Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
added 2002/09/13 12:0 a.m.19 views

Multiple vendors' email content/virus scanners do not adequately check "message/partial" MIME entities

Overview Email anti-virus scanners and content filters from multiple vendors do not adequately check messages containing "message/partial" MIME entities RFC 2046. As a result, viruses, malicious code, or other restricted content may not be detected. Description Section 5.2.2 of RFC 2046 defines t...

7.5CVSS6.5AI score0.06667EPSS
Exploits0References4
CERT
CERT
added 2002/09/10 12:0 a.m.19 views

HP Tru64 UNIX "uucp" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "uucp" contains a locally exploitable buffer overflow. Description "uucp" is used to copy files between hosts. A locally exploitable buffer overflow in "uucp" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/08/09 12:0 a.m.19 views

SurfControl SuperScout does not filter web requests fragmented in multiple packets

Overview SurfControl SuperScout Web Filter does not block some HTTP requests that have been fragmented into multiple packets. Description SurfControl SuperScout Web Filter is software intended for companies that wish to limit employees' web surfing to appropriate uses. SuperScout anazlyzes...

6.7AI score
Exploits0References1
CERT
CERT
added 2002/06/05 12:0 a.m.19 views

Yahoo! Messenger contains a buffer overflow in "set_buddygrp" when adding users to a buddy list via the web

Overview Yahoo! Messenger is an instant messaging client. There is a remotely exploitable buffer overflow vulnerability in the "setbuddygrp" field of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the "setbuddygrp" field that may permit a remote attacker to execute...

8.3AI score
Exploits0
CERT
CERT
added 2001/11/05 12:0 a.m.19 views

Mac OS X executes 'recent items' with privileges of foreground application

Overview The "recent items" feature of MacOS X allows users at the console to trivially obtain root privileges. Description MacOS X includes a feature called recent items. Recent Items is a list of documents and applications that have recently been accessed. An application launched from the Recen...

7.1AI score
Exploits0References4
CERT
CERT
added 2001/09/27 12:0 a.m.19 views

Beck GmbH IPC@Chip TelnetD service ships with inadequately protected default account

Overview There is a vulnerability in the Beck IPC@CHIP that may allow an attacker to gain access to the device. Description The Beck IPC@CHIP is a single chip embedded webserver. This device also contains a telnet server that ships with an account named "Default". This account essentially grants...

7.2AI score
Exploits0References3
CERT
CERT
added 2001/09/26 12:0 a.m.19 views

Web-based email services filtering systems vulnerable to malicous script execution

Overview An attacker can send a specially crafted email message to a victim containing malicious scripting JavaScript, VBScript, JScript, etc., or potentially HTML. When a victim views the message with scripting enabled, the victim's browser will then interpret this javascript which can lead to...

10CVSS6AI score0.04235EPSS
Exploits0
CERT
CERT
added 2001/09/26 12:0 a.m.19 views

Beck GmbH IPC@Chip FtpD allows an attacker to gain access to the device

Overview There is a vulnerability in the Beck IPC@CHIP that allows an attacker to gain access to the device. Description The Beck IPC@CHIP is a single chip embedded webserver. This device also contains an ftp server that is configured by default to allow anonymous access. Additionally, the device...

7.3AI score
Exploits0References3
CERT
CERT
added 2001/09/17 12:0 a.m.19 views

phpBB does not adequately validate user input thereby allowing user to gain escalated privileges via manipulated SQL query

Overview phpBB is an open-source bulletin board program. There exists a user input validation problem with regard to the parsing of the URL. An intruder can excute limited SQL queries and gain administrative privileges on the bulletin board. Description phpBB has a user input validation problem...

7.7AI score
Exploits0References1
CERT
CERT
added 2001/05/06 12:0 a.m.19 views

Dallas Semiconductor iButton DS1991 vulnerable to dictionary attack

Overview The Dallas Semiconductor iButton DS1991 is vulnerable to a dictionary attack, allowing an intruder to recover passwords. Description The Dallas Semiconductor iButton DS1911 stores 1 kilobyte of data in 3 separate password-protected areas. It includes functionality intended to prevent...

