Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
•added 2002/01/14 12:0 a.m.•29 views

AOL Instant Messenger vulnerable to buffer overflow via numerous fonts sent to client followed by &lt HR&gt

Overview AOL Instant Messenger AIM is an application that allows one peer to communicate with another. A vulnerability exists that can crash the client window and in some cases the operating systemOS. Description AIM for Windows stores font names in the messages sent from one client to another. B...

6.8AI score
Exploits0References2
CERT
CERT
•added 2001/12/14 12:0 a.m.•29 views

Microsoft Internet Explorer Does Not Respect Content-Disposition and Content-Type MIME Headers

Overview Microsoft Internet Explorer contains a vulnerability in its handling of certain MIME headers in web pages and HTML email messages. This vulnerability may allow an attacker to execute arbitrary code on the victim's system when the victim visits a web page or views an HTML email message...

7.5CVSS7.8AI score0.31007EPSS
Exploits4References3
CERT
CERT
•added 2001/12/04 12:0 a.m.•29 views

Lotus Domino R5 Server vulnerable to DoS via nmap RPC scan on port 443/tcp

Overview Versions earlier than 5.0.9 of Lotus Domino R5 Servers with Secure Socket Layer SSL enabled are vulnerable to a denial of sevice. Description A remote user is able to crash the HTTP serving process on any Lotus Domino R5 Server using the nmap utility. Sending a request to port 443, the...

7.1AI score
Exploits0
CERT
CERT
•added 2001/08/27 12:0 a.m.•29 views

Cayman gateways are vulnerable to a denial of sevices via a long username or password

Overview Cayman gateways are vulnerable to a denial of service via the entry of a long username or password sent to the HTTP interface. Description Cayman gateways automatically restart upon the entry of a large79+ chars username or password to the HTTP interface. The log will show "restart not i...

5CVSS7.1AI score0.03238EPSS
Exploits0References2
CERT
CERT
•added 2001/08/27 12:0 a.m.•29 views

Cayman gateways are vulnerable to a denial of service via a portscan

Overview Cayman gateways are vulnerable to a denial of service. An attacker can send a number of TCP connect requests or SYN packets, in conjunction with a "Bouncing" vulnerability, and can cause a denial of service to the gateway. Description The gateway will crash after receiving a number of TC...

5CVSS6.3AI score0.0222EPSS
Exploits1References1
CERT
CERT
•added 2001/08/21 12:0 a.m.•29 views

Red Hat linux restore uses insecure environment variables allowing root compromise

Overview Some implementations of the Linux restoration utility, restore, call external programs on remote machines via the RSH environment variable. This may permit an attacker to compromise root if restore is setuid root. Description Some implementations of the Linux restoration utility, restore...

7.2CVSS7AI score0.01107EPSS
Exploits1References1
CERT
CERT
•added 2001/07/27 12:0 a.m.•29 views

Multiple vendors' RADIUS implementations do not adequately validate user input thereby permitting DoS and arbitrary command execution via 'radiusd' daemon

Overview Vulnerabilities in various implementations of the Remote Authentication Dial-In User Server RADIUS 'radiusd' daemon can allow an attacker to disrupt services or obtain unauthorized access. Description Various implementations of the Remote Authentication Dial-In User Server RADIUS 'radius...

10CVSS7.3AI score0.0666EPSS
Exploits0References7
CERT
CERT
•added 2001/06/28 12:0 a.m.•29 views

Oracle 8i contains buffer overflow in TNS Listener

Overview A vulnerability in Oracle 8i allows intruders to assume control of the database server and/or the operating system on which the database server is running, depending on the platform used. Description The COVERT labs at PGP Security have discovered a buffer overflow vulnerability in Oracl...

10CVSS7.5AI score0.85201EPSS
Exploits4References2
CERT
CERT
•added 2001/05/25 12:0 a.m.•29 views

Linux gpm daemon allows arbitrary file removal

Overview gpm version 1.19.2 and earlier are vulnerable due to a flaw that allows a local user to delete arbitrary files. Description gpm General Purpose Mouse is the program that lets you use the mouse in console mode when not using XWindows. It is usually included in Linux distributions, and can...

