Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
•added 2003/01/24 12:0 a.m.•27 views

Various FTP clients fail to account for pipe (|) characters in default file names

Overview Various FTP client implementations do not correctly handle files whose name begins with the "|" pipe character. Description Most FTP clients include a feature in which the remote filename is used as the local filename in a GET RETR operation. For example, many FTP clients support syntax...

10CVSS7.1AI score0.0404EPSS
Exploits0References3
CERT
CERT
•added 2002/12/18 12:0 a.m.•27 views

PC-cillin "pop3trap.exe" vulnerable to buffer overflow via long string of characters

Overview A locally exploitable buffer overflow exists in PC-cillin. Description Trend Micro describes PC-cillin as follows:Trend Micro PC-cillin provides all-in-one antivirus security, personal firewall, and PDA protection for your PC. The user-friendly interface makes it easy to install and use...

4.6CVSS7.6AI score0.01202EPSS
Exploits0References2
CERT
CERT
•added 2002/10/23 12:0 a.m.•27 views

Kerberos administration daemon vulnerable to buffer overflow

Overview Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges on a vulnerable system. Description A remotely exploitable buffer overflow exists in the Kerber...

10CVSS7.8AI score0.15105EPSS
Exploits0References8
CERT
CERT
•added 2002/10/11 12:0 a.m.•27 views

Multiple buffer overflow vulnerabilities in QNX

Overview Multiple buffer overflow vulnerabilities have been reported in QnX. Description QnX is an RTOS Realtime Operating System. QnX is used in many different devices and industries, including, but not limited to, Routers Manufacturing and Processing Medical Equipment Automotive and...

7.8AI score
Exploits0References4
CERT
CERT
•added 2002/10/01 12:0 a.m.•27 views

Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks

Overview A vulnerability exists in Microsoft Internet Explorer that could permit an attacker to execute arbitrary script, even if the user has specifically disabled active scripting. Description Internet Explorer permits users to customize settings that enable and disable the ability of scripts t...

7.5CVSS7.4AI score0.13325EPSS
Exploits0References2
CERT
CERT
•added 2002/09/27 12:0 a.m.•27 views

Microsoft Windows 2000 Indexing Services enumerates local file locations via ixsso.query ActiveX object

Overview Index Server 2.0 and the Indexing Service 3.0 contain a vulnerability that may allow remote intruders to gain information about files on the local computer. Description Index Server 2.0 and Indexing Service 3.0 are services that allow information about local files to be queried via a web...

4.3CVSS6.3AI score0.10465EPSS
Exploits1References3
CERT
CERT
•added 2002/09/12 12:0 a.m.•27 views

Microsoft Visual FoxPro fails to properly evaluate filenames before launching application

Overview There is a vulnerability in Microsoft Visual FoxPro 6.0 that allows remote attackers to execute Visual FoxPro applications with the privileges of the victim user. Description Microsoft Visual FoxPro 6.0 contains an unspecified vulnerability that allows remote attackers to execute arbitra...

7.5CVSS7AI score0.11699EPSS
Exploits0References1
CERT
CERT
•added 2002/09/05 12:0 a.m.•27 views

HP Tru64 UNIX "traceroute" contains buffer overflow (SSRT2261)

Overview The HP Tru64 UNIX implementation of "traceroute" contains a locally exploitable buffer overflow. Description "traceroute" is used to display the route packets follow from one host to another on the Internet. A locally exploitable buffer overflow in "traceroute" may permit a local attacke...

8.3AI score
Exploits0References1
CERT
CERT
•added 2002/08/15 12:0 a.m.•27 views

OpenBSD contains buffer overflow in "select" call

Overview A locally exploitable buffer overflow exists in all versions of OpenBSD. Description The buffer overflow exists in the select2 system call. The overflow occurs if select is supplied with arbitrary negative values. --- Impact Local users can gain system privileges and execute code in the...

7.2CVSS7AI score0.0033EPSS
Exploits0References2
CERT
CERT
•added 2002/07/22 12:0 a.m.•27 views

Microsoft Windows domain name resolver service accepts responses from non-queried DNS servers by default

Overview Systems running Microsoft Windows 98, NT, Windows 2000, or Windows XP DNS resolvers accept DNS replies from any IP address, not just the ones being sent DNS requests. This may lead to domain information spoofing or DNS cache poisoning. Description Microsoft Windows systems use a caching...

