Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
•added 2002/02/04 12:0 a.m.•16 views

Kerberos Telnet protocol does not adequately protect authentication and encryption options

Overview A vulnerability exists in the Telnet Authentication Option and Telnet Data Encryption Option specifications. An ordered list of authentication and encryption options sent from the server to client during negotiation is not cryptographically protected. As a result, an attacker may be able...

7AI score
Exploits0References10
CERT
CERT
•added 2002/01/14 12:0 a.m.•16 views

Cisco SN 5420 Storage Router vulnerable to DoS via fragmented packet sent over Gigabit interface

Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a fragmented packet over the Gigabit interface. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending a fragmented packe...

7.1AI score
Exploits0References2
CERT
CERT
•added 2002/01/14 12:0 a.m.•16 views

Cisco SN 5420 Storage Router vulnerable to DoS via HTTP request containing long headers

Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a HTTP request with a large header. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending an HTTP request with a huge...

7.1AI score
Exploits0References2
CERT
CERT
•added 2001/08/16 12:0 a.m.•16 views

Standard HTML form implementation allows access to IMAP, SMTP, NNTP, POP3, and other services via crafted HTML page

Overview An intruder can send certain kinds of data to services that he is not ordinarily able to reach. By crafting the data such that it is redirected through any program the victim uses to render the malicious HTML, the intruder is able send that data to any services that the victim can send...

6.3AI score
Exploits0References9
CERT
CERT
•added 2001/07/27 12:0 a.m.•16 views

Lotus Domino Server R5 vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Lotus Domino R5 Servers are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from untrustworthy sources. This can be a problem...

6AI score
Exploits0References5
CERT
CERT
•added 2001/07/12 12:0 a.m.•16 views

Lotus Domino vulnerable to a denial of service via DOS device request

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial-of-service situation on the Windows and OS/2 Platforms. Description With the Lotus Domino Web Server, you can access DOS-devices. If this is done through the cgi-bin directory, a ncgihttp.exe process wi...

7AI score
Exploits0References3
CERT
CERT
•added 2001/06/13 12:0 a.m.•16 views

AT&T WinVNC client authentication process vulnerable to man-in-the-middle attack

Overview WinVNC's challenge/response mechanism can allow an intruder to obtain legitimate credentials from a valid client in order to gain unauthorized access to the server. Description AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be...

7.2AI score
Exploits0References4
CERT
CERT
•added 2001/04/10 12:0 a.m.•16 views

Multiple ftpd implementations contain buffer overflows

Overview A variety of ftp servers incorrectly manage buffers in a way that can lead to remote intruders executing arbitrary code on the FTP server. The incorrect management of buffers centers around the return from the glob function, and may be confused with a related denial-of-service problem...

8.3AI score
Exploits0References4
CERT
CERT
•added 2001/04/10 12:0 a.m.•16 views

Alcatel ADSL modems grant unauthenticated TFTP access via Bounce Attacks

Overview The San Diego Supercomputer Center SDSC has recently discovered several vulnerabilities in the Alcatel Speed Touch line of Asymmetric Digital Subscriber Line ADSL modems. These vulnerabilities are the result of weak authentication and access control policies and result in one or more of...

8.1AI score
Exploits0References2
CERT
CERT
•added 2026/03/30 12:0 a.m.•15 views

CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read

Overview Four vulnerabilities have been identified in CrewAI, including remote code execution RCE, arbitrary local file read, and server-side request forgery SSRF. CVE-2026-2275 is directly caused by the Code Interpreter Tool. The other three vulnerabilities result from improper default...

9.8CVSS6.7AI score0.00694EPSS
Exploits0References1
CERT
CERT
•added 2026/01/15 12:0 a.m.•15 views

Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro

Overview Redmi Buds, a series of Bluetooth earbuds produced and sold by Xiaomi, contain an Information Leak vulnerability and a Denial of Service DoS vulnerability in versions 3 Pro through 6 Pro. An attacker within Bluetooth radio range can send specially crafted RFCOMM protocol interactions to...

