Lucene search
+L
CertMost viewed

3704 matches found

CERT
CERT
added 2006/07/27 12:0 a.m.23 views

Tamarack MMSd components fail to properly handle malformed packets

Overview Tamarack MMSd components do not properly handle malformed RFC 1006 packets. This vulnerability may allow a remote, unauthenticated attacker to cause a denial of service condition. Description ISO Transport Service over TCP TPKT, RFC 1006 RFC 1006 specifies how to run the OSI transport...

5CVSS6.6AI score0.02146EPSS
Exploits0References1
CERT
CERT
added 2006/07/11 12:0 a.m.23 views

Microsoft DHCP Client service contains a buffer overflow

Overview Microsoft DHCP Client service contains a buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Dynamic Host Configuration Protocol DHCP As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provides...

10CVSS7.5AI score0.90233EPSS
Exploits0References2
CERT
CERT
added 2006/05/30 12:0 a.m.23 views

Secure Elements Class 5 AVR server fails to properly authenticate session start messages

Overview The Secure Elements Class 5 AVR server fails to properly authenticate "session start" messages. This may allow an attacker to cause the server to initiate TCP connections to arbitrary destinations, which can cause a denial of service to both the server and the specified target. Descripti...

7.6AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.23 views

Secure Elements Class 5 AVR client fails to properly validate the size of EM_GET_CE_PARAMETER messages

Overview The Secure Elements Class 5 AVR client fails to properly handle the size of EMGETCEPARAMETER messages. This may allow an attacker to cause a buffer overflow and reveal process memory. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security...

7.7AI score
Exploits0References1
CERT
CERT
added 2006/04/28 12:0 a.m.23 views

Winny contains a buffer overflow

Overview Winny contains a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Winny also referred to as WinNY is a popular Japanese peer-to-peer file sharing application. A flaw exists in this program due t...

7.5CVSS7.8AI score0.0469EPSS
Exploits0References4
CERT
CERT
added 2005/12/30 12:0 a.m.23 views

Research in Motion (RIM) BlackBerry Attachment Service does not properly handle TIFF image files

Overview The Research in Motion RIM BlackBerry Attachment Service contains a vulnerability in the way the service handles TIFF files. By causing the service to render a specially crafted TIFF file and convincing a user to view the file on a BlackBerry Handheld device, an attacker could cause a...

7.5CVSS6.9AI score0.02194EPSS
Exploits0References4
CERT
CERT
added 2005/05/18 12:0 a.m.23 views

Extreme Networks switches with ExtremeWare XOS allow arbitrary command execution

Overview Some Extreme Networks switches running ExtremeWare XOS have a vulnerability that allows a malicious authenticated user to escape to the underlying operating system command shell with administrator-level root privileges. Description Extreme Network switches running ExtremeWare XOS contain...

4.6CVSS7.2AI score0.00851EPSS
Exploits0References1
CERT
CERT
added 2005/01/27 12:0 a.m.23 views

Exim vulnerable to buffer overflow via the dns_build_reverse() routine

Overview The Exim Mail Transfer Agent MTA contains a buffer overflow that allows a local attacker to execute arbitrary code. Description Exim MTA is an open-source mail transport agent distributed by the University of Cambridge. A lack of input validation on user supplied data may allow a buffer...

7.2CVSS6.8AI score0.02618EPSS
Exploits1References4
CERT
CERT
added 2004/11/10 12:0 a.m.23 views

Cisco IOS fails to properly handle malformed DHCP packets

Overview A denial-of-service vulnerability exists in Cisco's Internetwork Operating System IOS. This vulnerability may allow remote attackers to conduct denial-of-service attacks on an affected device. Description The Dynamic Host Configuration Protocol DHCP provides a means for distributing...

7.1AI score
Exploits0References2
CERT
CERT
added 2004/10/19 12:0 a.m.23 views

sudoedit can expose protected file contents

Overview Sudo's -e option sudoedit improperly handles temporary files, allowing an attacker to read files that would otherwise be inaccessible. Description Sudo is a utility that allows specific users to run certain commands as root. Beginning with version 1.6.8, sudo provides safe editing...

