Lucene search
+L
CertMost viewed

3704 matches found

cert
cert
added 2004/09/17 12:0 a.m.21 views

Mozilla may allow violation of cross-domain scripting policies via dragging

Overview A vulnerability affecting Mozilla web browsers may allow violation of cross-domain scripting policies and possibly execute code originating from a remote source. Description Mozilla web browsers allow the dragging of links and objects from one window to another. Should the object copied ...

6.9AI score
Exploits0References5
cert
cert
added 2004/08/23 12:0 a.m.21 views

Powie's PSCRIPT Forum fails to filter user posts

Overview Powie's PSCRIPT Forum fails to properly sanitize user input, which allows an attacker to create a user profile that can execute arbitrary scripts in a victim's web browser when the victim views the profile. Description Powie's PSCRIPT Forum is an online forum application written in PHP...

6.9AI score
Exploits0References5
cert
cert
added 2004/06/09 12:0 a.m.21 views

Cisco IPsec VPNSM vulnerable to DoS via malformed IKE packet

Overview A vulnerability in a Cisco VPN module can allow a remote attacker to cause a denial-of-service to the device in which the module is installed. Description The Cisco IP Security IPsec VPN Services Module VPNSM is a high-speed module for the Cisco Catalyst 6500 Series Switch and the Cisco...

7AI score
Exploits0References1
cert
cert
added 2004/04/30 12:0 a.m.21 views

Gaim contains a buffer overflow vulnerability in the yahoo_decode() function

Overview There is a buffer overflow vulnerability in the Gaim yahoodecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It supports a variety of instan...

9.8CVSS9.7AI score0.11214EPSS
Exploits1References5
cert
cert
added 2004/04/06 12:0 a.m.21 views

Monit fails to properly handle negative Content-Length fields

Overview Monit fails to properly handle HTTP requests containing a negative Content-Length field. Description Monit is a utility to monitor system processes, files, directories, devices, and remote hosts. It provides a web-based interface that can be used to access the Monit server. When processi...

7.2AI score
Exploits0References5
cert
cert
added 2004/01/27 12:0 a.m.21 views

KDE Personal Information Management suite "kdepim" contains a buffer overflow vulnerability in VCF information reader

Overview KDE Personal Information Management suite "kdepim" contains a buffer overflow vulnerability. Exploitation of this vulnerability could lead to the arbitrary execution of commands. Description KDE Personal Information Management suite shipped with KDE versions 3.1.0 through 3.1.4 contains ...

7.5CVSS7.5AI score0.06151EPSS
Exploits0References3
cert
cert
added 2003/05/07 12:0 a.m.21 views

Microsoft Windows Media Player fails to properly evaluate URLs when downloading skin files

Overview Microsoft Media Player contains a vulnerability in the parsing of "Skin Files" that may permit a remote attacker to download arbitrary files to a known location on the local system. Description Microsoft Media Player is an application that plays various types of media files. The user can...

7.5CVSS6.8AI score0.46315EPSS
Exploits1References5
cert
cert
added 2003/03/24 12:0 a.m.21 views

Multi-Tech ProxyServers ship with null password for administrative access

Overview Some versions of the Multi-Tech ProxyServer products ship without a default password for the administrative interface. Description Some versions of the Multi-Tech ProxyServer products ships without a default password for the administrative interface permitting unauthenticated access via...

7.4AI score
Exploits0References1
cert
cert
added 2003/03/13 12:0 a.m.21 views

Lotus Domino Web Retriever contains a buffer overflow vulnerability

Overview A buffer overflow vulnerability may be exploited via the Lotus Domino Web Retriever. Versions prior to 5.0.12 and 6.0 are affected. Description According to the Rapid7 Advisory:The Lotus Notes/Domino Web Retriever task is responsible for retrieving web pages on behalf of Notes users who...

7.6AI score
Exploits0References2
cert
cert
added 2003/02/18 12:0 a.m.21 views

Oracle9i Database contains remotely exploitable buffer overflow in "ORACLE.EXE"

Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 The buffer overflow exists in a...