3.6CVSS6.1AI score0.00418EPSS
Exploits1References9
CERT
CERT
•added 2001/05/14 12:0 a.m.•29 views

glibc does not check SUID bit on libraries in /etc/ld.so.cache

Overview The GNU libc library fails to perform a check for the SETUID bit for cached libraries in the /etc/ld.so.cache file. As a result, malicious users may create or modify privileged files. Description The GNU libc library allows preloading libraries via the LDPRELOAD environment variable,...

2.1CVSS5.8AI score0.00861EPSS
Exploits0References10
CERT
CERT
•added 2001/03/27 12:0 a.m.•29 views

Unauthentic "Microsoft Corporation" certificates issued by Verisign to an unidentifed person

Overview On January 29 and 30, 2001, VeriSign, Inc. issued two certificates to an individual fraudulently claiming to be an employee of Microsoft Corporation. Any code signed by these certificates will appear to be legitimately signed by Microsoft when, in fact, it is not. Although users who try ...

7AI score
Exploits0References4
CERT
CERT
•added 2000/12/22 12:0 a.m.•29 views

Input validation error in quikstore.cgi allows attackers to execute commands

Overview The quikstore shopping cart script contains an input validation error that allows attackers to execute commands on affected web servers. Description The quikstore.cgi script is written in Perl and provides its users with shopping cart software for e-commerce transactions. In November 200...

5CVSS7AI score0.02369EPSS
Exploits0References3
CERT
CERT
•added 2000/11/09 12:0 a.m.•29 views

Cisco IOS software vulnerable to DoS via HTTP request containing "%%"

Overview There is a denial-of-service vulnerability in several Cisco switch and router products which allows an attacker to force affected devices to crash and reboot. Description A vulnerability exists in multiple versions of Cisco's Internetworking Operating System IOS software which allows an...

7.1CVSS6.2AI score0.35005EPSS
Exploits2References3
CERT
CERT
•added 2000/10/31 12:0 a.m.•29 views

Wang/Kodak Image Annotation ActiveX Control

Overview Description The Image Annotation control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Annotation control is one of several controls used to provide image editting services through a web site...

10CVSS6.2AI score0.24429EPSS
Exploits0References2
CERT
CERT
•added 2023/07/11 12:0 a.m.•28 views

Hard-coded credentials in Technicolor TG670 DSL gateway router

Overview The Technicolor TG670 DSL Gateway Router includes a hard-coded service account that allows for authentication over services on the WAN interface, using HTTP, SSH, or TELNET. The authenticated user can use it to gain full administrative control of the router. Description A hard-coded...

7.2CVSS7.5AI score0.00642EPSS
Exploits0References3
CERT
CERT
•added 2015/12/10 12:0 a.m.•28 views

Buffalo AirStation Extreme N600 Router WZR-600DHP2 uses insufficiently random values for DNS queries

Overview Buffalo AirStation Extreme N600 Router WZR-600DHP2, firmware versions 2.09, 2.13, 2.16, and possibly others, uses insufficiently random values for DNS queries and is vulnerable to DNS spoofing attacks. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-8262The Buffalo...

6.8CVSS7.1AI score0.01107EPSS
Exploits0References3
CERT
CERT
•added 2015/09/10 12:0 a.m.•28 views

Securifi Almond routers contains multiple vulnerabilities

Overview Securifi Almond, firmware version AL1-R200-L302-W33 and earlier, and Securifi Almond 2015, firmware version AL2-R088 and earlier, contain multiple vulnerabilities. Description CWE-330: Use of Insufficiently Random Values - CVE-2015-2914Securifi Almond and Almond 2015 use static source...

7.3CVSS7.5AI score0.01521EPSS
Exploits0References8
CERT
CERT
•added 2015/07/20 12:0 a.m.•28 views

Total Commander File Info plugin vulnerable to denial of service via an out-of-bounds read

Overview Total Commander's File Info plugin version 2.21 attempts an out-of-bounds read when reading a file carefully crafted by an attacker. Description CWE-125: Out-of-bounds Read - CVE-2015-2869An attacker that can control the contents of certain file types may be able to cause an out-of-bound...

5CVSS7AI score0.03657EPSS
Exploits0References2
CERT
CERT
•added 2015/07/07 12:0 a.m.•28 views

Grandsteam GXV3611_HD camera is vulnerable to SQL injection

Overview The Grandsteam GXV3611HD is an IP network camera used for surveillance and security. The Grandsteam GXV3611HD is vulnerable to a SQL injection attack. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2015-2866The Grandstream...