6.9AI score
Exploits0References9
CERT
CERT
•added 2002/05/29 12:0 a.m.•27 views

Quake II Server performs console variable expansion on client-supplied input values

Overview The Quake II Server contains an information leakage vulnerability that allows remote attackers to gain control of the game server process. Description The Quake II Server responds to console commands from Quake II clients to perform a variety of game and server management functions. Both...

5CVSS7AI score0.05526EPSS
Exploits0References3
CERT
CERT
•added 2002/05/22 12:0 a.m.•27 views

Cisco Content Service Switch reboots when HTTPS POST request is sent to web management interface

Overview The Cisco Content Service Switch contains a denial-of-service vulnerability that allows remote attackers to reboot affected devices. Description The Cisco Content Service Switch CSS products include support for the session and application layers. This additional functionality allows a CS...

5CVSS6.5AI score0.02512EPSS
Exploits0References2
CERT
CERT
•added 2002/04/10 12:0 a.m.•27 views

Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in IIS Help Files search facility

Overview Visitors to web sites that use Microsoft IIS 5.0 and 5.1 are vulnerable to cross-site scripting attacks through the IIS help facility. Description Cross-site scripting is a form of attack in which an intruder leverages the trust between a victim and a web-site the victim trusts. Quoting...

7.5CVSS6AI score0.31027EPSS
Exploits0References1
CERT
CERT
•added 2002/04/02 12:0 a.m.•27 views

IBM AIX Parallel Systems Support Program (PSSP) contains vulnerability in File Collections subsystem allowing arbitrary access to sensitive configuration files

Overview IBM AIX Parallel Systems Support Programs PSSP contains a vulnerability allowing unauthorized access to files in valid file collections. Description IBM PSSP software is used to provide a central point of management control for a cluster of RS/6000 SP nodes and IBM pSeries and IBM RS/600...

6.9AI score
Exploits0References1
CERT
CERT
•added 2002/03/06 12:0 a.m.•27 views

Oracle 9i Application Server does not adequately handle requests for nonexistent JSP files thereby disclosing web folder path information

Overview Oracle 9i Application Servers Oracle 9iAS contain a default error page that can be used to find the physical path of files on the system. Description Oracle 9iAS will display a default error page when a nonexistent ".jsp" file is specified. In the body of this page is the entire local pa...

6.5AI score
Exploits0References2
CERT
CERT
•added 2002/03/06 12:0 a.m.•27 views

Oracle 9iAS default configuration allows arbitrary users to view sensitive configuration files

Overview It is possible to read the "XSQLConfig.xml" and "soapConfig.xml" configuration files from an Oracle 9i Application Server under the default installation without any authorization. This can lead to an intruder gaining access to sensitive information about the server and potentially...

2.1CVSS8.9AI score0.75176EPSS
Exploits0References1
CERT
CERT
•added 2001/12/08 12:0 a.m.•27 views

Oracle Database Server vulnerable to DoS via repeated requests to Oracle listener without connecting to redirected port

Overview Oracle Database Server may consume all available memory and crash if clients do not connect completely in the expected manner. Description When a connection request is made to Oracle for Windows NT, Oracle Database Server creates a new thread listening on a new port and redirects the...

5CVSS5.9AI score0.03463EPSS
Exploits0References3
CERT
CERT
•added 2001/11/08 12:0 a.m.•27 views

shadow-utils useradd creates temporary files insecurely

Overview Shadow-utils is an encryption and account management package freely distributed for many Linux implementations. The useradd program in this package creates insecure temporary files with predictable names in a write-protected directory. If this directory is changed to be writable, an...

1.2CVSS6.3AI score0.00298EPSS
Exploits0References3
CERT
CERT
•added 2001/11/05 12:0 a.m.•27 views

OpenSSH UseLogin option allows remote execution of commands as root

Overview Versions of OpenSSH prior to 2.1.1 current circa June, 2000 allow a remote attacker to execute arbitrary commands with the privileges of sshd, typically root. Description OpenSSH is a free implementation of versions 1 and 2 of the SSH protocol. If sshd is configured with the UseLogin...

10CVSS9.8AI score0.02626EPSS
Exploits0References6
CERT
CERT
•added 2001/09/28 12:0 a.m.•27 views

IBM AIX setclock buffer overflow in remote timeserver argument

Overview There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Description The setclock command sets the system's clock from a remote time server. This command contains a buffer overflow in the handling of the remote timeserver hostname...