9.6AI score
Exploits1References1
CERT
CERT
•added 2024/07/09 12:0 a.m.•15 views

Use-after-free vulnerability in lighttpd version 1.4.50 and earlier

Overview A use-after-free vulnerability in lighttpd in versions 1.4.50 and earlier permits a remote, unauthenticated attacker to trigger lighttpd to read from invalid pointers in memory. The attacker can use crafted HTTP Requests to crash the web server and/or leak memory in order to access...

5.3CVSS5.8AI score0.00662EPSS
Exploits0References5
CERT
CERT
•added 2023/08/28 12:0 a.m.•15 views

Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems. Description Every five hours t...

7CVSS7AI score0.00347EPSS
Exploits1
CERT
CERT
•added 2016/01/05 12:0 a.m.•15 views

Comcast XFINITY Home Security fails to properly handle wireless communications disruption

Overview Comcast XFINITY Home Security does not fail securely, which may be leveraged to avoid triggering alarm events. Description CWE-636: Not Failing Securely 'Failing Open'Comcast XFINITY Home Security system components use the ZigBee communication protocol over a 2.4 GHz radio frequency band...

7.1AI score
Exploits0References4
CERT
CERT
•added 2013/05/15 12:0 a.m.•15 views

Mutiny Appliance contains multiple directory traversal vulnerabilities

Overview Mutiny appliance contains multiple directory traversal CWE-22 vulnerabilities. Description The Mutiny appliance commands for UPLOAD, DELETE, CUT and COPY are all vulnerable to directory traversal attacks. Additional details may be found in the Rapid7 blog post entitled, "New 1day Exploit...

8.5CVSS6.4AI score0.40338EPSS
Exploits8References2
CERT
CERT
•added 2012/12/17 12:0 a.m.•15 views

Adobe Shockwave player provides vulnerable Flash runtime

Overview Adobe Shockwave Player 12.1.1.151 and earlier versions on the Windows and Macintosh operating systems provide a vulnerable version of the Flash runtime. Description Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe Director...

7.4AI score
Exploits0References2
CERT
CERT
•added 2012/03/08 12:0 a.m.•15 views

AjaXplorer contains multiple vulnerabilities

Overview AjaXplorer 4.0.3 and earlier versions contain a directory traversal vulnerability and a weak cookie authentication scheme. Description AjaXplorer contains a directory traversal vulnerability in the "Get Template" feature. The URL variables templatename and pluginName can be used to explo...

7.6AI score
Exploits0References2
CERT
CERT
•added 2011/02/23 12:0 a.m.•15 views

Mutare Software Enabled VoiceMail (EVM) system web interface cross-site request forgery vulnerabilities

Overview The Mutare Software Enabled VoiceMail EVM system web interface is susceptible to cross-site request forgery and cross-site scripting attacks. Description The Mutare Software Enabled VoiceMail EVM system web interface allows the user to change their Enabled VoiceMail EVM PIN, delete their...

6.6AI score
Exploits0
CERT
CERT
•added 2010/11/30 12:0 a.m.•15 views

PHP getSymbol vulnerability allows denial of service

Overview PHP fails to properly sanitize input passed to the getSymbol function in a way that could allow and attacker to cause a segmentation fault. Description PHP is a scripting language that is designed for web-based applications and can be embedded directly into HTML. The getSymbol function i...

7.1AI score
Exploits0References1
CERT
CERT
•added 2010/06/01 12:0 a.m.•15 views

Accoria Rock Web Server contains multiple vulnerabilities

Overview Accoria Web Server contains multiple vulnerabilities that collectively could allow an attacker to execute commands through the administration interface. Description The Accoria web server, also known as Rock Web Server, contains several cross-site scripting XSS and cross-site request...

6.8AI score
Exploits0References2
CERT
CERT
•added 2010/01/12 12:0 a.m.•15 views

Windows XP Macromedia Flash 6 ActiveX control use-after-free vulnerability

Overview The Macromedia Flash ActiveX control that is provided with Windows XP contains a memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows XP provides the Macromedia Flash ActiveX...

