Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
added 2007/05/29 12:0 a.m.16 views

British Telecommunications Consumer webhelper ActiveX control buffer overflows

Overview The British Telecommunications Consumer webhelper ActiveX control contains multiple buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The registration process for British Telecommunications BT internet...

7.8AI score
Exploits0References2
CERT
CERT
added 2007/05/18 12:0 a.m.16 views

OPeNDAP arbitrary command execution vulnerability

Overview The BES daemon in OPeNDAP server version 4 contains a vulnerability. This vulnerability may allow an attacker to execute arbitrary commands, or upload files to a remote server. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in...

7.7AI score
Exploits0References4
CERT
CERT
added 2007/03/28 12:0 a.m.16 views

IBM Lotus Domino LDAP server DN message heap buffer overflow

Overview The IBM Lotus Domino LDAP server is vulnerable to a heap buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description IBM Lotus Domino server software provides email, calendar, scheduling, and collaboration...

8.3AI score
Exploits0References2
CERT
CERT
added 2007/01/24 12:0 a.m.16 views

Cisco IOS fails to properly process certain packets containing a crafted IP option

Overview Cisco IOS software contains a vulnerablity that may allow an attacker to execute arbitrary code or create a denial of service condition. Description Cisco IOS is an operating system that is used on Cisco network devices. The Internet Control Message Protocol ICMP is a protocol commonly...

8.3AI score
Exploits0References12
CERT
CERT
added 2006/11/20 12:0 a.m.16 views

NetGear wireless driver fails to properly process certain 802.11 management frames

Overview A buffer overflow vulnerability exists in the Netgear MA521nd5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The MA521nd5.SYS driver is a wireless 802.11b device driv...

10CVSS7.5AI score0.18755EPSS
Exploits1References2
CERT
CERT
added 2006/11/17 12:0 a.m.16 views

NetGear wireless driver fails to properly process certain 802.11 management frames

Overview A buffer overflow vulnerability has been reported in the Netgear WG111v2.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The WG111v2.SYS driver is a wireless 802.11...

8.2AI score
Exploits0References2
CERT
CERT
added 2006/10/19 12:0 a.m.16 views

Oracle PREPARE_UNBOUNDED_VIEW procedure vulnerable to PL/SQL injection

Overview The Oracle PREPAREUNBOUNDEDVIEW procedure is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle PREPAREUNBOUNDEDVIEW procedure fails to properly...

8AI score
Exploits0References4
CERT
CERT
added 2006/09/20 12:0 a.m.16 views

Mozilla products fail to properly handle JavaScript regular expressions

Overview Mozilla products fail to properly handle certain JavaScript regular expressions. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description According to Mozilla Foundation Security Advisory 2006-57: ...a...

7.7AI score
Exploits0References2
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR client generates predictable CEIDs

Overview The Secure Elements Class 5 AVR client generates predictable CEIDs. This may allow an attacker to guess the unique identifier of a protected asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces...

7.1AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session

Overview Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session. This may allow an attacker to discover some information about encrypted messages. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...

7AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR server fails to properly validate peer certificate when downloading updates

Overview The Secure Elements Class 5 AVR server fails to properly validate the peer certificate when downloading updates. This may allow a remote attacker to distribute malicious updates to the clients. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...

7.2AI score
Exploits0References1
CERT
CERT
added 2006/05/30 12:0 a.m.16 views

Secure Elements Class 5 AVR server fails to properly enforce access controls on console operations

Overview The Secure Elements Class 5 AVR server fails to properly enforce access controls on console operations. This may allow a remote attacker to gain unauthorized administrative access to a server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a...

7.8AI score
Exploits0References1
CERT
CERT
added 2006/04/20 12:0 a.m.16 views

Oracle DBMS_REPUTIL package vulnerable to SQL injection

Overview An SQL injection vulnerability in the Oracle DBMSREPUTIL package may allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle DBMSREPUTIL package contains a SQL injection vulnerability.The details of this vulnerability are not clea...

8.2AI score
Exploits0References2
CERT
CERT
added 2006/01/18 12:0 a.m.16 views

Oracle products contain multiple vulnerabilities

Overview Multiple vulnerabilities exist in numerous Oracle products. The severity and impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the disclosure of sensitive information, and denial-of-service conditions. Description Multiple vulnerabilities exi...

7.3AI score
Exploits0References1
CERT
CERT
added 2005/12/07 12:0 a.m.16 views

MediaWiki fails to properly verify input passed to the user language option

Overview A vulnerability in some versions of MediaWiki may allow a remote attacker to execute code on a vulnerable wiki server. Description MediaWiki is a PHP-based software package that is used to run a wiki, a collaborative website that can be edited by any user or visitor. Some versions of the...