7.5CVSS7.5AI score0.01561EPSS
Exploits2References1
CERT
CERT
•added 2014/10/17 12:0 a.m.•28 views

Centreon contains multiple vulnerabilities

Overview Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 contain multiple vulnerabilities. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' - CVE-2014-3829 Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 are...

10CVSS8AI score0.80998EPSS
Exploits9References4
CERT
CERT
•added 2014/08/07 12:0 a.m.•28 views

Cobham Sailor 6000 series satellite terminal contain hardcoded credentials

Overview Cobham Sailor 6000 series satellite terminals contain hardcoded credentials for communicating via the Tbus 2 protocol. Description Note: this is a different vulnerability from VU460687CWE-798: Use of Hard-coded Credentials IOActive reports that Cobham Sailor 6000 series satellite...

7.1CVSS7.3AI score0.01971EPSS
Exploits0References2
CERT
CERT
•added 2014/04/16 12:0 a.m.•28 views

Openfire contains an uncontrolled resource consumption vulnerability

Overview Openfire 3.9.1, and possibly earlier versions, contains an uncontrolled resource consumption CWE-400 vulnerability when using XMPP DEFLATE message compression. Description Openfire 3.9.1, and possibly earlier versions, contains an uncontrolled resource consumption CWE-400 vulnerability...

7.8CVSS6.5AI score0.03774EPSS
Exploits0References5
CERT
CERT
•added 2013/12/05 12:0 a.m.•28 views

NagiosQL 3.2 Service Pack 2 contains a reflected cross-site scripting vulnerability

Overview NagiosQL 3.2 Service Pack 2 and possibly earlier versions contain a reflected cross-site scripting vulnerability CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' NagiosQL 3.2 Service Pack 2 and possibly earlier versions contai...

4.3CVSS6.2AI score0.01474EPSS
Exploits1References3
CERT
CERT
•added 2013/11/07 12:0 a.m.•28 views

IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway contain a URL redirection vulnerability

Overview IBM Tivoli Federated Identity Manager version 6.22 and possibly earlier versions, and IBM Tivoli Federated Identity Manager Business Gateway version 6.2.2 and possibly earlier versions contain a URL redirection CWE-601 vulnerability. Description CWE-601: URL Redirection to Untrusted Site...

5.8CVSS6.2AI score0.01356EPSS
Exploits0References2
CERT
CERT
•added 2013/05/14 12:0 a.m.•28 views

Serva32 2.1.0 TFTPD service buffer overflow vulnerability

Overview Serva32 2.1.0 TFTPD service contains a buffer overflow vulnerability. Description The Serva32 2.1.0 TFTPD service contains a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes. --- Impact An unauthenticated...

5CVSS7.7AI score0.08868EPSS
Exploits0References1
CERT
CERT
•added 2013/04/05 12:0 a.m.•28 views

PHP Address Book sqli vulnerability

Overview PHP Address Book web application is vulnerable to multiple sqli injection vulnerabilities. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'PHP Address Book 8.2.5 and possibly older versions fail to sanitize input from multiple...

7.5CVSS7.3AI score0.02978EPSS
Exploits1References3
CERT
CERT
•added 2012/11/05 12:0 a.m.•28 views

Symantec Antivirus products fail to properly handle CAB files

Overview Multiple Symantec Antivirus products fail to properly handle CAB files, which may allow a remote, unauthenticated attacker to execute arbitrary code with SYSTEM privileges. Description The CAB file decomposer component that is used by multiple Symantec Antivirus products fails to properl...

9.3CVSS7.1AI score0.06045EPSS
Exploits0References8
CERT
CERT
•added 2012/09/27 12:0 a.m.•28 views

Trend Micro Control Manager adhoc query vulnerability

Overview Trend Micro Control Manager fails to properly filter user-supplied input within the ad hoc query module which could allow an attacker to upload and execute arbitrary code against the system. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL...

7.5CVSS8.6AI score0.06089EPSS
Exploits5References7
CERT
CERT
•added 2012/08/06 12:0 a.m.•28 views

HP Arcsight Logger and Connector appliances cross-site scripting vulnerability

Overview HP's Arcsight Connector appliance v6.2.0.6244.0 and Arcsight Logger appliance v5.2.0.6288.0 and possibly other versions contain a file import facility which is vulnerable to cross-site scripting XSS. Description The supplied facility for importing host data from a file System Admin Tab |...