7.8AI score
Exploits0References6
CERT
CERT
•added 2009/03/13 12:0 a.m.•15 views

PTK contains multiple vulnerabilities

Overview The PTK sleuthkit interface contains multiple vulnerabilities. If exploited, these vulnerabilities may allow an attacker to gain elevated privileges or conduct XSS attacks. Description PTK is an interface to the sleuthkit forensic tools that uses Apache, PHP and MySQL. PTK versions 1.0.0...

7.5AI score
Exploits0References2
CERT
CERT
•added 2008/06/09 12:0 a.m.•15 views

Icon Labs SSH server vulnerabilities

Overview The Icon Labs Iconfidant SSH server contails multiple vulnerabilities. The most severe of these issues may allow an attacker to cause a vulnerable system to crash. Description The Iconfident SSH is a Secure Shell SSH server that runs on VxWorks-based systems. Versions of the Iconfident...

7.3AI score
Exploits0References2
CERT
CERT
•added 2007/05/29 12:0 a.m.•15 views

Zenturi ProgramChecker ActiveX buffer overflow vulnerabilities

Overview Zenturi ProgramChecker contains multiple ActiveX buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Zenturi ProgramChecker is a set of "... easy to use tools to analyze, validate, authenticate and research th...

7.9AI score
Exploits0References3
CERT
CERT
•added 2007/03/01 12:0 a.m.•15 views

Symantec Mail Security for SMTP arbitrary code execution vulnerability

Overview Symantec Mail Security for SMTP contains a vulnerability that may allow an attacker to execute arbitrary code, or create a denial of service condition. Description Symantec Mail Security for SMTP is an antispam, antivirus, and content filtering software package that scans email. Symantec...

7.9AI score
Exploits0References4
CERT
CERT
•added 2007/02/13 12:0 a.m.•15 views

Aruba Mobility Controller vulnerable to privilege escalation

Overview The Aruba Mobility Controller Management Interface contains a privilege escalation vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Aruba Mobility Controllers are used to process and control network traffic in...

8.4AI score
Exploits0References2
CERT
CERT
•added 2006/05/30 12:0 a.m.•15 views

Secure Elements Class 5 AVR client sends messages in cleartext

Overview The Secure Elements Class 5 AVR client sends messages in cleartext. This may allow an attacker to read traffic from an asset. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces security policies on...

6.9AI score
Exploits0References1
CERT
CERT
•added 2006/04/19 12:0 a.m.•15 views

Linksys RT31P2 VoIP router denial of service vulnerabilities

Overview The Linksys RT31P2 VoIP router contains several vulnerabilities that may allow a remote, unauthenticated attacker to cause a denial of service. Description The Linksys RT31P2 is a broadband router that includes Voice over Internet Protocol VoIP telephone functionality. The RT31P2 unit...

7.5AI score
Exploits0References2
CERT
CERT
•added 2005/10/14 12:0 a.m.•15 views

Microsoft BlnMgr Proxy (blnmgrps.dll) COM object fails to implement required methods

Overview The Microsoft BlnMgr Proxy COM object fails to implement the methods required by the IDispatch interface, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft COMMicrosoft COM is a technology that allows programmers to create reusable...

7.5AI score
Exploits0References4
CERT
CERT
•added 2005/08/31 12:0 a.m.•15 views

Reflection for Secure IT Windows Server 6.0 changed case sensitivity of allow and deny lists

Overview Reflection for Secure IT Windows Server version 6.0 uses different case-sensitivity in evaluating the allow and deny lists as previous versions, potentionally allowing unintended access. Description Reflection for Secure IT Windows Server version 6.0, an SSH server from WRQ formerly know...

6.8AI score
Exploits0References1
CERT
CERT
•added 2005/05/12 12:0 a.m.•15 views

phpBB contains an input validation vulnerability in "includes/bbcode.php"

Overview phpBB fails to sanitize user input, allowing the possible inclusion of active script content in user posts. Description phpBB is a widely used Open Source bulletin board package written in PHP.An input validation issue has been identified that allows a malicious phpBB user to include...