7.5AI score
Exploits0References1
CERT
CERT
added 2005/10/21 12:0 a.m.16 views

Oracle Human Resource Management System vulnerability

Overview An unspecified vulnerability in the Oracle Human Resource Management System HRMS may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description According to Oracle:The Oracle E-Business Suite Human Resources Management family of applications...

6.7AI score
Exploits0References3
CERT
CERT
added 2005/10/21 12:0 a.m.16 views

Oracle E-Business Suite Applications Technology Stack vulnerability

Overview An unspecified vulnerability in the Oracle Applications Technology Stack may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle Applications Technology Stack is a collection of Oracle products bundled with the Oracle E-Business...

6.6AI score
Exploits0References3
CERT
CERT
added 2005/06/21 12:0 a.m.16 views

paFileDB fails to properly sanitize "query" parameter in "pafiledb.php"

Overview paFileDB works around the default "off" state for the "registerglobals" security directive in PHP and then fails to initialize the "query" variable, which can be used to inject arbitrary SQL queries. Description "paFileDB is designed to allow webmasters have a database of files for...

7.9AI score
Exploits0References2
CERT
CERT
added 2005/05/19 12:0 a.m.16 views

Groove Mobile Workspace vulnerable to script injection via SharePoint replicated menus

Overview A vulnerability in the way that Groove Mobile Workspace handles SharePoint lists may allow an attacker to execute an arbitrary script. Description Groove Virtual Office provides a collaborative working environment that includes shared documents, databases, and applications among other...

7.2AI score
Exploits0References5
CERT
CERT
added 2005/02/01 12:0 a.m.16 views

QNX PPPoEd vulnerable to buffer overflow

Overview QNX PPPoEd contains a buffer overflow that may allow an attacker to execute arbitrary commands. Description QNX is an RTOS Real-time Operating System. QNX is used in many different devices and industries, including, but not limited to routers manufacturing and processing medical equipmen...

8.3AI score
Exploits0References3
CERT
CERT
added 2004/11/03 12:0 a.m.16 views

MailPost vulnerable file system information disclosure via HTTP GET request

Overview A vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions that may permit a remote attacker to verify the existance of files anywhere on the local system. Description According to the ProCheckUp report, MailPost contains a vulnerability that may permi...

6.7AI score
Exploits0References1
CERT
CERT
added 2004/09/17 12:0 a.m.16 views

Mozilla allows signed scripts calling "enablePrivilege" to change contents of a "grant" dialog

Overview A vulnerability in the way Mozilla and its derived programs display dialogs in some circumstances could allow a remote attacker to install and run software on a vulnerable system. Description The Mozilla web browser and related Mozilla products support the ability to run signed scripts...

6.9AI score
Exploits0References4
CERT
CERT
added 2004/09/17 12:0 a.m.16 views

Mozilla Linux installer does not properly set file permissions

Overview Mozilla's Linux installers may not properly set file permissions on the installed program files. A local user may then be able to modify or replace these files with malicious versions. Description Some versions of Mozilla's Linux installer may create installation and program files with...

6.5AI score
Exploits0References6
CERT
CERT
added 2004/03/24 12:0 a.m.16 views

Ethereal crashes when processing malformed RADIUS packets

Overview Ethereal contains a vulnerability in the way it processes Remote Authentication Dial In User Service RADIUS packets. Description Ethereal is a network traffic analysis package. It includes the ability to decode packets containing RADIUS data. There is a vulnerability that causes Ethereal...

7AI score
Exploits0References3
CERT
CERT
added 2004/02/05 12:0 a.m.16 views

GNU Radius accounting service fails to properly handle exceptional Acct-Status-Type and Acct-Session-Id attributes

Overview The GNU Radius accounting service fails to properly handle packets with exceptional Acct-Status-Type and Acct-Session-Id attributes. Description GNU Radius is a software package used for remote user authentication and accounting. There is a vulnerability in the way the radprintrequest...

7.1AI score
Exploits0References6
CERT
CERT
added 2003/10/30 12:0 a.m.16 views

KaZaA Media Desktop discloses username to remote users

Overview The usernames disclosed by the KaZaA Media Desktop peer-to-peer file sharing application do not present a security vulnerability. Description The KaZaA Media Desktop is a peer-to-peer file sharing application that allows users to search for and download files from other KaZaA users. This...

