.3CVSS7.2AI score0.0818EPSS
Exploits0References4
CERT
CERT
added 2007/07/12 12:0 a.m.29 views

Adobe Flash Player fails to properly validate HTTP Referers

Overview The Adobe Flash Player fails to properly validate HTTP Referers. This may allow an attacker to conduct cross-site request forgery attacks. Description Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser...

4.3CVSS6.1AI score0.06727EPSS
Exploits0References3
CERT
CERT
added 2007/05/16 12:0 a.m.29 views

Symantec Norton Internet Security 2004 ISAlertDataCOM ActiveX control stack buffer overflow

Overview The Symantec Norton Internet Security 2004 ISAlertDataCOM ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec Norton Internet Security is a software package for Windows...

10CVSS6.9AI score0.64441EPSS
Exploits3References3
CERT
CERT
added 2007/05/02 12:0 a.m.29 views

Apple QuickTime for Java QTPointerRef heap memory corruption vulnerability

Overview Apple QuickTime for Java contains a heap memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime includes the ability to integrate QuickTime into Java applications and applets. This...

7.6CVSS7.1AI score0.83804EPSS
Exploits1References9
CERT
CERT
added 2007/04/05 12:0 a.m.29 views

AOL SuperBuddy ActiveX fails to properly validate method arguments

Overview The AOL SuperBuddy ActiveX control does not properly validate arguments to the LinkSBIcons method. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The AOL SuperBuddy ActiveX control Sb.SuperBuddy.1 is a compone...

9.3CVSS6.7AI score0.08434EPSS
Exploits5References4
CERT
CERT
added 2007/03/21 12:0 a.m.29 views

InterActual Player SyscheckObject ActiveX controls contain stack buffer overflows

Overview InterActual Player provides multiple ActiveX controls that are vulnerable to buffer overflows. This can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems...

9.3CVSS6.8AI score0.35137EPSS
Exploits3References2
CERT
CERT
added 2007/03/13 12:0 a.m.29 views

Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures

Overview Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures. This vulnerability may allow an attacker to cause a denial-of-service condition. Description Hierarchical File System HFS+ is a file system that supports files that use 32-bit block addresses and Unicode file a...

5.1CVSS7.7AI score0.0544EPSS
Exploits1References9
CERT
CERT
added 2007/01/29 12:0 a.m.29 views

Microsoft Word 2000 stack buffer overflow

Overview A stack-based buffer overflow in Microsoft Word could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word 2000 fails to properly handle malformed documents allowing a stack-based buffer overflow to occur. It is possible that this vulnerability c...

9.3CVSS7.1AI score0.3816EPSS
Exploits0References6
CERT
CERT
added 2007/01/29 12:0 a.m.29 views

Citrix Access Gateway appliances vulnerable to information disclosure

Overview A vulnerability exists in Citrix Access Gateway appliances that may allow an attacker to access data and compromise the system. Description Citrix Access Gateway products are universal SSL VPN appliances providing a secure, always-on, single point-of-access to an organization's...

6CVSS6.5AI score0.01464EPSS
Exploits0References2
CERT
CERT
added 2007/01/16 12:0 a.m.29 views

Apple Mac OS X UFS filesystem integer overflow vulnerability

Overview There is an integer overflow in the ffsmountfs function, which is used by Apple's OS X operating system to handle UFS disc images. Description Unix File System UFS is a file system used by Unix and other similar operating systems. Apple OS X supports UFS, partitions, and images. There is...

4.6CVSS8.5AI score0.00964EPSS
Exploits0References7
CERT
CERT
added 2006/12/18 12:0 a.m.29 views

Intel network drivers privilege escalation vulnerability

Overview A buffer overflow vulnerability in Intel PRO Ethernet drivers may allow local attackers to execute code with elevated privileges. Description Intel network adapter drivers are developed and maintained by Intel for Windows and Linux operating systems. A buffer overflow vulnerability exist...

7.2CVSS7AI score0.00563EPSS
Exploits0References4
Total number of security vulnerabilities3702