6.2AI score
Exploits0References7
CERT
CERT
added 2004/10/13 12:0 a.m.23 views

Microsoft Windows contains an unchecked buffer in the NetDDE services

Overview A vulnerability in the Network Dynamic Data Exchange service for Microsoft Windows could allow an attacker to compromise the affected system. Description Microsoft's Network Dynamic Data Exchange NetDDE is a communication protocol that allows two Windows applications to communicate with...

7.5CVSS7.5AI score0.77002EPSS
Exploits8References3
CERT
CERT
added 2004/08/27 12:0 a.m.23 views

Multiple memory leak vulnerabilities in isakmpd

Overview Multiple memory handling vulnerabilities exist in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security...

5CVSS6.7AI score0.0365EPSS
Exploits0
CERT
CERT
added 2004/08/13 12:0 a.m.23 views

JetboxOne may allow unauthorized users to execute arbitrary code

Overview Lack of input validation in JetboxOne version 2.0.8 allows an user to upload arbitrary files to the vulnerable system. This could lead to the execution of arbitrary code. Description JetboxOne, an open-source content management system, could allow an attacker with "AUTHOR" privileges to...

7.9AI score
Exploits0References2
CERT
CERT
added 2004/07/27 12:0 a.m.23 views

Cisco Transaction Language 1 (TL1) interface fails to properly validate accounts with blank passwords

Overview There is a vulnerability in the Cisco Transaction Language 1 TL1 login interface that could allow a remote attacker to gain access to a Cisco ONS device. Description Transaction Language 1 TL1 is a widely used telecommunications management protocol. A default account, CISCO15, contains a...

7.4AI score
Exploits0References6
CERT
CERT
added 2004/04/16 12:0 a.m.23 views

BEA WebLogic Server fails to properly associate re-created groups

Overview WebLogic Server contains a vulnerability that could result in the creation of new groups inheriting the privileges of a previously deleted group if members of the deleted group still exist. Description BEA Systems describes WebLogic Server as "an industrial-strength application...

7.2AI score
Exploits0References3
CERT
CERT
added 2004/04/14 12:0 a.m.23 views

Sun Solaris SSH Daemon fails to properly log client IP addresses

Overview The Sun Solaris Secure Shell Daemon sshd may incorrectly log client IP addresses. Description SSH is a program used to provide secure connection and communications between client and servers. Upon connecting to the service, the client's IP address is logged. There is a vulnerability in t...

6.9AI score
Exploits0References3
CERT
CERT
added 2004/04/14 12:0 a.m.23 views

HAHTsite Scenario Server fails to handle overly long URLs

Overview HAHTsite Scenario Server fails to properly handle HTTP requests containing an overly long "project name". Description HAHTsite Scenario Server is an e-Business platform that consists of a web application server and web development environment. There is a buffer overflow vulnerability in...

7.7AI score
Exploits0References3
CERT
CERT
added 2004/04/07 12:0 a.m.23 views

Cisco WLSE and HSE devices contain hardcoded username and password

Overview A default account with a common username and password exists in two Cisco products. An attacker with knowledge of this account information can compromise any of these devices on the network. Description A default account with a known, fixed username and password combination exists in som...

6.9AI score
Exploits0References1
CERT
CERT
added 2004/03/18 12:0 a.m.23 views

F-Secure Anti-Virus for Linux fails to properly detect Sober.D virus

Overview F-Secure Anti-Virus for Linux contains a flaw that may prevent it from properly detecting the Sober.D virus. A hotfix for this vulnerability has been released. Description F-Secure Anti-Virus version 4.52 for Linux contains a flaw that may prevent it from properly detecting the Sober.D...

7AI score
Exploits0References3
CERT
CERT
added 2004/02/25 12:0 a.m.23 views

Apple Mac OS X Safari fails to properly display URLs in the status bar

Overview Apple Mac OS X Safari fails to properly display URLs in the status bar. Description Safari is a web browser for the Macintosh platform. There is an unspecified vulnerability in the way Safari displays URLs in the status bar. --- Impact The complete impact of this vulnerability is not yet...

