Lucene search
+L
CertMost viewed

3704 matches found

cert
cert
•added 2000/09/26 12:0 a.m.•26 views

SSH host key authentication can be bypassed when DNS is used to resolve localhost

Overview This vulnerability allows an attacker to redirect an SSH connection to an arbitary host. Description When making connections to localhost, SSH disables host key checking to provide compatibility with NFS filesystems. As a result, if the victim's machine uses a poisoned DNS server to...

6.8AI score
Exploits0References1
cert
cert
•added 2026/05/20 12:0 a.m.•25 views

Local privilege escalation in Linux Kernel (Dirty Frag)

Overview A privilege escalation vulnerability, nicknamed "Dirty Frag," has been discovered in the Linux kernel versions 4.10 and later. This vulnerability is a result of chaining together two previously discovered vulnerabilities, xfrm-ESP Page-Cache Write CVE-2026-43284 and the RxRPC Page-Cache...

8.8CVSS6.1AI score0.93235EPSS
Exploits33References4
cert
cert
•added 2020/06/26 12:0 a.m.•25 views

Netgear httpd upgrade_check.cgi stack buffer overflow

Overview Multiple Netgear devices contain a stack buffer overflow in the httpd web server's handling of upgradecheck.cgi, which may allow for unauthenticated remote code execution with root privileges. Description Many Netgear devices contain an embedded web server, which is provided by the httpd...

9.5AI score
Exploits0References4
cert
cert
•added 2016/06/23 12:0 a.m.•25 views

Alertus Desktop Notification for OS X sets insecure permissions for configuration and other files

Overview Alertus Desktop Notification for OS X, version 2.9.30.1700 and earlier, sets insecure permissions for configuration and other files, which may enable an unprivileged attacker to disable notifications and modify content locally. Description CWE-276: Incorrect Default Permissions -...

4.4CVSS4.7AI score0.00621EPSS
Exploits0References2
cert
cert
•added 2015/12/04 12:0 a.m.•25 views

Lenovo Solution Center LSCTaskService privilege escalation, directory traversal, and CSRF

Overview The Lenovo Solution Center application contains multiple vulnerabilities that can allow an attacker to execute arbitrary code with SYSTEM privileges. Description CWE-732: Incorrect Permission Assignment for Critical Resource Launching the Lenovo Solution Center creates a process called...

8.1AI score
Exploits0References2
cert
cert
•added 2015/10/21 12:0 a.m.•25 views

HP Photosmart B210 printer SMB server buffer overflow vulnerability

Overview The HP Photosmart B210 printer utilizes an SMB server for managing the print queue. An invalid SMB packet may cause a denial of service condition, requiring the printer to be restarted. Description Fuzzing the first 296 bytes of an SMB packet may in some cases cause a denial of service...

7.7AI score
Exploits0References1
cert
cert
•added 2014/07/24 12:0 a.m.•25 views

BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow

Overview BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow Description CWE-121-Stack-based Buffer Overflow BulletProof FTP Client 2010 does not check the length of the host parameter set in the quick connect bar. A long host value causes a stack-based buffer overflow,...

6.9AI score
Exploits17References4
cert
cert
•added 2014/06/17 12:0 a.m.•25 views

F5 ARX Data Manager contains a SQL injection vulnerability

Overview F5 ARX Data Manager 3.0.0 - 3.1.0 contains a SQL injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command F5 ARX Data Manager 3.0.0 - 3.1.0 contains an unspecified SQL injection vulnerability. --- Impact A remote authenticated attack...

6.5CVSS7AI score0.01421EPSS
Exploits0References3
cert
cert
•added 2014/04/14 12:0 a.m.•25 views

PaperThin CommonSpot CMS contains multiple vulnerabilities

Overview PaperThin CommonSpot contains multiple vulnerabilities, which may allow an unauthenticated remote attacker to execute arbitrary code on the server. Description PaperThin CommonSpot is a content management system CMS that is based on Adobe ColdFusion. CommonSpot is composed of over 3000...