6.6AI score
Exploits0References4
CERT
CERT
•added 2004/12/17 12:0 a.m.•15 views

Microsoft Internet Explorer execCommand() method SaveAs command uses misleading "Save HTML Document" dialog

Overview Microsoft Internet Explorer contains a vulnerability in the way that it presents a Save As dialog. By invoking the SaveAs command with execCommand, an attacker could display a dialog that could trick a user into saving arbitrary content. Description Microsoft Internet Explorer IE support...

6.4AI score
Exploits0References7
CERT
CERT
•added 2004/12/10 12:0 a.m.•15 views

Remote Execute vulnerable to denial-of-service

Overview Remote Execute cannot handle more than seven connections simultaneously. If more than seven connections are attempted, Remote Execute will crash, resulting in a denial-of-service condition. Description Remote Execute is a network administration tool for the Windows platform that allows...

6.7AI score
Exploits0References2
CERT
CERT
•added 2004/10/20 12:0 a.m.•15 views

Symantec Firewall/VPN appliance vulnerable to DoS via UDP port scan

Overview A vulnerability in the Symantec Firewall/VPN appliance could allow an attacker to cause a denial-of-service condition. Description The Symantec Firewall/VPN appliance supports a number of services that utilize the UDP protocol including tftpd, snmpd, and isakmp. There is a vulnerability ...

6.9AI score
Exploits0References5
CERT
CERT
•added 2004/10/12 12:0 a.m.•15 views

Macromedia JRun Server is vulnerable to buffer overflow

Overview A buffer overflow vulnerability exists in the Macromedia JRun web server that may allow an attacker to cause a denial-of-service condition. Description JRun is an application server that works with most popular web servers, such as Apache and IIS. The JRun web server is vulnerable to a...

7.3AI score
Exploits0References3
CERT
CERT
•added 2004/10/12 12:0 a.m.•15 views

Macromedia JRun Server contains an information disclosure vulnerability

Overview An information disclosure vulnerability exists in the Macromedia JRun that may allow an attacker to view the source code of files in the web root directory. Description Macromedia JRun is an application server that works with most popular web servers such as Apache and IIS. Macromedia...

7AI score
Exploits0References3
CERT
CERT
•added 2004/09/03 12:0 a.m.•15 views

Sun Enterprise Storage Manager may allow an unprivileged local user to gain root access

Overview A vulnerability exists in Sun StorEdge Enterprise Storage Manager ESM that may allow unauthorized local users to gain root privileges. Description The Sun StorEdge Enterprise Storage Manager ESM version 2.1 for the Sun SPARC platform may allow non-root local users assigned the "EMSUser"...

6.9AI score
Exploits0References4
CERT
CERT
•added 2004/07/27 12:0 a.m.•15 views

Multiple Cisco ONS control cards fail to properly handle malformed IP packets

Overview A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Description Cisco's Optical Networking product line consists of a series of devices designed to offer high-bandwidth data...

7.3AI score
Exploits0References4
CERT
CERT
•added 2004/07/26 12:0 a.m.•15 views

Sun Solaris Volume Manager (SVM) fails to properly handle malformed probe requests

Overview There is a vulnerability in the Sun Solaris Volume Manager SVM that could allow a local user to cause a denial-of-service condition. Description The Sun Volume Manager is a component of the Solaris operating system and provides disk and storage management. There is a vulnerability in the...

6.6AI score
Exploits0References4
CERT
CERT
•added 2004/05/21 12:0 a.m.•15 views

Symantec Norton AntiVirus 2004 ActiveX control fails to properly validate input

Overview There is a vulnerability in an ActiveX control provided by Norton AntiVirus 2004 that could allow an attacker to execute arbitrary programs, launch a browser window containing an unauthorized URL, or cause a denial of service on a vulnerable system. Description Norton AntiVirus 2004 is a...