6.9AI score
Exploits0References3
CERT
CERT
added 2003/10/30 12:0 a.m.16 views

Avaya Argent Office uses weak SNMP authentication mechanism

Overview The Avaya Argent Office does not properly enforce SNMP community string values, resulting in a weakened access control mechanism. Description The Avaya Argent Office does not properly enforce SNMP community string values. It will accept a null string i.e. as a valid community string and...

6.8AI score
Exploits0
CERT
CERT
added 2003/10/06 12:0 a.m.16 views

Microsoft Internet Explorer fails to properly handle Dynamic HTML (DHTML) behaviors in restricted zones

Overview Microsoft Internet Explorer contains a logic error in the way that it handles DHTML. This error makes it possible to move content from the less trusted Restricted zone into the Internet zone. This vulnerability permits an attacker to execute arbitrary code in the context of the Internet...

7AI score
Exploits0References2
CERT
CERT
added 2003/02/18 12:0 a.m.16 views

Oracle9i Database contains remotely exploitable buffer overflow in "TZ_OFFSET" function

Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow vulnerability...

8.1AI score
Exploits0References3
CERT
CERT
added 2002/10/08 12:0 a.m.16 views

Multiple vendors' firewalls do not adequately keep state of FTP traffic

Overview Firewalls and other systems that inspect FTP application layer traffic may not adequately maintain the state of FTP commands and responses. As a result, an attacker could establish arbitrary TCP connections to FTP servers or clients located behind a vulnerable firewall. Description Many...

6.7AI score
Exploits0References4
CERT
CERT
added 2002/09/27 12:0 a.m.16 views

Sun Solaris asppls(1M) vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview Sun Solaris asppls1M creates temporary files insecurely, leading to possible local root compromise. Description Sun Microsystems describes the function of asppls1M as follows:aspppd is the link manager for the asynchronous data link protocol specified in RFC1331, The Point-to-Point...

6.7AI score
Exploits0References1
CERT
CERT
added 2002/09/16 12:0 a.m.16 views

IBM AIX vulnerable to buffer overflow in RCP

Overview IBM AIX contains a buffer-overflow vulnerability that may allow remote attackers to gain root privileges. Description Some versions of IBM AIX used unbounded string operators. This problem was corrected in AIXV4 by changing the unbounded operators to their bounded equivalents. --- Impact...

7.9AI score
Exploits0References1
CERT
CERT
added 2002/09/14 12:0 a.m.16 views

Jakarta Tomcat serves JSP source code when supplied malformed HTTP request

Overview Tomcat does not adequately validate HTTP requests and may reveal JSP source code if supplied a malformed HTTP request. Description JavaServer Pages JSP is a technology that allows for the creation of dynamic web content. The Apache Jakarta Project implementation of JSP is known as Tomcat...

7.1AI score
Exploits0References1
CERT
CERT
added 2002/06/11 12:0 a.m.16 views

AOL Instant Messenger vulnerable to denial-of-service attack via buddy list transfers

Overview America Online's Instant Messenger AIM contains a remotely exploitable buffer overflow vulnerability. Description AOL Instant Messenger is a program for communicating with other users over the Internet and is widely used. During a buddy list transfer, a buffer overflow may occur. It has...

7.5AI score
Exploits0References1
CERT
CERT
added 2002/02/27 12:0 a.m.16 views

Oracle 9iAS default configuration allows access to "globals.jsa" file

Overview Oracle Database Server version 9iAS allows remote users to view the "globals.jsa" file used by Java Server Page JSP scripts. The "globals.jsa" file may contain Oracle usernames, passwords, and other configuration information not intended for public viewing, and attackers may use that...

6.6AI score
Exploits0References3
CERT
CERT
added 2002/02/04 12:0 a.m.16 views

Kerberos Telnet protocol does not adequately protect authentication and encryption options

Overview A vulnerability exists in the Telnet Authentication Option and Telnet Data Encryption Option specifications. An ordered list of authentication and encryption options sent from the server to client during negotiation is not cryptographically protected. As a result, an attacker may be able...

7AI score
Exploits0References10
CERT
CERT
added 2002/01/14 12:0 a.m.16 views

Cisco SN 5420 Storage Router vulnerable to DoS via fragmented packet sent over Gigabit interface

Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a fragmented packet over the Gigabit interface. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending a fragmented packe...

7.1AI score
Exploits0References2
CERT
CERT
added 2002/01/14 12:0 a.m.16 views

Cisco SN 5420 Storage Router vulnerable to DoS via HTTP request containing long headers

Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a HTTP request with a large header. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending an HTTP request with a huge...