6.8AI score
Exploits0References2
CERT
CERT
added 2001/04/13 12:0 a.m.19 views

SGI systems may execute commands embedded in mail messages

Overview Some SGI systems produced circa 1998 allowed an intruder to send mail that would execute commands when the reader opened the message. Description On some SGI systems, Netscape is bundled with IRIX 6.3 and 6.4 and is used as the default web browser and mail reader. On these systems, the...

7.7AI score
Exploits0References1
CERT
CERT
added 2001/02/16 12:0 a.m.19 views

BSD i386_set_ldt syscall does not appropriately validate call gate targets

Overview There are a set of kernel interfaces called "call gates" which are code primitives used to build system-level calls into an operating system's kernel. A subset of these "calls gates" may be able to be manipulated on some operating systems which use improper privilege checking when...

6.8AI score
Exploits0References2
CERT
CERT
added 2000/11/02 12:0 a.m.19 views

SystemWizard Launch ActiveX Control lacks authentication

Overview Description The SystemWizard "Launch" ActiveX Control may allow attackers to execute arbitrary commands on systems where the control is installed. This control was shipped on HP Pavilion computers running Windows 98, as part of a diagnostic application named "SystemWizard" produced by...

7.5CVSS7AI score0.0211EPSS
Exploits0References3
CERT
CERT
added 2026/06/02 12:0 a.m.18 views

Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and without SIP Security Agreement headers, exposing...

7.4CVSS5.7AI score0.00174EPSS
Exploits0References4
CERT
CERT
added 2026/05/08 12:0 a.m.18 views

Linux kernel contains local privilege escalation vulnerability (Copy Fail)

Overview A privilege escalation vulnerability has been discovered in Linux kernel versions version 4.17 released 2017 and later. Many popular distributions and Linux-based containers are affected. This vulnerability was publicly disclosed on April 29, 2026, has been assigned CVE ID CVE-2026-31431...

7.8CVSS6.2AI score0.96267EPSS
Exploits230References8
CERT
CERT
added 2025/07/27 12:0 a.m.18 views

SysTrack LsiAgent.exe contains an improper DLL search order, allowing an attacker to execute arbitrary code and priv esc

Overview Lakeside Software, an IT digital employee experience platform, offers a product called SysTrack, intended for endpoint observability. This program uses an executable called LsiAgent.exe, which attempts to load various Dynamic Link Library DLL files when run. The program does not properly...

4.4CVSS7AI score0.00164EPSS
Exploits0References1
CERT
CERT
added 2025/05/07 12:0 a.m.18 views

Radware Cloud Web Application Firewall Vulnerable to Filter Bypass

Overview The Radware Cloud Web Application Firewall is vulnerable to filter bypass by multiple means. The first is via specially crafted HTTP request and the second being insufficient validation of user-supplied input when processing a special character. An attacker with knowledge of these...

9.1CVSS9.2AI score0.00543EPSS
Exploits0References1
CERT
CERT
added 2015/08/31 12:0 a.m.18 views

Router devices do not implement sufficient UPnP authentication and security

Overview Home routers implementing the UPnP protocol do not sufficiently randomize UUIDs in UPnP control URLs, or implement other UPnP security measures. Description The UPnP protocol allows automatic device discovery and interaction with devices on a network. The UPnP protocol was originally...

7AI score
Exploits0References5
CERT
CERT
added 2015/07/08 12:0 a.m.18 views

Windows Adobe Type Manager privilege escalation vulnerability

Overview The Adobe Type Manager module contains a memory corruption vulnerability, which can allow an attacker to obtain SYSTEM privileges on an affected Windows system. Description Adobe Type Manager, which is provided by atmfd.dll, is a kernel module that is provided by Windows and provides...

7.2AI score
Exploits0References3
CERT
CERT
added 2013/07/15 12:0 a.m.18 views

Verizon Wireless Network Extender multiple vulnerabilities

Overview iSEC Partners has reported that the Verizon Wireless Network Extender models SCS-26UC4 and SCS-2U01 made by Samsung are susceptible to a local compromise using a custom HDMI cable. Once compromised the device can be used to eavesdrop on voice, text and data communication for mobile devic...