7.8AI score
Exploits0References4
CERT
CERT
•added 2004/04/12 12:0 a.m.•15 views

BEA WebLogic Server stores administrator password in clear text in config.xml

Overview BEA WebLogic Server stores the administrator password used to boot the server in clear text within the config.xml file. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and managing distributed...

6.9AI score
Exploits0References3
CERT
CERT
•added 2003/10/09 12:0 a.m.•15 views

Hummingbird CyberDOCS error page discloses web server installation path

Overview Hummingbird CyberDOCS contains a vulnerability that could allow a remote attacker to learn the installation path of the web server. This information could be used to support further attacks. Description Hummingbird CyberDOCS Hummingbird DM is a web-based enterprise document management...

7.3AI score
Exploits0References2
CERT
CERT
•added 2003/05/12 12:0 a.m.•15 views

Ethereal contains integer overflow in Mount dissector

Overview Ethereal is a network traffic analysis package. The mount packet dissector contains a vulnerability that may result in the execution of arbitrary code. Description The mount packet dissector for Ethereal contains an integer overflow vulnerability. According to the Ethereal Advisory,...

7.8AI score
Exploits0References1
CERT
CERT
•added 2003/03/06 12:0 a.m.•15 views

Automatic File Content Type Recognition Tool vulnerable to stack overflow

Overview A buffer overflow vulnerability exists in the "Automatic File Content Type Recognition Tool" versions of the file1 package prior to 3.41. Description The file1 package is used to examine files on the system. According to an OpenPKG advisory, a stack overflow vulnerability exists in the...

8.2AI score
Exploits0References1
CERT
CERT
•added 2002/09/27 12:0 a.m.•15 views

Shambala FTP Server does not adequately validate user input thereby allowing directory traversal

Overview Shambala FTP server has a directory traversal vulnerability in its handling of the CWD command. Description Shambala FTP server contains a directory traversal vulnerability in its handling of the CWD command. Attackers may exploit this vulnerability to read directories and files outside ...

6.8AI score
Exploits0References1
CERT
CERT
•added 2002/09/24 12:0 a.m.•15 views

Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method

Overview Microsoft Office Web Components OWC allows a malicious script on a web page to learn if a file exists on the client's filesystem. Description OWC allows viewing of Microsoft Office documents such as spreadsheets and charts to be viewed within an HTML document in Microsoft Internet Explor...

6.1AI score
Exploits0References2
CERT
CERT
•added 2002/09/18 12:0 a.m.•16 views

Mike Spice's Quiz Me! does not adequately validate user input

Overview Mike Spice's Quiz Me! does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Quiz Me! to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's Quiz Me! is a CGI script written in...

6.8AI score
Exploits0References3
CERT
CERT
•added 2002/09/13 12:0 a.m.•15 views

HP Tru64 UNIX "dtterm" contains buffer overflow (SSRT2280)

Overview The HP Tru64 UNIX implementation of "dtterm" contains a locally exploitable buffer overflow. Description From the HP Tru64 UNIX reference pages, the "dtterm" utility "provides runtime support of legacy applications written for terminals conforming to ANSI X3.64-1979 and ISO 6429:1992E,...

8.2AI score
Exploits0References1
CERT
CERT
•added 2002/09/10 12:0 a.m.•15 views

HP Tru64 UNIX "rdist" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "rdist" contains a locally exploitable buffer overflow. Description "rdist" allows a user to maintain identical copies of files on multiple hosts. A locally exploitable buffer overflow in "rdist" may permit a local attacker to gain elevated privileges...

8.2AI score
Exploits0References1
CERT
CERT
•added 2002/09/05 12:0 a.m.•15 views

HP Tru64 UNIX "lpc" contains buffer overflow (SSRT2260)

Overview The HP Tru64 UNIX implementation of "lpc" contains a locally exploitable buffer overflow. Description "lpc" is used to control the line printer system. A locally exploitable buffer overflow in "lpc" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.3AI score
Exploits0References1
Total number of security vulnerabilities3702