7.2CVSS6.9AI score0.00447EPSS
Exploits0References6
CERT
CERT
•added 2001/09/27 12:0 a.m.•27 views

Microsoft Windows Index Server discloses sensitive configuration information via crafted request to SQLQHit.asp sample application

Overview Microsoft Windows Index Server ships with an optional sample package. A component of this package, SQLQHit.asp, can disclose sensitive information when sent crafted requests. Description The Microsoft Windows Index Server ships with optional sample files. While these files should never b...

5CVSS6.3AI score0.4816EPSS
Exploits1References1
CERT
CERT
•added 2001/07/12 12:0 a.m.•27 views

pgp4pine fails to properly check for expired public keys

Overview The program pgp4pine version 1.75.6 fails to properly identify expired keys when working with the Gnu Privacy Guard program GnuPG. This failure may result in the clear-text transmission of senstive information when used with the PINE mail reading package. Description The program pgp4pine...

2.6CVSS6.4AI score0.01537EPSS
Exploits1References6
CERT
CERT
•added 2001/07/09 12:0 a.m.•27 views

Oracle Internet Directory LDAP Daemon does not check write permissions properly

Overview The Oracle LDAP Daemon oidldapd version 2.1.1.1, which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. Description The Oracle LDAP Daemon oidldapd version 2.1.1.1 do...

2.1CVSS5.6AI score0.00614EPSS
Exploits0References2
CERT
CERT
•added 2001/05/25 12:0 a.m.•27 views

Linux gpm daemon allows arbitrary file removal

Overview gpm version 1.19.2 and earlier are vulnerable due to a flaw that allows a local user to delete arbitrary files. Description gpm General Purpose Mouse is the program that lets you use the mouse in console mode when not using XWindows. It is usually included in Linux distributions, and can...

3.6CVSS6.1AI score0.00418EPSS
Exploits1References9
CERT
CERT
•added 2001/05/01 12:0 a.m.•27 views

Multiple networking devices allow SNMP objects to be viewed/modified via ILMI community string

Overview There is a vulnerability in the remote management architecture for Asynchronous Transfer Mode ATM networking devices that permits unauthorized access to configuration information. An attacker who gains access to an affected device can read and modify its configuration, creating a...

6.4CVSS8AI score0.05242EPSS
Exploits0References11
CERT
CERT
•added 2001/01/29 12:0 a.m.•27 views

ISC BIND 4 contains input validation error in nslookupComplain()

Overview The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS by the Internet Software Consortium ISC. There is a format string vulnerability in BIND 4.9.4 that may allow remote intruders to gain access to systems running BIND. Although BIND 4.9.x is no longer...

10CVSS7.4AI score0.10751EPSS
Exploits0References3
CERT
CERT
•added 2001/01/18 12:0 a.m.•27 views

HP-UX kermit contains local buffer overflow that allows denial-of-service

Overview The HP-UX version of kermit contains a buffer overflow that allows local users to prevent other users from running kermit. Description Kermit is a file transfer protocol that has been implemented by Hewlett-Packard for use on their systems. On December 21, 2000, HP released a security...

7.2CVSS6.6AI score0.00619EPSS
Exploits0References1
CERT
CERT
•added 2000/12/12 12:0 a.m.•27 views

Sun Microsystems Keys exposed and revoked

Overview Sun Microsystems uses a variety of X.509 keys signed by VeriSign to securevarious web sites. Among these certificates are two that were revoked on October 19, 2000. The certificate IDs for these revoked certificates are 3181 B12D C422 5DAC A340 CF86 2710 ABE6 and 1705 FB13 A22F 9AF3 C130...

5.1CVSS6.7AI score0.00649EPSS
Exploits0References1
CERT
CERT
•added 2000/11/13 12:0 a.m.•27 views

Race condition in periodic

Overview A race condition in the 'periodic' script allows local files to be overwritten. We believe that 'periodic' is typically used only with FreeBSD systems, though it may be installed on other systems. Description 'periodic' is a script used in conjunction with cron to execute jobs at specifi...

1.2CVSS6.3AI score0.00333EPSS
Exploits0References2
CERT
CERT
•added 2000/10/31 12:0 a.m.•27 views

Wang/Kodak Image Scan ActiveX Control

Overview Description The Image Admin control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Admin control is one of several controls used to provide image editting services through a web site. Because the...