7.8AI score
Exploits0References1
CERT
CERT
added 2011/12/08 12:0 a.m.18 views

HomeSeer HS2 web interface multiple vulnerabilities

Overview HomeSeer HS2 home automation software web interface contains multiple vulnerabilities. Description According to HomeSeer's website, "HomeSeer HS2 is an advanced home automation and remote access software package that is designed to integrate the major systems of any home". The HomeSeer H...

6.8AI score
Exploits0References1
CERT
CERT
added 2011/09/22 12:0 a.m.18 views

libpng malformed cHRM divide-by-zero vulnerability

Overview libpng crashes when processing malformed cHRM chunks. Description When libpng encounters a cHRM chunk that is malformed it will perform a divide-by-zero causing libpng to crash. This bug was introduced in libpng version 1.5.4 and has been fixed in libpng version 1.5.5. --- Impact By...

7AI score
Exploits0References3
CERT
CERT
added 2011/05/31 12:0 a.m.18 views

HP LoadRunner buffer overflow vulnerability

Overview HP LoadRunner contains a buffer overflow vulnerability when parsing Virtual User script files. Description According to HP's website: HP LoadRunner software is the industry standard for performance validation. It allows you to prevent application performance problems by detecting...

7.7AI score
Exploits0References1
CERT
CERT
added 2007/05/29 12:0 a.m.18 views

Media Technology Group CDPass ActiveX control stack buffer overflows

Overview The Media Technology Group CDPass ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Media Technology Group CDPass is software that provides bonus content for music CDs...

7.6AI score
Exploits0References3
CERT
CERT
added 2006/05/30 12:0 a.m.18 views

Secure Elements Class 5 AVR client fails to enforce integrity of message digests

Overview The Secure Elements Class 5 AVR client fails to enforce integrity of message digests. This may allow an attacker to replay modified messages to a vulnerable client. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors...

7.2AI score
Exploits0References1
CERT
CERT
added 2006/04/20 12:0 a.m.18 views

Oracle Application Object Library vulnerability

Overview An unspecified vulnerability in the Oracle Application Object Library may allow a remote, unauthenticated attacker to compromise system integrity and confidentiality. Description Oracle Application Object Library contains a vulnerability.The details of this vulnerability are not clear...

7.1AI score
Exploits0References2
CERT
CERT
added 2006/03/24 12:0 a.m.18 views

Pubcookie application server modules contain cross-site scripting vulnerabilities

Overview Cross-site scripting vulnerabilities in the Pubcookie application server modules could allow a remote attacker to gain access to sensitive information. Description Pubcookie is a software package that provides intra-institutional single-sign-on authentication for end-users over the web...

6.5AI score
Exploits0References2
CERT
CERT
added 2006/03/03 12:0 a.m.18 views

Oracle Diagnostic Tools do not properly authenticate users

Overview Oracle Diagnostic Tools fail to properly authenticate users before granting access to tools and tool resources. This may allow a remote, unauthenticated attacker to access and execute diagnostic tools on an Oracle E-Business Suite installation. Description Oracle Diagnostic Tools Oracle...

7AI score
Exploits0References3
CERT
CERT
added 2004/12/13 12:0 a.m.18 views

Shortcuts may insecurely store SMB authentication information

Overview SMB authentication information may be stored as plain text within URI shortcuts. As a result, a local attacker may be able read the authentication information and gain access to the share. Description SMB is a protocol for sharing data and resources between computers. Many operating...

6.8AI score
Exploits0References1
CERT
CERT
added 2004/12/10 12:0 a.m.18 views

Anti-virus software may not properly scan malformed zip archives

Overview Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Description Information about a zip archive, such as the size of the compressed data, is placed in headers...

7.8AI score
Exploits0References3
CERT
CERT
added 2004/11/04 12:0 a.m.18 views

Multiple web browsers do not properly interpret TABLE elements when displaying URLs in the status bar

Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...