8.3AI score
Exploits0References3
cert
cert
added 2002/10/01 12:0 a.m.21 views

Adobe Acrobat eBook Reader allows users to circumvent copying and printing restrictions

Overview A vulnerability in Adobe Acrobat eBook Reader allows local users to circumvent redistribution restrictions placed on an eBook by the publisher. Description The Adobe Acrobat eBook Reader allows one to read electronic books. The eBook Reader employs technology in order to control what the...

4.6CVSS5.8AI score0.01625EPSS
Exploits1References2
cert
cert
added 2002/09/16 12:0 a.m.21 views

IBM AIX FC contains buffer overflow exploitable during session setup

Overview The FC client in IBM's AIX contains a buffer overflow that may cause a core dump in the client. Description The IBM AIX FC client allows a buffer overflow of a few bytes in the client process, which could cause intermittent core dumps during session setup. Overflowing the buffer is...

7.2AI score
Exploits0References1
cert
cert
added 2002/07/11 12:0 a.m.21 views

SGI IRIX contains vulnerability in rpc.passwd allowing for root compromise

Overview There is a vulnerability in rpc.passwd that could allow root compromise. Description /usr/etc/rpc.passwd, part of the nfs.sw.nis subsystem on IRIX 6.5, could permit a root compromise. No other details are available. --- Impact Intruders could gain root access. --- Solution Apply a patch ...

7.2CVSS6.7AI score0.00424EPSS
Exploits0References2
cert
cert
added 2002/06/18 12:0 a.m.21 views

webMathematica discloses the contents of arbitrary files when file is requested using the absolute path

Overview A directory traversal vulnerability exists in webMathematica. Description webMathematica provides a way to offer access to Mathematica applications via a web browser interface. For example, one can deploy calculators, problem solvers, and other types of interactive content over the web.B...

5CVSS6.6AI score0.05668EPSS
Exploits1References3
cert
cert
added 2002/06/05 12:0 a.m.21 views

Yahoo! Messenger allows arbitrary users to be added to buddy list without proper authorization

Overview Yahoo! Messenger is an instant messaging client. There is a vulnerability in Yahoo! Messenger that permits a remote user to add arbitrary users to the victim's buddy list. Description Yahoo! Messenger allows users to view content only from users on their buddy list. An attacker could cra...

7AI score
Exploits0References1
cert
cert
added 2002/06/04 12:0 a.m.21 views

Oracle Web Cache contains buffer overflow vulnerabilities

Overview The CERT/CC is aware of a report about "several remotely exploitable buffer overflow vulnerabilities in the Oracle Web Cache Server" that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Web Cache process. Description The Oracle Web Cac...

8.9AI score
Exploits0References3
cert
cert
added 2002/05/23 12:0 a.m.21 views

Taskpads ActiveX Control incorrectly marked safe-for-scripting

Overview The taskpads ActiveX control included with some resource kit products circa February 1999 was incorrectly marked safe-for-scripting. Description The taskpads ActiveX control included with the Microsoft Windows 98 resource kit, the Microsoft Windows 98 resource kit sampler, and the Back...

7.5CVSS7AI score0.05881EPSS
Exploits0References2
cert
cert
added 2002/01/04 12:0 a.m.21 views

Buffer overflow vulnerability in grpck command line utility

Overview The CERT/CC has received a public report of a local buffer overflow vulnerability in the grpck utility. Description The grpck utility performs syntax checking of /etc/group and /etc/gshadow group information files. This utility contains a buffer overflow vulnerability in the section of...

7.9AI score
Exploits0References3
cert
cert
added 2001/12/21 12:0 a.m.21 views

Microsoft Internet Explorer does not properly handle document.open()

Overview Microsoft Internet Explorer contains a vulnerability in which a script from one source is permitted to access files on the client's file system. An attacker may be able to read cookies and other files on a target system, and spoof Internet sites by creating believable window titles...

7.5CVSS7AI score0.1932EPSS
Exploits1References5
cert
cert
added 2001/12/20 12:0 a.m.21 views

Advanced Poll does not adequately authenticate users

Overview Advanced Poll is a polling system written in PHP for use on web sites. When a flat file database is used, Advanced Poll does not adequately authenticate users, thereby allowing any user to gain Advanced Poll administrative privileges. Description On versions of Advanced Poll older than...

