Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
•added 2002/09/10 12:0 a.m.•14 views

HP Tru64 UNIX "rdist" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "rdist" contains a locally exploitable buffer overflow. Description "rdist" allows a user to maintain identical copies of files on multiple hosts. A locally exploitable buffer overflow in "rdist" may permit a local attacker to gain elevated privileges...

8.2AI score
Exploits0References1
CERT
CERT
•added 2002/09/10 12:0 a.m.•14 views

HP Tru64 UNIX "uux" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "uux" contains a locally exploitable buffer overflow. Description "uux" is used to run a command on a remote system. A locally exploitable buffer overflow in "uux" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.5AI score
Exploits0References1
CERT
CERT
•added 2002/09/05 12:0 a.m.•14 views

HP Tru64 UNIX "lpc" contains buffer overflow (SSRT2260)

Overview The HP Tru64 UNIX implementation of "lpc" contains a locally exploitable buffer overflow. Description "lpc" is used to control the line printer system. A locally exploitable buffer overflow in "lpc" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.3AI score
Exploits0References1
CERT
CERT
•added 2002/05/16 12:0 a.m.•14 views

Computer Associates MLink "mclear" command vulnerable to buffer overflow via long string of characters

Overview A locally exploitable buffer overflow exists in mclear. Description CA-MLINK is a managed data transport service. For more information about CA-MLINK, please see the product brochure. Based on a public report, it appears there is a locally exploitable buffer overflow in the mclear comman...

8.1AI score
Exploits0References1
CERT
CERT
•added 2002/02/27 12:0 a.m.•14 views

Oracle 9iAS creates temporary files when processing JSP requests that are world-readable

Overview Oracle Database Server version 9iAS makes JSP source code publicly available. The source code may be used by attackers to analyze proprietary business logic or uncover Oracle's network configuration, usernames, and/or passwords. Description When Oracle receives a request for JSP file, it...

6.7AI score
Exploits0References4
CERT
CERT
•added 2002/02/27 12:0 a.m.•14 views

Multiple Oracle 9iAS sample pages contain vulnerabilities

Overview Oracle Application Server version 9iAS installs with sample pages that demonstrate various functions of the software. Many of these pages can be used by attackers to breach the security of the system. Description A fresh installation of Oracle Application Server version 9iAS and possibly...

6.7AI score
Exploits0References2
CERT
CERT
•added 2002/02/09 12:0 a.m.•14 views

Adobe PhotoDeluxe does not adequately restrict Java execution

Overview A vulnerability exists in Adobe PhotoDeluxe that allows a malicious web page or HTML email message viewed with Microsoft Internet Explorer to obtain directory listings or potentially download and execute arbitrary code on the local system. Description Adobe PhotoDeluxe is an image...

7AI score
Exploits0References5
CERT
CERT
•added 2002/01/14 12:0 a.m.•14 views

AOL Instant Messenger vulnerable to DoS via crafted WAV file

Overview AOL Instant Messenger AIM is an application that allows one peer to communicate with another. A vulnerability exists that can crash the client of a victim. Description AIM allows users to send audio files to one another. By sending a corrupt WAV formatted file, an attacker can cause the...

6.7AI score
Exploits0References1
CERT
CERT
•added 2001/11/15 12:0 a.m.•14 views

Windows NT SNMP agent leaks memory

Overview The Microsoft SNMP agent, prior to Windows NT 4.0 Service Pack 4.0, will leak memory. Description Microsoft's SNMP agent, snmp.exe, priot to Windows NT 4.0 Service Pack 4.0, will leak memory if the OID cannot be decoded. Quoting from Microsoft KB article Q178381, If SNMP cannot decode an...

6.8AI score
Exploits0References1
CERT
CERT
•added 2001/09/26 12:0 a.m.•14 views

IBM AIX portmir vulnerable to buffer overflow via echo_error

Overview There is a buffer overflow in the IBM AIX portmir command that may allow local users to gain root privileges. Description There is a buffer overflow in the echoerror routine of the IBM AIX portmir command. An attacker may be able to corrupt lock files in the "/etc/locks" directory. ---...