10CVSS6.2AI score0.24429EPSS
Exploits0References2
CERT
CERT
•added 2000/09/26 12:0 a.m.•27 views

Weak CRC allows RC4 encrypted SSH1 packets to be modified without notice

Overview There is an information integrity vulnerability in the SSH1 protocol that allows RC4 encrypted packets to be modified without notice. Description Preconditions: Client has requested RC4 and server supports it. Compression is disabled. When using the RC4 stream cipher, SSH1 uses a cyclic...

7AI score
Exploits0References2
CERT
CERT
•added 2025/01/30 12:0 a.m.•26 views

ChatGPT-4o contains security bypass vulnerability through time and search functions called "Time Bandit"

Overview ChatGPT-4o contains a jailbreak vulnerability called "Time Bandit" that allows an attacker the ability to circumvent the safety guardrails of ChatGPT and instruct it to provide illicit or dangerous content. The jailbreak can be initiated in a variety of ways, but centrally requires the...

7.3AI score
Exploits0References1
CERT
CERT
•added 2023/07/20 12:0 a.m.•26 views

Perimeter81 macOS Application Multiple Vulnerabilities

Overview A command injection vulnerability can be used in the Perimeter81 macOS application to run arbitrary commands with administrative privileges. Description At the time, the latest Perimeter81 MacOS application 10.0.0.19 suffers from local privilege escalation vulnerability inside its...

7.8CVSS7.9AI score0.00636EPSS
Exploits1References2
CERT
CERT
•added 2015/06/16 12:0 a.m.•26 views

Pearson ProctorCache contains hard coded credentials

Overview The Pearson ProctorCache software uses a hard coded password for administrative tasks. Description The ProctorCache is designed to cache the testing content, as well as cache the responses and maintain a client list of active test-takers. ProctorCache is a server software package install...

5CVSS6.6AI score0.01359EPSS
Exploits0References1
CERT
CERT
•added 2014/04/11 12:0 a.m.•26 views

PivotX 2.3.8 contains multiple vulnerabilities

Overview PivotX 2.3.8, and possibly earlier versions, contains cross-site scripting CWE-79 and unsafe file upload CWE-434 vulnerabilities. Description PivotX 2.3.8, and possibly earlier versions, contains cross-site scripting CWE-79 and unsafe file upload CWE-434 vulnerabilities.CWE-79: Improper...

7.5CVSS5.9AI score0.02075EPSS
Exploits3References4
CERT
CERT
•added 2014/01/28 12:0 a.m.•26 views

Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities

Overview Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. If users have not deployed either of these filters then they are not affected. Description Fail2ban versions prior to...

5CVSS6.2AI score0.03235EPSS
Exploits2References3
CERT
CERT
•added 2012/09/13 12:0 a.m.•26 views

Trend Micro InterScan Messaging Security Suite is vulnerable to XSS and CSRF vulnerabilities

Overview Trend Micro InterScan Messaging Security Suite Version 7.1-BuildWin321394 has been reported to be susceptible to cross-site scripting and cross-site request forgery vulnerabilities. Description Trend Micro InterScan Messaging Security Suite is susceptible to cross-site scripting CWE-79 a...

6.8CVSS6.4AI score0.02497EPSS
Exploits5References3
CERT
CERT
•added 2012/02/21 12:0 a.m.•26 views

EasyVista single sign-on authentication bypass vulnerability

Overview EasyVista contains an authentication bypass vulnerability in the EasyVista single sign-on feature. Description EasyVista contains an authentication bypass vulnerability in the EasyVista single sign-on feature that does not use encoded values. If an attacker can obtain the login names for...

7AI score
Exploits0References1
CERT
CERT
•added 2011/08/29 12:0 a.m.•26 views

LifeSize Room appliance authentication bypass and arbitrary code injection vulnerability

Overview LifeSize Room appliance contains an authentication bypass and arbitrary code injection vulnerability when failing to sanitize input from unauthenticated clients. Description According to LifeSize's website "LifeSize Room combines an immersive, high definition video experience with a rich...

7.3AI score
Exploits0References1
CERT
CERT
•added 2010/12/08 12:0 a.m.•27 views

Apple QuickTime JPEG2000 heap buffer overflow

Overview Apple QuickTime contains a heap buffer overflow in the processing of JPEG2000 data, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple's QuickTime Player is multimedia software that allows users to view local and remote...