7.4AI score
Exploits0References2
cert
cert
added 2001/11/21 12:0 a.m.21 views

MandrakeSoft Mandrake Linux Apache default configuration enables Perl ProxyPass server on 8200/tcp

Overview The default installation of Apache on MandrakeSoft Mandrake Linux configures an instance of the server to run apache-modperl listening on port 8200/tcp. Description MandrakeSoft produces a Linux distribution called Mandrake Linux that includes the Apache web server. The default...

6.8AI score
Exploits0References2
cert
cert
added 2001/10/19 12:0 a.m.21 views

RSA Security ACE/Agent for Windows, ACE/Agent for Windows NT, and ACE/Agent for Windows 2000 do not properly handle URL encoded characters in URL

Overview RSA Security ACE/Agent for Windows, ACE/Agent for Windows NT, and ACE/Agent for Windows 2000 contain a vulnerability in which the ACE/Agent does not properly handle URL encoded characters contained in a URL. A specially crafted request may bypass authentication and expose the contents of...

7.3AI score
Exploits0References2
cert
cert
added 2001/10/18 12:0 a.m.21 views

Php variables passed from the browser are stored in global context

Overview Php is a dynamic scripting language used by programmers to develop webservers, message boards, chat applications and a variety of programs. By default php stores variables passed from the URL in a global context. Programmers often fail to change this setting which can allow serious...

7.8AI score
Exploits0References16
cert
cert
added 2001/10/01 12:0 a.m.21 views

getty_ps creates temporary files insecurely

Overview gettyps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. Description Under certain circumstances,...

1.2CVSS6.7AI score0.00298EPSS
Exploits0References3
cert
cert
added 2001/09/28 12:0 a.m.21 views

Weaknesses in the SSH protocol simplify brute-force attacks against passwords typed in an existing SSH session

Overview There is a vulnerability in the SSH protocol that can simplify brute force attacks against passwords typed within an existing SSH session. Description Researchers at the University of California at Berkeley have determined that by monitoring the delays between SSH packets transmitted...

7.2AI score
Exploits0References7
cert
cert
added 2001/09/26 12:0 a.m.21 views

Web-based email services filtering systems vulnerable to malicous script execution

Overview An attacker can send a specially crafted email message to a victim containing malicious scripting JavaScript, VBScript, JScript, etc., or potentially HTML. When a victim views the message with scripting enabled, the victim's browser will then interpret this javascript which can lead to...

10CVSS6AI score0.04235EPSS
Exploits0
cert
cert
added 2001/09/26 12:0 a.m.21 views

Beck GmbH IPC@Chip FtpD allows an attacker to gain access to the device

Overview There is a vulnerability in the Beck IPC@CHIP that allows an attacker to gain access to the device. Description The Beck IPC@CHIP is a single chip embedded webserver. This device also contains an ftp server that is configured by default to allow anonymous access. Additionally, the device...

7.3AI score
Exploits0References3
cert
cert
added 2001/09/20 12:0 a.m.21 views

Buffer Overflows in various email clients

Overview Buffer Overflows in several MIME headers affect a large number of electronic mail clients. Description A variety of electronic mail clients circa 1998 are vulnerable to buffer overflow attacks in the code that processes MIME headers. See the vendor statements referenced below for details...

8.3AI score
Exploits0References6
cert
cert
added 2001/09/18 12:0 a.m.21 views

Microsoft Windows 2000 Telnet Service fails to reject oversized username input values

Overview The Microsoft Windows 2000 Telnet Service contains a denial-of-service vulnerability that allows remote attackers to disrupt the telnet service on affected servers. Description The Microsoft Windows 2000 Telnet Service contains a vulnerability in the section of code that performs range...