5.8AI score
Exploits0References3
CERT
CERT
added 2004/11/04 12:0 a.m.18 views

Multiple web browsers do not properly interpret BASE and FORM elements when displaying URLs in the status bar

Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...

5.8AI score
Exploits0References1
CERT
CERT
added 2004/08/13 12:0 a.m.18 views

Juniper Networks NetScreen firewall contains a DoS vulnerability in the SSHv1 service

Overview A vulnerability in the SSHv1 service of NetScreen firewalls could allow an attacker to cause a denial-of-service condition. Description Juniper Networks NetScreen firewall products include a Secure Shell version 1 SSHv1 implementation called Secure Command Shell SCS. The SSHv1 service...

7.1AI score
Exploits0References4
CERT
CERT
added 2004/04/30 12:0 a.m.18 views

libgcc contains multiple flaws that allow integer type range vulnerabilities to occur at runtime

Overview The libgcc runtime for the gcc and g++ compilers contain multiple flaws that can result in integer type range vulnerabilities in programs that are compiled using the -ftrapv option. Description Both gcc and g++ provide an -ftrapv compiler option that, according to the gcc man page,...

7.7AI score
Exploits0References4
CERT
CERT
added 2004/03/16 12:0 a.m.18 views

cPanel fails to verify input passed to the "user" parameter

Overview A remotely exploitable vulnerability in CPanel's password reset and login scripts may allow a remote attacker to gain control of the vulnerable system. Description Cpanel is an application that provides the ability to manage accounts and provides an interface to the end users of web...

7.5AI score
Exploits0References3
CERT
CERT
added 2004/03/04 12:0 a.m.18 views

Solaris conv_fix insecure file handling vulnerability

Overview A vulnerability in a program supplied with the Solaris printing system could allow a local attacker to gain elevated privileges on the system. Description The Solaris operating system from Sun Microsystems includes a number of supplemental programs to aid in configuration and maintenance...

6.9AI score
Exploits0References2
CERT
CERT
added 2004/01/22 12:0 a.m.18 views

Cisco IBM Director agent does not properly handle arbitrary TCP packets to port 14247/tcp

Overview Cisco IBM Director agent does not properly handle arbitrary TCP packets to port 14247/tcp. Description Cisco voice products e.g. CallManager, IP Interactive Voice Response, IP Call Center Express that run on IBM servers install IBM Director agent to provide administrative management. The...

6.9AI score
Exploits0References3
CERT
CERT
added 2004/01/22 12:0 a.m.18 views

NetScreen-Security Manager fails to encrypt communications with managed devices

Overview A vulnerability in the NetScreen-Security Manager software could expose sensitive information in cleartext over the network. Description NetScreen Technologies' NetScreen-Security Manager provides centralized management for control of device configuration, network settings and security...

6.6AI score
Exploits0References2
CERT
CERT
added 2004/01/15 12:0 a.m.18 views

PostgreSQL VACUUM command allows unprivileged user to remove database transaction log data

Overview The PostgreSQL VACUUM command contains a vulnerability that allows an unprivileged user to remove database transaction log data. This may result in unrecoverable data loss. Description PostgreSQL is a database management system. The PostgreSQL VACUUM command is used to clean out records...

6.9AI score
Exploits0References3
CERT
CERT
added 2004/01/14 12:0 a.m.18 views

Whale Communications e-Gap security appliance discloses source code via HTTP TRACE Method

Overview Whale communications e-Gap security appliance is a tool to provide a secure remote web access platform. A vulnerability exists that may permit a remote attacker to gain access to the source code of the login page. Description Whale communications e-Gap security appliance version 2.5...

7.2AI score
Exploits0References1
CERT
CERT
added 2003/12/23 12:0 a.m.18 views

Apple QuickTime/Darwin Streaming Server integer overflow in MP3Broadcaster utility

Overview Apple's QuickTime and Darwin Streaming Server DSS package includes a utility called MP3Broadcaster. This utility contains an integer overflow which may be exploited to cause a denial of service. Description Apple's QuickTime and Darwin Streaming Server is software which provides integrat...