6.8CVSS9.1AI score0.04937EPSS
Exploits0References4
CERT
CERT
•added 2010/11/19 12:0 a.m.•26 views

RealFlex RealWin HMI service buffer overflows

Overview RealFlex RealWin 1.06 HMI service 912/tcp contains two stack buffer overflow vulnerabilities. Description RealFlex RealWin is a SCADA server package for medium and small applications designed to control and monitor real-time applications. The RealWin application runs an HMI service on po...

10CVSS7.6AI score0.63573EPSS
Exploits12References6
CERT
CERT
•added 2008/11/13 12:0 a.m.•26 views

Trend Micro ServerProtect contains multiple vulnerabilities

Overview Trend Micro ServerProtect contains multiple vulnerabilities. The most severe of these vulnerabilities may allow an attacker to execute commands, view sensitive data, or cause a system to crash. Description Trend Micro ServerProtect is designed to detect and remove viruses from files...

7.2AI score
Exploits0References6
CERT
CERT
•added 2008/09/16 12:0 a.m.•26 views

Apple Mac OS X file sharing allows authenticated remote access to files and directories

Overview Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. Description Apple Mac OS X Leopard 10.5.x allows files and directories to be shared via a "Shared Folders" feature. OS X lists the folders that are shared using this feature, however...

9CVSS6.1AI score0.01711EPSS
Exploits0References1
CERT
CERT
•added 2008/02/29 12:0 a.m.•26 views

Learn2 STRunner ActiveX control stack buffer overflows

Overview The Learn2 STRunner ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Learn2 Corporation STRunner ActiveX control, which is provided by iestm32.dll, can view...

6.8CVSS7.3AI score0.03061EPSS
Exploits0References2
CERT
CERT
•added 2008/02/13 12:0 a.m.•26 views

SkypeFind fails to properly sanitize user-supplied input

Overview The Skype client does not properly filter user-supplied input that was received from the SkypeFind service. This vulnerability may allow an attacker to execute arbitrary code. Description Skype is a peer-to-peer application that provides Voice over IP VoIP and Instant Messaging services...

6.9AI score
Exploits0References4
CERT
CERT
•added 2008/02/04 12:0 a.m.•26 views

Aurigma ImageUploader ActiveX control stack buffer overflows

Overview The Aurigma ImageUploader ActiveX control contains multiple stack buffer overflow vulnerabilities, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Aurigma ImageUploader is an ActiveX control that provides the ability to upload pictures usin...

7.1AI score
Exploits0References10
CERT
CERT
•added 2008/01/10 12:0 a.m.•26 views

Apple QuickTime RTSP Response message Reason-Phrase buffer overflow vulnerability

Overview Apple QuickTime contains a buffer overflow vulnerability that may allow a remote, unauthenticated attacker to cause a denial-of-service condition and possibly execute arbitrary code. Description Real Time Streaming Protocol RTSP is a protocol that is used by streaming media systems. Appl...

9.3CVSS7.6AI score0.12405EPSS
Exploits1References9
CERT
CERT
•added 2007/12/10 12:0 a.m.•26 views

Squid remote denial-of-service vulnerability

Overview The Squid Proxy server contains a vulnerability that may allow an attacker to create a denial-of-service condition that affects the Squid server and systems that rely on it. Description Squid Proxy Cache is a caching proxy that supports the HTTP, HTTPS, and FTP protocols. Squid can also ...

5CVSS6.2AI score0.26858EPSS
Exploits2References4
CERT
CERT
•added 2007/11/08 12:0 a.m.•26 views

Apple QuickTime for Java may allow Java applets to gain elevated privileges

Overview Apple QuickTime for Java contains a vulnerability that may allow a malicious Java applet to gain elevated privileges. Description Apple QuickTime is a media player that includes a browser plugin. QuickTime for Java provides APIs which allow Java developers to include multimedia in Java...

9.3CVSS7AI score0.25662EPSS
Exploits0References3
CERT
CERT
•added 2007/07/27 12:0 a.m.•26 views

ISC BIND does not correctly set default access controls

Overview ISC Internet Systems Consortiuim BIND fails to properly set default access control lists. This may allow unauthorized users to make recursive querries and querry the cache. Description From the ISC BIND security page:The default access control lists acls are not being correctly set. If n...

5.8CVSS7.9AI score0.06199EPSS
Exploits0References2
Total number of security vulnerabilities3702