5CVSS5.9AI score0.02068EPSS
Exploits0References2
CERT
CERT
added 2003/09/24 12:0 a.m.23 views

Portable OpenSSH server PAM conversion stack corruption

Overview There is a vulnerability in the Portable OpenSSH server that may corrupt the PAM conversion stack. Description The Portable OpenSSH server contains a vulnerability that may permit an attacker to corrupt the PAM conversion stack. Versions 3.7p1 and 3.7.1p1 are affected. Note that the...

7.5CVSS9.2AI score0.0166EPSS
Exploits0References2
CERT
CERT
added 2003/08/25 12:0 a.m.23 views

Sendmail fails to appropriately initialize data structures for DNS maps

Overview There is an uninitialized data structure in sendmail 8.12.x rrdomain = smstrduphost; \t\tif rr-rrdomain == NULL \t\t A fix for this condition was made in sendmail 8.12.9 in March 2003, but it was not known to be a security issue at that time. --- Impact A remote attacker may be able to...

5CVSS7.8AI score0.03564EPSS
Exploits0References4
CERT
CERT
added 2003/08/19 12:0 a.m.23 views

Sun ONE/iPlanet Web Server vulnerable to DoS

Overview A vulnerability in the SunOne/iPlanet Web Server may allow a remote attacker to cause a denial of service. Description The SunOne/iPlanet Web Server contains a vulnerability which may allow a remote attacker to disrupt the normal operation of the web server. This vulnerability is only...

7.1AI score
Exploits0References3
CERT
CERT
added 2003/03/04 12:0 a.m.23 views

Microsoft Windows Me and XP Help and Support Center does not adequately validate hcp:// URI parameters

Overview The Help and Support Center included with Microsoft Windows Millennium Edition and XP does not adequately validate parameters provided in an "hcp://" URI. As a result, an attacker could construct a URI that could cause the Help and Support Center to execute arbitrary script, effectively...

6.8CVSS6.9AI score0.15057EPSS
Exploits0References14
CERT
CERT
added 2002/11/19 12:0 a.m.23 views

NetScreen Secure Command Shell (SCS) denial-of-service vulnerability

Overview The Secure Command Shell service on NetScreen firewall products contains a remotely exploitable denial-of-service vulnerability. Description Firewall products from NetScreen Technologies, Inc. include a Secure Shell version 1 SSHv1 implementation called Secure Command Shell SCS. The SCS...

7AI score
Exploits0References4
CERT
CERT
added 2002/10/01 12:0 a.m.23 views

Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow

Overview DNS stub resolvers from multiple vendors contain a buffer overflow vulnerability. The impact of this vulnerability appears to be limited to denial of service. Description A read buffer overflow vulnerability exists in BIND 4 and BIND 8.2.x stub resolver libraries. Other resolver librarie...

5CVSS7.4AI score0.03279EPSS
Exploits0
CERT
CERT
added 2002/09/06 12:0 a.m.23 views

HP Tru64 UNIX "lpr" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "lpr" contains a locally exploitable buffer overflow. Description "lpr" is used to send files to a print spool. A locally exploitable buffer overflow in "lpr" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/08/06 12:0 a.m.23 views

Buffer-overflow vulnerability in Midnight Commander

Overview The mcedit component of some versions of Midnight Commander contains a buffer-overflow vulnerability. Description Midnight Commander is a file manager for open source operating systems, distributed under the GNU General Public License GPL. In version 4.5.1 of Midnight Commander, the mced...

7.4AI score
Exploits0References1
CERT
CERT
added 2002/07/23 12:0 a.m.23 views

Sun iPlanet and ONE Web Servers contain a buffer overflow in the search engine

Overview The Sun iPlanet Web Server and Sun ONE Web Server both ship with a search engine that is not enabled by default. A remotely exploitable buffer overflow exists in the search engine that could permit an attacker to execute arbitrary code on the system. Description The Sun iPlanet Web Serve...

7.5CVSS7.7AI score0.04298EPSS
Exploits0References2
CERT
CERT
added 2002/07/16 12:0 a.m.23 views

Real Networks RealONE Player vulnerable to arbitrary command execution via crafted html in the skin file

Overview RealNetwork's RealJukebox and RealONE Gold players are media applications that permit users to stream audio and video from local and internet sources. A vulnerability exists in the applications that could permit the execution of arbitrary commands by a remote attacker. Description...