7.4AI score
Exploits0References2
CERT
CERT
•added 2001/08/27 12:0 a.m.•14 views

Cayman gateways ship with null administrative and user level passwords

Overview Cayman gateways ship without a default password on the admin and user accounts. As long as the gateway is not addressable via the WAN, this can only be accessed and set by anyone on the LAN side. With admin access, the gateway settings can be configured by an intruder. Description Cayman...

7.8AI score
Exploits0References1
CERT
CERT
•added 2001/07/27 12:0 a.m.•14 views

SCO UnixWare bnuconvert contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in bnuconvert, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sendin...

8.3AI score
Exploits0References3
CERT
CERT
•added 2001/07/12 12:0 a.m.•14 views

Lotus Domino vulnerable to DoS via large crafted URL request

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Description HTTP requests to TCP port 80 consisting of multiple /'s, approximately 8k worth, will result in the consumption of the CPU 99-100%. Typically, 8k of the character "a" results in...

7AI score
Exploits0References4
CERT
CERT
•added 2026/06/02 12:0 a.m.•13 views

Appsmiths SQL Query autocomplete renderer contains a cross site scripting vulnerability

Overview A stored cross-site scripting XSS vulnerability has been discovered in Appsmith, specifically in the CodeMirror based SQL query editor’s autocomplete renderer. CVE-2026-7299 has been assigned to track the vulnerability. An attacker with developer level access to a shared PostgreSQL...

6.3CVSS6.2AI score0.00341EPSS
Exploits2References5
CERT
CERT
•added 2026/05/28 12:0 a.m.•13 views

Casdoor contains multiple authentication bypass and access management vulnerabilities

Overview Casdoor versions 2.362.0 and earlier contain several identity and access management vulnerabilities that enable broad authentication bypass and privilege escalation. These flaws relate to Casdoor’s Security Assertion Markup Language SAML processing, account binding, and token exchange...

9.8CVSS5.9AI score0.0042EPSS
Exploits0
CERT
CERT
•added 2026/04/23 12:0 a.m.•13 views

Unauthenticated configuration modification vulnerability in Central Office Services - Content Hosting Component

Overview A security flaw exists in the configuration management endpoint of the DRC INSIGHT software, allowing an unauthenticated user with access to the same network as the server to modify the server’s configuration file. This could enable data exfiltration, traffic redirection, or service...

7.5CVSS5.7AI score0.00329EPSS
Exploits0References1
CERT
CERT
•added 2026/01/20 12:0 a.m.•13 views

Libheif uncompressed codec lacks bounds check leading to application crash

Overview An out-of-bounds memory access vulnerability exists in the uncompressed decoder component of libheif. A maliciously crafted HEIF image can trigger a denial-of-service condition by causing the libheif library to crash or exhibit other unexpected behavior due to an out-of-bounds memory...

6.3AI score
Exploits0References3
CERT
CERT
•added 2025/11/24 12:0 a.m.•13 views

Lack of Sufficient Guardrails Lead to Excessive Agency (LLM08) in Some LLM Applications

Overview Retell AI's API creates AI voice agents that have excessive permissions and functionality, as a result of insufficient amounts of guardrails. As a result, attackers can exploit this and conduct large scale social engineering, phishing, and misinformation campaigns. Description Retell AI...

6.4AI score
Exploits0References3
CERT
CERT
•added 2025/08/19 12:0 a.m.•13 views

Workhorse Software Services, Inc. software prior to version 1.9.4.48019, default deployment is vulnerable to multiple issues.

Overview Workhorse Software Services, Inc municipal accounting software prior to version 1.9.4.48019 contains design flaws that could allow unauthorized access to sensitive data and facilitate data exfiltration. Specifically, database connection information is stored in plaintext alongside the...

7.4AI score
Exploits0
CERT
CERT
•added 2025/06/10 12:0 a.m.•13 views

A vulnerability in Insyde H2O UEFI application allows for digital certificate injection via NVRAM variable

Overview A vulnerability in an Insyde H2O UEFI firmware application allows digital certificate injection through an unprotected NVRAM variable. This issue arises from the unsafe use of an NVRAM variable, which is used as trusted storage for a digital certificate in the trust validation chain. An...