7.7AI score
Exploits0References3
CERT
CERT
added 2003/10/30 12:0 a.m.18 views

Morpheus discloses username to remote users

Overview The usernames disclosed by the Morpheus peer-to-peer file sharing application do not present a security vulnerability. Description Morpheus is a peer-to-peer file sharing application that allows users to search for and download files from other Morpheus users. This product allegedly...

6.9AI score
Exploits0References3
CERT
CERT
added 2003/10/06 12:0 a.m.18 views

Microsoft Windows Media Player fails to properly launch URLs based on Dynamic HTML (DHTML) behaviors

Overview Microsoft Windows Media Player WMP permits the embedding of URLs into media files. When launching an embedded URL, a logic error in the WMP URL handling makes it possible to move from a less trusted domain zone into the local computer zone. This vulnerability permits an attacker to execu...

7.3AI score
Exploits0References3
CERT
CERT
added 2003/07/28 12:0 a.m.18 views

Oracle Database Server contains stack overflow in logging mechanism when supplied overly long library name

Overview There is a buffer overflow in several versions of Oracle Database. The impact of this vulnerability may include the execution of arbitrary code; the ability to read, modify, or delete information stored in underlying Oracle databases; and denial of service. Description A buffer overflow...

8.5AI score
Exploits0References4
CERT
CERT
added 2003/06/09 12:0 a.m.18 views

Linux kernel IP stack incorrectly calculates size of an ICMP citation for ICMP errors

Overview The Linux 2.0 kernel contains a vulnerability in the way it processes ICMP errors. This could lead to portions of memory being leaked to a malicious user. Description The Linux 2.0 kernel versions 2.0 through 2.0.39 inclusive contains an error in the calculation of the size for an ICMP...

6.6AI score
Exploits0References3
CERT
CERT
added 2003/04/17 12:0 a.m.18 views

RealNetworks Helix Universal Server vulnerable to buffer overflow when supplied an overly long string for the "Describe" field

Overview The RealNetworks' Helix Universal Server supports delivery of several different media types over the Internet via RTSP Real Time Streaming Protocol. Vulnerabilities have been discovered in the way it handles some RTSP requests. These vulnerabilities could allow a remote attacker to execu...

8.1AI score
Exploits0References4
CERT
CERT
added 2003/03/26 12:0 a.m.18 views

BEA WebLogic Server fails to discard cached authentication information when web applications are updated

Overview The BEA WebLogic server contains a vulnerability that may allow authenticated users to bypass authentication for a given web application when the application has been updated. Description The BEA WebLogic Server provides a feature that allows it to store user authentication information f...

6.8AI score
Exploits0References2
CERT
CERT
added 2003/02/21 12:0 a.m.18 views

Lotus Domino Web Server vulnerable to denial of service via incomplete POST request

Overview Lotus Domino Web Server is an application that provides access to Lotus Notes databases via HTTP requests. A vulnerability exists that could permit a remote attacker to cause a denial-of-service situation for HTTP requests. Description Lotus Domino Web Server contains a vulnerability in...

6.7AI score
Exploits0References5
CERT
CERT
added 2002/12/09 12:0 a.m.18 views

University of Washington IMAP Server vulnerable to buffer overflow after login

Overview A buffer overflow vulnerability exists in versions of the University of Washington IMAP Server up to and including the imap-2002 release. This vulnerability may allow an authenticated attacker to execute arbitrary code on the mail server with the privileges of the UID of the user running...

8.2AI score
Exploits0References3
CERT
CERT
added 2002/10/29 12:0 a.m.18 views

Netegrity SiteMinder does not adequately validate user input thereby allowing user to bypass filters via crafted URL

Overview Netegrity SiteMinder does adequately vaildate HTTP requests containing malicious Unicode encodings. Description Netegrity SiteMinder is a platform for securing multiple web applications through a single point of user authentication. SiteMinder does not properly filter HTTP requests when...

6.9AI score
Exploits0References1
Total number of security vulnerabilities3702