8.7AI score
Exploits0References16
cert
cert
•added 2014/01/23 12:0 a.m.•25 views

CS-Cart version 4.0.2 contains cross-site scripting vulnerabilities

Overview CS-Cart version 4.0.2 and possibly earlier versions contain cross-site scripting XSS vulnerabilities CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CS-Cart version 4.0.2 and possibly earlier versions contain cross-site...

4.3CVSS6.4AI score0.01012EPSS
Exploits0References3
cert
cert
•added 2014/01/20 12:0 a.m.•25 views

MW6 Technologies ActiveX controls contain multiple vulnerabilities

Overview MW6 Technologies' MaxiCode, Aztec, and DataMatrix ActiveX controls contain multiple vulnerabilities. Description MW6 Technologies' MaxiCode, Aztec, and DataMatrix ActiveX controls are used for processing barcodes. The ActiveX controls contain multiple vulnerabilities that may lead to...

9.3CVSS8.5AI score0.07373EPSS
Exploits4References4
cert
cert
•added 2013/10/31 12:0 a.m.•25 views

Tiki Wiki CMS Groupware version 11.0 contains a cross-site scripting (XSS) vulnerability

Overview Tiki Wiki CMS Groupware version 11.0 and possibly earlier versions contain a cross-site scripting XSS vulnerability CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Tiki Wiki CMS Groupware version 11.0 and possibly earlier...

6.1CVSS6.3AI score0.01354EPSS
Exploits0References3
cert
cert
•added 2013/07/26 12:0 a.m.•25 views

TrustGo Antivirus & Mobile Security contains a denial-of-service vulnerability

Overview TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 contain a denial-of-service CWE-20 vulnerability. Description CWE-20:Improper Input Validation- CVE-2013-3580TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 crash if an intent is sent to...

4.3CVSS6.1AI score0.01273EPSS
Exploits0References2
cert
cert
•added 2012/10/23 12:0 a.m.•25 views

Adobe Shockwave 11.6.7.637 contains multiple exploitable vulnerabilities

Overview Adobe Shockwave Player 11.6.7.637 and earlier versions on the Windows and Macintosh operating systems contain critical vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Macromedia Shockwave Player is...

7.1AI score
Exploits0References1
cert
cert
•added 2012/08/23 12:0 a.m.•25 views

Websense Content Gateway XSS vulnerabilities

Overview Websense Content Gateway contains XSS vulnerabilities. Description Websense Content Gateway contains the following post-authentication reflective XSS vulnerabilities within the menu and item parameter values in the /monitor/moverview.ink webpage. The reflective XSS reported allows for...

4.3CVSS7.2AI score0.01715EPSS
Exploits1References2
cert
cert
•added 2012/08/17 12:0 a.m.•25 views

HP Virtual SAN appliance root shell command injection

Overview The HP Virtual SAN appliance version 9.5 is susceptible to a root shell command injection CWE-77 vulnerability. Description Tenable Network Security has reported that HP's fix for the command injection vulnerability, EDB-ID 18893, was incomplete. The ping command for the appliance has a...

7.7CVSS7.1AI score0.0442EPSS
Exploits0References2
cert
cert
•added 2012/06/21 12:0 a.m.•25 views

ATA interface software may not properly handle ATA security features

Overview ATA interface software, including multiple system board BIOS implementations do not adequately manage the ATA hard drive security mode. An attacker may be able to manipulate this situation to completely lock a hard drive resulting in an almost unrecoverable denial-of-service condition...

7.2AI score
Exploits0References6
cert
cert
•added 2012/02/02 12:0 a.m.•25 views

Apple Mac OS X CoreText embedded font vulnerability

Overview Apple Mac OS X CoreText contains a use-after-free vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple Mac OS X CoreText is a text layout and font processing engine that is used to handle embedded fonts.CoreTe...

6.8CVSS6.6AI score0.02524EPSS
Exploits1References2
cert
cert
•added 2011/10/10 12:0 a.m.•25 views

GoAhead Webserver multiple stored XSS vulnerabilities

Overview GoAhead Webserver 2.18 and possibly previous or newer versions, are vulnerable to multiple stored and reflective cross site scripting XSS vulnerabilities. Description GoAhead Webserver software fails to sanitize POST requests sent to the multiple functions. As a result, stored and...