7.1AI score
Exploits0References2
CERT
CERT
added 2002/01/08 12:0 a.m.16 views

iPlanet Web Server Enterprise Edition and Netscape Enterprise Server Web Publisher command exposes server to brute force attack

Overview A vulnerability exists in iPlanet Web Server Enterprise Edition and Netscape Enterprise Server that allows an attacker to make repeated authentication attempts if a server is configured to use HTTP basic authentication. While the risk is not greater than any other brute force attack usin...

7.5AI score
Exploits0References2
CERT
CERT
added 2001/08/16 12:0 a.m.16 views

Standard HTML form implementation allows access to IMAP, SMTP, NNTP, POP3, and other services via crafted HTML page

Overview An intruder can send certain kinds of data to services that he is not ordinarily able to reach. By crafting the data such that it is redirected through any program the victim uses to render the malicious HTML, the intruder is able send that data to any services that the victim can send...

6.3AI score
Exploits0References9
CERT
CERT
added 2001/07/27 12:0 a.m.16 views

Lotus Domino Server R5 vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Lotus Domino R5 Servers are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from untrustworthy sources. This can be a problem...

6AI score
Exploits0References5
CERT
CERT
added 2001/07/12 12:0 a.m.16 views

Lotus Domino vulnerable to a denial of service via DOS device request

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial-of-service situation on the Windows and OS/2 Platforms. Description With the Lotus Domino Web Server, you can access DOS-devices. If this is done through the cgi-bin directory, a ncgihttp.exe process wi...

7AI score
Exploits0References3
CERT
CERT
added 2001/06/13 12:0 a.m.16 views

AT&T WinVNC client authentication process vulnerable to man-in-the-middle attack

Overview WinVNC's challenge/response mechanism can allow an intruder to obtain legitimate credentials from a valid client in order to gain unauthorized access to the server. Description AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be...

7.2AI score
Exploits0References4
CERT
CERT
added 2001/04/10 12:0 a.m.16 views

Multiple ftpd implementations contain buffer overflows

Overview A variety of ftp servers incorrectly manage buffers in a way that can lead to remote intruders executing arbitrary code on the FTP server. The incorrect management of buffers centers around the return from the glob function, and may be confused with a related denial-of-service problem...

8.3AI score
Exploits0References4
CERT
CERT
added 2001/04/10 12:0 a.m.16 views

Alcatel ADSL modems grant unauthenticated TFTP access via Bounce Attacks

Overview The San Diego Supercomputer Center SDSC has recently discovered several vulnerabilities in the Alcatel Speed Touch line of Asymmetric Digital Subscriber Line ADSL modems. These vulnerabilities are the result of weak authentication and access control policies and result in one or more of...

8.1AI score
Exploits0References2
CERT
CERT
added 2026/03/30 12:0 a.m.15 views

CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read

Overview Four vulnerabilities have been identified in CrewAI, including remote code execution RCE, arbitrary local file read, and server-side request forgery SSRF. CVE-2026-2275 is directly caused by the Code Interpreter Tool. The other three vulnerabilities result from improper default...

9.8CVSS6.7AI score0.00694EPSS
Exploits0References1
CERT
CERT
added 2026/01/15 12:0 a.m.15 views

Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro

Overview Redmi Buds, a series of Bluetooth earbuds produced and sold by Xiaomi, contain an Information Leak vulnerability and a Denial of Service DoS vulnerability in versions 3 Pro through 6 Pro. An attacker within Bluetooth radio range can send specially crafted RFCOMM protocol interactions to...

9.6AI score
Exploits1References1
CERT
CERT
added 2024/07/09 12:0 a.m.15 views

Use-after-free vulnerability in lighttpd version 1.4.50 and earlier

Overview A use-after-free vulnerability in lighttpd in versions 1.4.50 and earlier permits a remote, unauthenticated attacker to trigger lighttpd to read from invalid pointers in memory. The attacker can use crafted HTTP Requests to crash the web server and/or leak memory in order to access...

5.3CVSS5.8AI score0.00662EPSS
Exploits0References5
CERT
CERT
added 2023/08/28 12:0 a.m.15 views

Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems. Description Every five hours t...

7CVSS7AI score0.00347EPSS
Exploits1
CERT
CERT
added 2016/01/05 12:0 a.m.15 views

Comcast XFINITY Home Security fails to properly handle wireless communications disruption

Overview Comcast XFINITY Home Security does not fail securely, which may be leveraged to avoid triggering alarm events. Description CWE-636: Not Failing Securely 'Failing Open'Comcast XFINITY Home Security system components use the ZigBee communication protocol over a 2.4 GHz radio frequency band...

7.1AI score
Exploits0References4
Total number of security vulnerabilities3702