4.3CVSS6.1AI score0.02631EPSS
Exploits0References3
CERT
CERT
•added 2012/07/25 12:0 a.m.•28 views

IBM ISS Proventia Mail Security contains multiple vulnerabilities

Overview IBM ISS Proventia Mail Security contains cross-site scripting and arbitrary file read vulnerabilities. Description The IBM security advisories state:CVE-2012-2955 "The administrative user interface contains pages where it is possible to inject arbitrary JavaScript code contained in an HT...

4.3CVSS5.7AI score0.03039EPSS
Exploits0References2
CERT
CERT
•added 2012/02/03 12:0 a.m.•28 views

Project Open cross-site scripting vulnerability

Overview Project Open po version 3.4 and possibly earlier versions suffer from a reflective cross-site scripting XSS vulnerability in the account-closed.tcl script Description The XSS vulnerability CWE-79 is contained within the message parameter in the account-closed.tcl script...

4.3CVSS5.4AI score0.02412EPSS
Exploits1References3
CERT
CERT
•added 2011/12/13 12:0 a.m.•28 views

Microsoft Office Publisher contains multiple exploitable vulnerabilities

Overview Microsoft Office Publisher fails to properly validate Publisher documents, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Publisher is a desktop publishing application that is provided with some versions of...

7AI score
Exploits0References5
CERT
CERT
•added 2011/04/01 12:0 a.m.•28 views

IPComp encapsulation nested payload vulnerability

Overview Some IPComp implementations may contain a kernel memory corruption vulnerability in their handling of nested encapsulation of IPComp payloads. Description RFC 3173 defines the IP Payload Compression Protocol IPComp as:IP payload compression is a protocol to reduce the size of IP datagram...

6.8CVSS7.8AI score0.05077EPSS
Exploits4References2
CERT
CERT
•added 2009/02/10 12:0 a.m.•28 views

RIM BlackBerry Application Web Loader ActiveX stack buffer overflow

Overview The RIM BlackBerry Application Web Loader ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The RIM BlackBerry Application Web Loader is an ActiveX control that is used to loa...

9.3CVSS6.6AI score0.16919EPSS
Exploits2References5
CERT
CERT
•added 2009/02/05 12:0 a.m.•28 views

Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge cross-site scripting vulnerability

Overview The Rockwell ControlLogix 1756-ENBT/A EtherNet/IP Bridge web interface contains a cross-site scripting vulnerability that may allow an attacker to spoof data or redirect end user's to other sites. Description The Rockwell Logix Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge uses ...

7AI score
Exploits0References3
CERT
CERT
•added 2008/12/25 12:0 a.m.•28 views

Trend Micro HouseCall ActiveX control notifyOnLoadNative() uses previously free'd memory

Overview The Trend Micro HouseCall ActiveX control contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Trend Micro HouseCall ActiveX control HousecallActiveX.dll contains a "use-after-free" vulnerability. Usi...

9.3CVSS7.8AI score0.06998EPSS
Exploits1References5
CERT
CERT
•added 2008/12/09 12:0 a.m.•28 views

Microsoft Vista and Server 2008 vulnerable to memory corruption via saved search

Overview Microsoft Windows Vista and Server 2008 contain a memory corruption vulnerability when saving a specially crafted search file. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description In Windows Vista and Server 2008,...

8.5CVSS7AI score0.20682EPSS
Exploits1References2
CERT
CERT
•added 2008/06/06 12:0 a.m.•28 views

HP Online Support Services ActiveX MoveFile() buffer overflow

Overview HP Online Support Services contains the function MoveFile, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Services provides online product support services including HP...

6.9AI score
Exploits0References2
CERT
CERT
•added 2008/05/09 12:0 a.m.•28 views

Microsoft Internet Explorer 7 DisableCachingOfSSLPages may not prevent caching

Overview Setting the Internet Explorer 7 option DisableCachingOfSSLPages may not prevent the caching of SSL-enabled web pages. Description Administrators and users can set the Internet Explorer DisableCachingOfSSLPages option to prevent sensitive or private data from being saved to disk. The...