7.8CVSS9.3AI score0.00404EPSS
Exploits0References9
CERT
CERT
•added 2024/07/09 12:0 a.m.•13 views

Use-after-free vulnerability in lighttpd version 1.4.50 and earlier

Overview A use-after-free vulnerability in lighttpd in versions 1.4.50 and earlier permits a remote, unauthenticated attacker to trigger lighttpd to read from invalid pointers in memory. The attacker can use crafted HTTP Requests to crash the web server and/or leak memory in order to access...

5.3CVSS5.8AI score0.00662EPSS
Exploits0References5
CERT
CERT
•added 2023/08/28 12:0 a.m.•13 views

Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems. Description Every five hours t...

7CVSS7AI score0.00347EPSS
Exploits1
CERT
CERT
•added 2023/07/27 12:0 a.m.•13 views

Software driver for D-Link Wi-Fi USB Adapter vulnerable to service path privilege escalation

Overview The software driver for D-Link DWA-117 AC600 MU-MIMO Wi-Fi USB Adapter contains a unquoted service path privilege escalation vulnerability. In certain conditions, this flaw can lead to a local privilege escalation. Description D-Link DWA-117 AC600 MU-MIMO is a Wi-Fi USB Adapter that...

7.5AI score
Exploits0
CERT
CERT
•added 2021/10/04 12:0 a.m.•13 views

Salesforce DX command line interface (CLI) does not adequately protect sfdxurl credentials

Overview The default security configuration in Salesforce allows an authenticated user with the Salesforce-CLI to create URL that will allow anyone, anywhere access to the Salesforce GUI with the same administrative credentials without a log trace of access or usage of the API. Description The...

6.4AI score
Exploits0References13
CERT
CERT
•added 2012/06/27 12:0 a.m.•13 views

Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests

Overview Simple Certificate Enrollment Protocol SCEP does not strongly authenticate certificate requests made by users or devices. Update March 19, 2025: Solution section has been updated. Description IETF Internet-Draft draft-nourse-scep-23 "...defines a protocol, Simple Certificate Enrollment...

7.2AI score
Exploits0References5
CERT
CERT
•added 2012/04/02 12:0 a.m.•13 views

TP-Link 8840T DSL router default remote management vulnerability

Overview The TP-Link 8840T DSL router's remote management feature is enabled by default. Description The TP-Link 8840T DSL router allows remote WAN internet users access to the administrator web interface of the device by default. --- Impact A remote unauthenticated attacker may be able to access...

7.1AI score
Exploits0
CERT
CERT
•added 2011/03/02 12:0 a.m.•13 views

Wireshark 6LoWPAN denial of service vulnerability

Overview Wireshark will crash on 32-bit systems while reading a malformed 6LoWPAN packet. Description Paul Makowski's report states:dissect6lowpaniphcin /epan/dissectors/packet-6lowpan.c trusts user supplied data when incrementing 'offset '. It is possible for the user to increment 'offset ' to a...

7.3AI score
Exploits0References4
CERT
CERT
•added 2008/07/18 12:0 a.m.•13 views

BlackBerry Attachment Service PDF distiller vulnerable to arbitrary code execution

Overview The PDF Distiller service that is provided with BlackBerry Enterprise Server contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The BlackBerry Attachment Service is a component of the BlackBerry...

7.9AI score
Exploits0References5
CERT
CERT
•added 2008/06/18 12:0 a.m.•13 views

Novell iPrint Client ActiveX control stack buffer overflows

Overview The Novell iPrint Client ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Novell iPrint is a software printing solution that allows for printing over the internet. On...

7.6AI score
Exploits0References5
CERT
CERT
•added 2008/03/28 12:0 a.m.•13 views

Nik Software Sharpener Pro vulnerable to privilege escalation

Overview The Nik Software Shapener Pro installs files with insecure permissions, which may allow a local attacker to elevate privileges. Description Nik Software Sharpener Pro is an Adobe Photoshop plug-in that provides image sharpening capabilities. The Nik Software Sharpener Pro installer sets...