6.1AI score
Exploits0
cert
cert
•added 2011/09/20 12:0 a.m.•25 views

AmmSoft ScriptFTP 3.3 client remote buffer overflow vulnerability

Overview AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command. Description AmmSoft's ScriptFTP client can be exploited to execute arbitrary code when processing GETLIST or GETFI...

8.2AI score
Exploits0References2
cert
cert
•added 2011/04/05 12:0 a.m.•25 views

Dell Kace K2000 Appliance unauthenticated access and information disclosure vulnerability

Overview Dell KACE K2000 Systems Deployment Appliance contains a hidden CIFS share that allows anonymous access. Description According to Dell KACE's knowledge base article: "The Dell KACE K2000 Systems Deployment Appliance version 3.3.36822 and earlier uses a read-only CIFS fileshare named...

7.5AI score
Exploits0References1
cert
cert
•added 2011/04/04 12:0 a.m.•25 views

pWhois Layer Four Traceroute 3.x vulnerability

Overview Given a specific set of command line arguments, Layer Four Traceroute lft will produce a segmentation fault leading to a possible privilege escalation vulnerability. Description pWhois Layer Four Traceroute 3.x contains a vulnerability when parsing command line arguments. Earlier version...

7.2CVSS6.2AI score0.00388EPSS
Exploits0References1
cert
cert
•added 2010/10/12 12:0 a.m.•25 views

Oracle WebLogic Node Manager allows arbitrary configuration via UNC path

Overview Oracle WebLogic Node Manager 10.3.3 and earlier versions contain a remote file inclusion vulnerability. This vulnerability could allow a remote attacker to execute arbitrary commands on an affected system. Description Node Manager is a WebLogic Server utility that enables you to start,...

8AI score
Exploits0References1
cert
cert
•added 2010/08/05 12:0 a.m.•25 views

Oracle Siebel Option Pack for IE ActiveX control memory initialization vulnerability

Overview The Oracle Siebel Option Pack for IE ActiveX control fails to properly initialize memory, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Siebel Option Pack for IE is an ActiveX control that is provided by Oracle Siebel...

9.3CVSS6.9AI score0.03949EPSS
Exploits1References2
cert
cert
•added 2010/03/23 12:0 a.m.•25 views

Mozilla WOFF decoder integer overflow

Overview An integer overflow in the Mozilla Web Open Fonts Format WOFF decoder may allow a remote attacker to execute code on an affected system. Description The Web Open Fonts Format WOFF is a simple compressed file format for fonts. Mozilla introduced support for WOFF in the 1.9.2 branch of the...

9.3CVSS9.8AI score0.08816EPSS
Exploits2References6
cert
cert
•added 2008/12/02 12:0 a.m.•25 views

RealFlex RealWin buffer overflow

Overview RealFlex RealWin demo version contains a vulnerability in the way "FCINFOTAG/SETCONTROL" packets are processed. Description RealFlex RealWin is SCADA server software that includes a Human Machine Interface HMI componant and runs on Microsoft Windows 2000 or XP. The demo version of RealWi...

10CVSS7.9AI score0.64828EPSS
Exploits8References6
cert
cert
•added 2008/06/25 12:0 a.m.•25 views

Adobe Reader and Adobe Acrobat contain an unspecified flaw in a JavaScript method

Overview Adobe Reader and Acrobat contain an unspecified flaw in a JavaScript method, which can allow a remote, unauthenticated attacker to execute code on a vulnerable system. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes...

10CVSS6.8AI score0.2219EPSS
Exploits1References2
cert
cert
•added 2008/04/21 12:0 a.m.•25 views

Microsoft HeartbeatCtl ActiveX control buffer overflow

Overview The Microsoft HeartbeatCtl ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft HeartbeatCtl ActiveX control is used to play multiplayer games on the MSN Games website. T...

9.3CVSS7.2AI score0.30179EPSS
Exploits1References2
cert
cert
•added 2007/12/12 12:0 a.m.•25 views

Microsoft Windows Media Format Runtime ASF handling buffer overflow

Overview Microsoft Windows Media Format Runtime is vulnerable to a heap-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on an vulnerable system. Description Microsoft Windows Media Format Runtime is used by various Windows Media...