7.5CVSS6.6AI score0.02043EPSS
Exploits0References2
CERT
CERT
added 2002/04/26 12:0 a.m.23 views

sudo vulnerable to heap corruption via -p parameter

Overview Sudo is susceptible to a locally exploitable heap overflow vulnerability. Description Sudo is a common utility used to allow a system administrator to give users or groups of users rights to run certain programs as root or as another user. A locally exploitable heap overflow can lead to...

7.8CVSS8.4AI score0.01199EPSS
Exploits0References2
CERT
CERT
added 2002/03/01 12:0 a.m.23 views

Oracle9i Application Server allows unauthenticated access to PL/SQL applications via alternate Database Access Descriptor

Overview A vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. By specifying the Database Access Descriptor DAD used to access a PL/SQL application, an attacker could gain unauthorized access to the application...

7AI score
Exploits0References2
CERT
CERT
added 2002/01/03 12:0 a.m.23 views

Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via help page request

Overview A buffer overflow vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. This vulnerability could allow an unauthenticated remote attacker to cause a denial of service or execute arbitrary code on the system...

7.5CVSS10AI score0.08547EPSS
Exploits0References6
CERT
CERT
added 2001/12/21 12:0 a.m.23 views

IBM AIX login fails to adequately authenticate user when configured to use loadable authentication modules

Overview There is a remotely exploitable flaw in IBM's AIX 5.1L login when using loadable authentication modules. This does not affect AIX 4.3 and earlier. Description IBM AIX 5.1L login, with loadable authentication modules enabled and some non-default configurations, will permit users to login...

7AI score
Exploits0References1
CERT
CERT
added 2001/11/27 12:0 a.m.23 views

Microsoft SQL Server and Microsoft Data Engine (MSDE) ship with a null default password

Overview Microsoft SQL Server and Microsoft Data Engine ship with a null default password on the administrative account sa. If the system administrator does not set the password, the system may be vulnerable to attack. Description Microsoft SQL Server MS SQL and Microsoft Data Engine MSDE ship...

10CVSS7.2AI score0.87307EPSS
Exploits4References9
CERT
CERT
added 2001/11/19 12:0 a.m.23 views

Compaq Insight Manager XE buffer overflow in SNMP and DMI functionality

Overview The Compaq web-enabled management software contains a buffer overflow in the SNMP and DMI functionality. Remote intruders may be able to execute arbitrary code with privileges on affected systems. All versions of Compaq Insight Manager XE are affected, but Compaq Insight Manager windows...

8.4AI score
Exploits0References3
CERT
CERT
added 2001/09/20 12:0 a.m.23 views

Default installations of the Lotus Domino web server disclose system information via HTTP headers

Overview The default configuration of the Lotus Domino web server discloses system characteristics to anonymous remote users. Description The default configuration of the Lotus Domino web server discloses system information in the HTTP headers it returns to a web browser. If these headers are...

5CVSS6.3AI score0.02302EPSS
Exploits0References1
CERT
CERT
added 2001/09/10 12:0 a.m.23 views

Beck GmbH IPC@CHIP HTTPD vulernable to arbitrary file disclosure

Overview The Beck IPC@CHIP web server permits intruders to access files outside the web root. Description The Beck IPC@CHIP is a single chip embedded webserver. The Web Server's root directory is set to / by default. Because of this default setting, an attacker can download arbitrary files from a...

7.5CVSS6.5AI score0.01727EPSS
Exploits1References2
CERT
CERT
added 2001/09/05 12:0 a.m.23 views

ISC InterNetNews (INN) innfeed contains buffer overflow

Overview A locally exploitable buffer overflow exists in ISC InterNetNews. Description InterNetNews is a Usenet/Netnews news server supported by the Internet Software Consortium and volunteers. Innfeed is a component of InterNetNews that implements the NNTP protocol for transerring news between...