6.6AI score
Exploits0References5
CERT
CERT
•added 2008/03/26 12:0 a.m.•28 views

Cisco IOS denial-of-service vulnerability

Overview A vulnerability in the way Cisco IOS handles IPv6 packets could result in a remotely exploitable denial of service. Description The Cisco Internetwork Operating System IOS includes support for processing Internet Protocol version 6 IPv6 packets.Per Cisco Advisory...

7.1CVSS6.2AI score0.05584EPSS
Exploits2References3
CERT
CERT
•added 2008/03/20 12:0 a.m.•28 views

libarchive does not properly terminate loop

Overview libarchive contains a vulnerability that may allow an attacker to cause a denial of service. Description The libarchive library provides an interface for reading and writing archive files.There is a vulnerability in libarchive that occurs when it parses the pax interchange format. If an...

4.3CVSS8.9AI score0.03919EPSS
Exploits0References4
CERT
CERT
•added 2008/03/12 12:0 a.m.•28 views

Adobe Form Designer and Advanced Form Client ActiveX controls contain multiple buffer overflows

Overview Adobe Form Designer and Advanced Form Client contain multiple ActiveX buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Adobe Form Designer and Advanced Form Client software provide multiple ActiveX...

9.3CVSS7.3AI score0.07412EPSS
Exploits1References4
CERT
CERT
•added 2007/10/19 12:0 a.m.•28 views

Mozilla products vulnerable to memory corruption in the browser engine

Overview A number of vulnerabilities in the Mozilla browser engine may allow the execution of arbitrary code or denial of service. Description The Mozilla browser engine contains several vulnerabilities that may result in memory corruption. The impact of this memory corruption in specific cases i...

4.3CVSS7.5AI score0.0343EPSS
Exploits1References2
CERT
CERT
•added 2007/08/23 12:0 a.m.•28 views

Trend Micro ServerProtect Integer Overflow Vulnerability

Overview Trend Micro ServerProtect contains an integer overflow vulnerability that may allow a remote attacker to execute arbitrary code. Description Trend Micro ServerProtect is an anti-virus application designed to run on Microsoft Windows servers. The application provides administrators with...

10CVSS7.5AI score0.10469EPSS
Exploits0References3
CERT
CERT
•added 2007/08/15 12:0 a.m.•28 views

Microsoft Windows Vista Weather Gadget vulnerability

Overview The Windows Vista Weather gadget contains a vulnerability that may allow and attacker to execute code. Description From Microsoft Security Bulletin MS07-048:Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets similar to t...

6.8CVSS6.5AI score0.25192EPSS
Exploits1References4
CERT
CERT
•added 2007/08/14 12:0 a.m.•28 views

Microsoft Windows VML compressed content integer underflow

Overview Microsoft Windows VML fails to properly handle compressed content, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft IE version 5.0 and higher supports the Vector Markup Language VML, which is a set of XML tags for...

9.3CVSS6AI score0.41547EPSS
Exploits1References4
CERT
CERT
•added 2007/05/08 12:0 a.m.•28 views

Trend Micro ServerProtect EarthAgent buffer overflow vulnerability

Overview Trend Micro ServerProtect contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Trend Micro ServerProtect is an anti-virus application that is designed to run on Windows-based servers. The...

10CVSS7.7AI score0.77194EPSS
Exploits18References4
CERT
CERT
•added 2007/04/25 12:0 a.m.•28 views

CA BrightStor ARCserve Backup Media Server RPC service buffer overflows

Overview The CA BrightStor ARCserve Backup Media Server contains multiple buffer overflows in the RPC service, which can allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Description BrightStor ARCserve Backup is a backup and data retention tool that...

10CVSS7.1AI score0.77996EPSS
Exploits8References3
CERT
CERT
•added 2007/03/17 12:0 a.m.•28 views

CA BrightStor ARCserver Tape Engine memory corruption vulnerability

Overview The Computer Associates BrightStor ARCserve Backup Tape Engine contains a memory corruption vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description BrightStor ARCserve Backup is a...

10CVSS7.3AI score0.14468EPSS
Exploits0References5
CERT
CERT
•added 2007/02/23 12:0 a.m.•28 views

Mozilla Firefox fails to properly handle JavaScript onUnload events

Overview Mozilla Firefox does not properly handle JavaScript onUnload events. This vulnerability may lead to memory corruption that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The JavaScript onUnload event is executed when the brows...

9.3CVSS6.6AI score0.07069EPSS
Exploits1References5
Total number of security vulnerabilities3702