9.3CVSS7.2AI score0.35976EPSS
Exploits1References1
cert
cert
•added 2007/10/08 12:0 a.m.•25 views

Electronic Arts SnoopyCtrl ActiveX control and plug-in stack buffer overflows

Overview The Electronic Arts SnoopyCtrl ActiveX control and plug-in contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Electronic Arts EA.com provides an ActiveX control and Netscape-style...

6.8CVSS7.3AI score0.3089EPSS
Exploits3References4
cert
cert
•added 2007/09/20 12:0 a.m.•25 views

Microsoft MFC FindFile function heap buffer overflow

Overview A buffer overflow vulnerability in the Microsoft Foundation Class MFC Library could allow an attacker to execute arbitrary code on an affected system. Description The Microsoft Foundation Class MFC Library is a Microsoft library that wraps parts of the Windows API in C++ classes. The MFC...

10CVSS7.5AI score0.19667EPSS
Exploits1References2
cert
cert
•added 2007/08/28 12:0 a.m.•25 views

MSN Messenger and Windows Live Messenger webcam stream heap overflow

Overview MSN Messenger fails to properly handle webcam streams, which may allow a remote attacker to execute arbitrary code. Description MSN Messenger is an instant messaging application. Starting with version 8, MSN Messenger was renamed to Windows Live Messenger. Windows Live Messenger and some...

9.3CVSS7AI score0.55451EPSS
Exploits2References2
cert
cert
•added 2007/06/11 12:0 a.m.•25 views

Zoomify Viewer ActiveX control multiple stack buffer overflows

Overview The Zoomify Viewer ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Zoomify provides software to incorporate zoomable images into web sites. One of the Zoomify produc...

9.3CVSS7AI score0.06506EPSS
Exploits0References2
cert
cert
•added 2007/05/14 12:0 a.m.•25 views

HTTP content scanning systems full-width/half-width Unicode encoding bypass

Overview Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. Description Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP...

6.8AI score
Exploits0References11
cert
cert
•added 2007/04/10 12:0 a.m.•25 views

Microsoft Windows CSRSS error handling vulnerability

Overview The Microsoft Windows Client/Server Run-time Subsystem CSRSS process fails to properly handle error messages. This vulnerability may allow a remote attacker to execute arbitrary code. Description According to Microsoft Security Bulletin MS07-021:CSRSS is the user-mode portion of the Win3...

6.6CVSS7AI score0.06786EPSS
Exploits0References5
cert
cert
•added 2007/04/09 12:0 a.m.•25 views

Yahoo! Messenger AudioConf ActiveX Control buffer overflow vulnerability

Overview The Yahoo! Messenger AudioConf ActiveX control contains a buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Messenger is an instant messaging application. Yahoo! Messenger includes several ActiveX...

9.3CVSS7.1AI score0.08375EPSS
Exploits4References7
cert
cert
•added 2007/02/20 12:0 a.m.•25 views

Microsoft Malware Protection Engine fails to properly process a specially crafted PDF File

Overview A vulnerability in the way Microsoft Malware Protection Engine processes PDF files may lead to execution of arbitrary code. Description Microsoft Malware Protection Engine contains a vulnerability that could be exploited when it attempts to process specially crafted PDF files. According ...

9.3CVSS7.3AI score0.3008EPSS
Exploits0References4
cert
cert
•added 2007/01/17 12:0 a.m.•25 views

Novell NetMail IMAP vulnerable to DoS when processing "APPEND" commands

Overview A vulnerability in the way Novell Netmail handles IMAP APPEND commands may allow a denial of service. Description Novell Netmail's IMAP server contains a buffer overflow that may occur when processing parameters supplied to the APPEND command. An attacker must login to an affected system...

4CVSS6.8AI score0.01675EPSS
Exploits0References3
cert
cert
•added 2006/12/11 12:0 a.m.•25 views

Cisco Security Agent Management Center vulnerable to authentication bypass

Overview Cisco Security Agent Management Center CSAMC may be vulnerable to authentication bypass when configured to use an external Lightweight Directory Access Protocol LDAP server for authentication. Description Cisco Security Agent Management Center CSAMC is a component of the CiscoWorks VPN...