6.7AI score
Exploits0References1
CERT
CERT
•added 2008/01/22 12:0 a.m.•13 views

Skype does not properly filter input from external websites

Overview The Skype client does not properly filter user-supplied input from websites that provide video content to Skype users. Description Skype is a peer-to-peer application that provides Voice over IP VoIP and Instant Messaging services. The Skype client is available for the Microsoft Windows,...

6.5AI score
Exploits0References7
CERT
CERT
•added 2008/01/02 12:0 a.m.•13 views

Flash authoring tools create Flash files that contain cross-site scripting vulnerabilities

Overview A number of authoring tools for Flash content may generate files that contain cross-site scripting vulnerabilities. Any site hosting Flash generated by an affected tool could be vulnerable to cross-site scripting. Description ActionScript is a scripting language based on ECMAScript also...

6.4AI score
Exploits0References9
CERT
CERT
•added 2007/08/09 12:0 a.m.•13 views

Cisco IOS fails to properly handle Next Hop Resolution Protocol packets

Overview Cisco IOS fails to properly handle Next Hop Resolution Protocol packets, which could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description Cisco IOS is an operating system that is used on Cisco network devices. Cisco IOS supports a...

8AI score
Exploits0References3
CERT
CERT
•added 2006/04/19 12:0 a.m.•13 views

Oracle Dictionary vulnerability

Overview An unspecified vulnerability in the Oracle Dictionary may allow a remote attacker to compromise system integrity and availability. Description Oracle Dictionary contains an unspecified vulnerability that, according to Oracle, can allow an attacker to easily compromise system integrity an...

6.4AI score
Exploits0References2
CERT
CERT
•added 2005/11/02 12:0 a.m.•13 views

Cisco IPS MC Malformed Configuration Download Vulnerability

Overview Cisco Management Center for IPS Sensors IPS MC contains a vulnerability that may cause some IPS signatures to become unintentionally disabled. Description Cisco IOS IPSCisco IOS IPS Intrusion Prevention System is a feature for Cisco IOS devices that provides in-line intrusion prevention...

6.9AI score
Exploits0References3
CERT
CERT
•added 2005/10/21 12:0 a.m.•13 views

Oracle E-Business Suite Applications Utilities vulnerability

Overview An unspecified vulnerability in the Oracle Applications Utilities may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle Applications Utilities is a component of the Oracle E-Business Suite. There is an vulnerability in the...

6.7AI score
Exploits0References3
CERT
CERT
•added 2005/07/13 12:0 a.m.•13 views

WebEOC uses a global shared key

Overview WebEOC installations may use the a common secret key to encrypt data. If an attacker can retrieve this key from one site, they will be able to decipher all data encoded with the key across all WebEOC installations. Description WebEOC is a web-based crisis information management applicati...

7AI score
Exploits0References2
CERT
CERT
•added 2005/01/24 12:0 a.m.•13 views

RealPlayer ActiveX control contains buffer overflow in "ShowPreferences"

Overview The RealPlayer ActiveX control contains a stack-based buffer overflow in the ShowPreferences method. This may permit a remote attacker to execute arbitrary code on the user's system. Description RealNetworks RealPlayer is a multimedia application that allows users to view local and remot...

8AI score
Exploits0References4
CERT
CERT
•added 2004/10/20 12:0 a.m.•13 views

Multiple Symantec security appliances fail to properly filter port 53/udp traffic

Overview A vulnerability exists in multiple Symantec security appliances that could allow a remote attacker to bypass the firewall using a source port of 53/udp. Description Symantec's Firewall/VPN appliances and Gateway Security models include a number of services such as tftpd, snmpd, and isakm...

7AI score
Exploits0References6
CERT
CERT
•added 2004/10/12 12:0 a.m.•13 views

Macromedia JRun Server insecurely generates and handles JSESSIONIDs

Overview A vulnerability exists in Macromedia JRun that may allow an attacker to gain access to an authenticated user's session. Description Macromedia JRun is an application server that works with most popular web servers such as Apache and IIS. Macromedia states that JRun is deployed at over...