5CVSS6.4AI score0.29731EPSS
Exploits0References3
cert
cert
added 2001/09/17 12:0 a.m.21 views

phpBB does not adequately validate user input thereby allowing user to gain escalated privileges via manipulated SQL query

Overview phpBB is an open-source bulletin board program. There exists a user input validation problem with regard to the parsing of the URL. An intruder can excute limited SQL queries and gain administrative privileges on the bulletin board. Description phpBB has a user input validation problem...

7.7AI score
Exploits0References1
cert
cert
added 2001/08/13 12:0 a.m.21 views

Critical Path directory products contain multiple vulnerabilities in LDAP handling code

Overview Multiple Critical Path directory products contain vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses th...

7.3AI score
Exploits0References5
cert
cert
added 2001/07/27 12:0 a.m.21 views

Allaire JRun Java Application Server vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the Allaire JRun Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from...

6AI score
Exploits0References7
cert
cert
added 2001/07/17 12:0 a.m.21 views

IBM SecureWay Directory is vulnerable to denial-of-service attacks via LDAP handling code

Overview The IBM SecureWay Directory contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, t...

7.5AI score
Exploits0References6
cert
cert
added 2001/03/04 12:0 a.m.21 views

RhinoSoft FTP Voyager FtpTree incorrectly marked "safe for scripting"

Overview FTP Voyager is an FTP client implemented as an ActiveX control. It is incorrectly marked as "safe for scripting" allowing malicious web pages or email messages to upload and download files. Description FTP Voyager is an FTP client implemented as an ActiveX control. An ActiveX control may...

6.4AI score
Exploits0References2
cert
cert
added 2026/04/22 12:0 a.m.20 views

Ollama GGUF Quantization Remote Memory Leak

Overview Ollama’s model quantization engine contains a vulnerability that allows an attacker with access to the model upload interface to read and potentially exfiltrate heap memory from the server. This issue may lead to unintended behavior, including unauthorized access to sensitive data and, i...

7.5CVSS6AI score0.00551EPSS
Exploits1
cert
cert
added 2025/09/09 12:0 a.m.20 views

Hiawatha open-source web server has multiple vulnerabilities

Overview Hiawatha is an open-source webserver for Unix that has packages for Windows, macOS, and a variety of Linux distributions. Three vulnerabilities were identified for this lightweight web-server: improper handling of HTTP headers; an authentication-timing attack in the Tomahawk component; a...

6.5CVSS6.3AI score0.00449EPSS
Exploits0References1
cert
cert
added 2025/08/13 12:0 a.m.20 views

HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames

Overview A vulnerability has been discovered within many HTTP/2 implementations allowing for denial of service DoS attacks through HTTP/2 control frames. This vulnerability is colloquially known as "MadeYouReset" and is tracked as CVE-2025-8671. Some vendors have assigned a specific CVE to their...

7.5CVSS7.1AI score0.03514EPSS
Exploits3References18
cert
cert
added 2016/02/04 12:0 a.m.20 views

Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium

Overview Comodo Chromodo browser, version 45.8.12.391, and possibly earlier, bundles the Ad Sanitizer extension, version 1.4.0.26, which disables the same origin policy, allowing for the possibility of cross-domain attacks by malicious or compromised web hosts. Chromodo is based on an outdated...

7.1AI score
Exploits0References4
cert
cert
added 2015/04/30 12:0 a.m.20 views

EMC AutoStart is vulnerable to remote code execution via specially crafted packets

Overview EMC AutoStart, version 5.5.0 and earlier, is vulnerable to remote command execution via specially crafted packets. Description EMC AutoStart is an enterprise software application developed to help networks and service maintain a high level of availability. AutoStart can manage clusters o...

9.3CVSS7.8AI score0.07209EPSS
Exploits0References1
cert
cert
added 2015/04/17 12:0 a.m.20 views

Hewlett-Packard Network Automation contains multiple vulnerabilities

Overview HP Network Automation versions 9.0x, 9.1x, 9.2x, and 10.x contain multiple vulnerabilities affecting the administrative web interface. Description HP Network Automation versions 9.0x, 9.1x, 9.2x, and 10.x contain vulnerabilities in the administrative web interface, including multiple cro...