7.5CVSS7AI score0.0365EPSS
Exploits0References2
cert
cert
•added 2006/11/07 12:0 a.m.•25 views

Apache mod_tcl module contains a format string error

Overview A format string vulnerability exists in the modtcl Apache module. This vulnerability may allow a remote attacker to execute arbitrary code. Description The Apache HTTP Server, also known as httpd, is an open-source HTTP server that runs on Microsoft Windows, Linux, Unix, and Apple OS X...

6.8CVSS6.8AI score0.15972EPSS
Exploits0References5
cert
cert
•added 2006/10/10 12:0 a.m.•25 views

Microsoft PowerPoint malformed record memory corruption

Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed records, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoint opens...

9.3CVSS6.8AI score0.12509EPSS
Exploits0References4
cert
cert
•added 2006/08/23 12:0 a.m.•25 views

HP OpenView Storage Data Protector may allow an attacker to execute arbitrary commands

Overview A vulnerability in HP OpenView Storage Data Protector may allow an attacker to issue arbitrary commands on an affected system. Description HP OpenviewHP Openview is a range of products, distributed and developed by Hewlett Packard, that are used for enterprise system and network...

7.5CVSS7.1AI score0.09908EPSS
Exploits0References5
cert
cert
•added 2006/08/15 12:0 a.m.•25 views

McAfee Subscription Manager ActiveX control vulnerable to stack buffer overflow

Overview The McAfee Subscription Manager ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be incorporated int...

6.8CVSS6.9AI score0.33824EPSS
Exploits7References6
cert
cert
•added 2006/07/11 12:0 a.m.•25 views

Microsoft Office fails to properly handle GIF images

Overview Microsoft Office applications fail to properly handle GIF images. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office applications fail to properly parse GIF images. When an Office document containing a malformed G...

9.3CVSS6.9AI score0.19519EPSS
Exploits0References1
cert
cert
•added 2006/05/30 12:0 a.m.•25 views

Secure Elements Class 5 AVR client fails to properly validate a messages target CEID

Overview The Secure Elements Class 5 AVR client fails to properly validate a message's target CEID. This makes attacks easier, as the attacker does not need to guess the victim's true CEID. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produ...

7.1AI score
Exploits0References1
cert
cert
•added 2006/02/09 12:0 a.m.•25 views

Sun Java Web Start security bypass vulnerability

Overview A vulnerability in the Sun Java Web Start may allow an untrusted Java applet or application to bypass security restrictions and execute arbitrary code. Description Java Web Start technology allows Java applications and applets to be executed via HTTP. Remote applications and applets are...

4CVSS7.4AI score0.03224EPSS
Exploits0References3
cert
cert
•added 2006/02/09 12:0 a.m.•25 views

Microsoft WMF memory corruption vulnerability

Overview Microsoft applications fail to properly handle Windows Metafile WMF images potentially allowing a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats including WMF images. Windows...

9.3CVSS7.1AI score0.18495EPSS
Exploits1References5
cert
cert
•added 2005/12/21 12:0 a.m.•25 views

Symantec RAR decompression library contains multiple heap overflows

Overview The Symantec RAR decompression library Dec2RAR.dll contains multiple heap buffer overflows. Using a specially crafted RAR archive, a remote attacker could execute arbitrary code or cause a denial of service. Description Symantec AntiVirus and other security products use a library to...

7.5CVSS7.8AI score0.06265EPSS
Exploits0References5
cert
cert
•added 2005/10/21 12:0 a.m.•25 views

Oracle Application Server SQL*ReportWriter vulnerability

Overview An unspecified vulnerability in the Oracle SQLReportWriter may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle SQLReportWriter is a component of the Oracle Application Server. There is an vulnerability in the Oracle...

6.5AI score
Exploits0References3
cert
cert
•added 2005/07/18 12:0 a.m.•25 views

Some SSH servers on Microsoft Windows set insecure permissions for the host identification key file

Overview SSH provides remote, encrypted terminal access to hosts. Some SSH servers, when running on Microsoft Windows, set insecure permissions on the file storing the private SSH server hostkey. This could allow an authenticated user to obtain the SSH hostkey and use it to impersonate the server...

4.6CVSS5.6AI score0.00308EPSS
Exploits0References6
Total number of security vulnerabilities3704