8AI score
Exploits0References3
CERT
CERT
added 2001/07/27 12:0 a.m.23 views

Caucho Technologies Resin vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web servers that use the Resin Java Servlet Container, versions 1.2.3 and earlier, are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidat...

5.1CVSS5.6AI score0.02773EPSS
Exploits1References5
CERT
CERT
added 2001/07/27 12:0 a.m.23 views

UUCP package contains multiple buffer overflows via long string of characters sent as command line argument

Overview Several Linux/Unix systems ship with a utility package called UUCP derived from System V. A buffer overflow in components of the UUCP package can allow an intruder to gain elevated privileges. Description Several Linux/Unix systems ship with a utility package called UUCP derived from...

7.9AI score
Exploits0References3
CERT
CERT
added 2001/06/13 12:0 a.m.23 views

SSH1 may generate weak passphrase when using Secure RPC

Overview The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by...

3.6CVSS5.9AI score0.00842EPSS
Exploits1References4
CERT
CERT
added 2001/06/01 12:0 a.m.23 views

Hewlett-Packard MPE/iX linkeditor permits privilege escalation

Overview There is a problem with the MPE/iX linkeditor that may allow an attacker to gain system manager privileges. Description The problem affects HP3000 systems running MPE/iX versions 5.5 through 6.5. HP has published a security bulletin describing the solution to this vulnerability...

4.6CVSS6.2AI score0.00471EPSS
Exploits0
CERT
CERT
added 2001/05/05 12:0 a.m.23 views

NewsDaemon does not adequately filter user input to $user_username

Overview NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. Description NewsDaemon is a PHP-based tool used to allow readers to submit and comments on news items and stories over the web. It also allows for...

7.5CVSS6.5AI score0.01771EPSS
Exploits1References3
CERT
CERT
added 2001/05/01 12:0 a.m.23 views

Hewlett-Packard MPE/ix contains vulnerabitily via architected interface facility

Overview A vulnerability in certain Hewlett-Packard systems allows users to gain unauthorized access to user accounts and databases using the architected interface facility. Description HP3000 systems running MPE/iX release 5.5 and newer contain a vulnerability in the architected interface facili...

7.5CVSS6.3AI score0.04277EPSS
Exploits0
CERT
CERT
added 2000/10/06 12:0 a.m.23 views

ADK flaw in recent versions of PGP

Overview Additional Decryption Keys ADKs is a feature introduced into PGP Pretty Good Privacy versions 5.5.x through 6.5.3 that allows authorized extra decryption keys to be added to a user's public key certificate. However, an implementation flaw in PGP allows unsigned ADKs which have been...

5CVSS5.4AI score0.01496EPSS
Exploits0References4
CERT
CERT
added 2025/06/10 12:0 a.m.22 views

A Vulnerability in UEFI Applications allows for secure boot bypass via misused NVRAM variable

Overview UEFI firmware applications DTBios and BiosFlashShell from DTResearch contain a vulnerability that allows Secure Boot to be bypassed using a specially crafted NVRAM variable. The vulnerability stems from improper handling of a runtime NVRAM variable that enables an arbitrary write...

8.2CVSS8.6AI score0.00347EPSS
Exploits1References6
CERT
CERT
added 2025/04/03 12:0 a.m.22 views

Multiple deserialization vulnerabilities in PyTorch Lightning 2.4.0 and earlier versions

Overview PyTorch Lightning versions 2.4.0 and earlier do not use any verification mechanisms to ensure that model files are safe to load before loading them. Users of PyTorch Lightning should use caution when loading models from unknown or unmanaged sources. Description PyTorch Lightning, a...

7.9AI score
Exploits0References4
CERT
CERT
added 2024/09/19 12:0 a.m.22 views

A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...

9.8CVSS9.6AI score0.01377EPSS
Exploits0References7
CERT
CERT
added 2016/05/04 12:0 a.m.22 views

Little CMS 2 DefaultICCintents double-free vulnerability

Overview Little CMS 2 contains a double-free vulnerability in the DefaultICCintents function, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Little CMS is an open-source color management engine that supports the International Color...

10CVSS9.4AI score0.0623EPSS
Exploits0References4
Total number of security vulnerabilities3704