6.9AI score
Exploits0References4
cert
cert
added 2015/03/16 12:0 a.m.20 views

D-Link DAP-1320 Rev Ax is vulnerable to a command injection

Overview The D-Link DAP-1320 Rev Ax firmware update mechanism contains a command injection vulnerability. Description CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' A remote unauthenticated attacker may execute commands on the device by taking...

10CVSS7.7AI score0.0329EPSS
Exploits0References2
cert
cert
added 2014/10/29 12:0 a.m.20 views

drchrono Electronic Health Record (EHR) web applications vulnerable to cross-site scripting and cross-site request forgery

Overview drchrono Electronic Health Record EHR web applications allow cross-site scripting XSS and cross-site request forgery CSRF that could allow an attacker to obtain sensitive patient information. Description drchrono provides an EHR web application service at drchrono.com, onpatient.com, and...

6.7AI score
Exploits0References2
cert
cert
added 2014/02/18 12:0 a.m.20 views

Microsoft XMLDOM ActiveX control information disclosure vulnerability

Overview The Microsoft XMLDOM ActiveX control can be used to check for the presence of multiple resources, which can result in unintended information disclosure. Description Microsoft.XMLDOM is an ActiveX control that can run in Internet Explorer without requiring any prompting to the user. This...

6.6AI score
Exploits0References4
cert
cert
added 2014/01/13 12:0 a.m.20 views

ASUS Wireless Router products contain a static DNS entry

Overview The ASUS WL-330NUL Pocket Wifi router and possibly other products contain a static DNS entry to the device's configuration pages. Description The ASUS WL-330NUL Pocket Wifi router and possibly other products contain static DNS entries to the device's configuration pages. The documentatio...

6.8AI score
Exploits0References1
cert
cert
added 2012/07/25 12:0 a.m.20 views

Dell SonicWALL Scrutinizer SQL injection vulnerability

Overview Dell SonicWALL Scrutinizer 9.5.0 and older versions contain a SQL injection vulnerability. Description The Dell SonicWALL service bulletin states:"After the release of Dell SonicWALL Scrutinizer 9.5.0, we received a report of an issue whereby a Scrutinizer user who had already...

6.5CVSS6.7AI score0.66828EPSS
Exploits7References1
cert
cert
added 2012/06/06 12:0 a.m.20 views

Video drivers may fail to support Address Space Layout Randomization (ASLR)

Overview Some video drivers fail to support ASLR in Microsoft EMET "Always on" mode, which can limit the amount that such a system can be secured. Description ASLR, when combined with DEP Data Execution Prevention can be an effective mitigation against exploitation of vulnerabilities. For more...

7.1AI score
Exploits0References11
cert
cert
added 2011/05/25 12:0 a.m.20 views

Unbound DNS resolver denial of service vulnerability

Overview A specially crafted DNS query may cause Unbound to respond with an empty UDP packet which triggers an assertion failure and stops the daemon. Description NLnetLabs advisory states:"Certain types of DNS queries may cause Unbound to respond with a DNS error message. The code generating thi...

4.3CVSS6.3AI score0.07085EPSS
Exploits1References3
cert
cert
added 2009/05/20 12:0 a.m.20 views

NSD vulnerable to one-byte overflow

Overview A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow. Description Name server daemon NSD is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when...

7.2AI score
Exploits0References1
cert
cert
added 2008/03/18 12:0 a.m.20 views

BusinessObjects RptViewerAX ActiveX control stack buffer overflow

Overview The BusinessObjects RptViewerAX ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BusinessObjects 6.5 includes an ActiveX control called RptViewerAX, which is provided by...

9.3CVSS6.8AI score0.06459EPSS
Exploits2References2
cert
cert
added 2007/09/05 12:0 a.m.20 views

Cisco Adaptive Security Appliance insecurely logs passwords

Overview The Cisco Adaptive Security Appliance ASA firewall may log user credentials, including passwords, as plain text when AAA authentication is enabled. Description The Cisco Adapative Security Appliance ASA is a firewall with Intrusion Protection System IPS, Stateful Packet Inspection SPI, a...

7.8AI score
Exploits0References3
Total number of security vulnerabilities3704