7.1AI score
Exploits0References4
CERT
CERT
•added 2004/09/17 12:0 a.m.•13 views

Mozilla contains heap overflow in UTF8 conversion of hostname portion of URLs

Overview A vulnerability in the way Mozilla and its derived programs handle certain malformed URLs could allow a remote attacker to execute arbitrary code on a vulnerable system. Description A vulnerability exists in the way that some versions of the Mozilla and Firefox web browsers, and...

8.2AI score
Exploits0References2
CERT
CERT
•added 2004/09/17 12:0 a.m.•13 views

Multiple buffer overflows in Mozilla POP3 protocol handler

Overview There are multiple buffer overflow vulnerabilities in the Mozilla POP3 protocol handler that could allow a remote attacker to execute arbitrary code. Description Post Office Protocol Version 3 POP3 is a mail protocol that provides a means for retrieving email from a remote server. The...

8.2AI score
Exploits0References5
CERT
CERT
•added 2004/09/01 12:0 a.m.•13 views

Oracle Application Server contains several vulnerabilities

Overview Several vulnerabilities exist in the Portal and iSQLPlus components of the Oracle Application Server. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have network access, but not a valid user account on the vulnerable system...

6.9AI score
Exploits0References5
CERT
CERT
•added 2004/08/13 12:0 a.m.•13 views

JetboxOne leaves account database unencrypted

Overview JetboxOne does not encrypt information in the account information database. Any user with the ability to query the database may be able to view confidential account information. Description JetboxOne is an open-source content management system that is written in PHP. An information...

6.3AI score
Exploits0References1
CERT
CERT
•added 2004/07/27 12:0 a.m.•13 views

Multiple Cisco ONS control cards fail to properly handle malformed SNMP packets

Overview A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Description Cisco's Optical Networking product line consists of a series of devices designed to offer high-bandwidth data...

7.3AI score
Exploits0References4
CERT
CERT
•added 2004/04/09 12:0 a.m.•13 views

MPlayer contains a buffer overflow in the HTTP parser

Overview MPlayer fails to properly allocate a memory buffer for URL strings containing characters that need to be escaped. Description MPlayer is a movie player for Linux and other Unix-based operating systems. MPlayer fails to properly allocate a memory buffer for URL strings containing characte...

7.8AI score
Exploits0References3
CERT
CERT
•added 2004/04/06 12:0 a.m.•13 views

Monit fails to properly handle overly long HTTP requests

Overview Monit is vulnerable to a buffer overflow when processing overly long HTTP requests. Description Monit is a utility to monitor system processes, files, directories, devices, and remote hosts. It provides a web-based interface that can be used to access the Monit server. There is a buffer...

8.5AI score
Exploits0References5
CERT
CERT
•added 2004/03/23 12:0 a.m.•13 views

ModSecurity for Apache vulnerable to off-by-one overflow when directive "SecFilterScanPost" is enabled

Overview A vulnerability in the modsecurity module for Apache may permit a remote attacker to execute arbitrary code on the vulnerable web server. Description ModSecurity is an open source intrusion detection and prevention engine for web applications. The modsecurity module for Apache 2.0.X...

8.2AI score
Exploits0References2
CERT
CERT
•added 2004/02/27 12:0 a.m.•13 views

Oracle9i Database contains buffer overflow in NUMTOYMINTERVAL() function

Overview Oracle9i Database contains a buffer overflow in the NUMTOYMINTERVAL function which could allow anyone who can query the server to execute arbitrary code or access data with the privileges of the vulnerable process. Description A buffer overflow exists in the NUMTOYMINTERVAL function. Thi...

7.9AI score
Exploits0References3
CERT
CERT
•added 2004/02/23 12:0 a.m.•13 views

IMail Server LDAP daemon buffer overflow

Overview A buffer overflow in the LDAP server component supplied with some versions of the Ipswitch IMail Server could allow a remote attacker to execute arbitrary code on the vulnerable system. Description A buffer overflow flaw exists in the way that the Lightweight Directory Access Protocol LD...

8AI score
Exploits0References2
Total number of security vulnerabilities3702