3702 matches found
IMail Server LDAP daemon buffer overflow
Overview A buffer overflow in the LDAP server component supplied with some versions of the Ipswitch IMail Server could allow a remote attacker to execute arbitrary code on the vulnerable system. Description A buffer overflow flaw exists in the way that the Lightweight Directory Access Protocol LD...
Multiple Real media players fail to properly validate RMP files
Overview Multiple Real media players fail to properly validate RealJukebox Metadata Package RMP files which may permit an attacker to download and execute arbitrary code on the user's system. Description RealNetworks Real media players are multimedia applications that allow users to view local an...
Sun Solaris allows unprivileged local user to load arbitrary kernel modules
Overview Sun Solaris allows an unprivileged local user to load arbitrary kernel modules. Description Sun Solaris supports loadable kernel modules LKMs. LKMs are pieces of code that can be dynamically loaded and unloaded into the kernel. Sun Solaris contains a vulnerability that could allow an...
Solaris libc getopt(3) contains buffer overflow
Overview Solaris libc getopt3 contains a buffer overflow vulnerability. Please note the date of this report: 1/27/1997. This does not affect current versions of Solaris. Description From :A buffer overflow condition exists in the getopt3 routine in Solaris libc. By supplying an invalid option and...
Sun Management Center (SunMC) allows user to create or overwrite arbitrary files
Overview The Sun Management Center SunMC contains a vulnerability that could allow an attacker to create or overwrite any file on the system. Description An unknown vulnerability exists in the Sun Management Center SunMC, according to a Sun Alert Notification. According to that document,...
HP-UX "rexec" command vulnerable to buffer overflow when supplied overly long command line argument to "-l" option
Overview A buffer overflow vulnerability in the rexec program supplied in some versions of the HP-UX operating system could allow local users to gain privileged access. Description The rexec program allows local users to execute commands on remote servers. rexec calls the rexec subroutine to act ...
IBM Tivoli Firewall Toolbox contains vulnerability
Overview A vulnerability in the Tivoli Firewall Toolbox version 1.2 has been discovered that can lead to remote unauthorized compromise of the environment with in the firewall system. Description A buffer overflow vulnerability in the communications layer of the Tivoli Firewall Toolbox has been...
Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle 9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...
Oracle9i Application Server MOD_ORADAV Module vulnerable to DoS
Overview A remotely exploitable denial-of-service vulnerability exists in the Oracle9i Application Server MODORADAV Module. Description Oracle has described this vulnerability as follows:A potential security vulnerability has been discovered in Oracle9i Application Server. A knowledgeable and...
BEA WebLogic Server "ResourceAllocationException" exception may disclose user password
Overview A vulnerability in BEA's WebLogic Server may disclose sensitive information. Description From the BEA WebLogic Server 7.0 Overview:BEA WebLogic Server is a fully featured, standards-based application server providing the foundation on which an enterprise can build its applications. BEA...
Cyrus IMAP Server contains a buffer overflow vulnerability
Overview A buffer overflow vulnerability exists in versions of Cyrus IMAP Server up to and including 2.1.10. This vulnerability may allow a remote attacker to execute arbitrary code on the mail server with the privileges of the Cyrus IMAP Server. Description Cyrus IMAP Server is an e-mail...
Cherokee Web Server does not adequately validate user input thereby allowing directory traversal
Overview Cherokee contains a directory traversal vulnerability caused by failure to filter '../' character sequences. Description Cherokee is a compact, open-source web server. Cherokee does not filter '../' sequences from HTTP requests. As a result, it is possible for a remote attacker to reques...
IBM AIX vulnerable to buffer overflow in RPC routines
Overview IBM AIX contains a possible buffer-overflow vulnerability. Description Version 4.3 of IBM AIX has a possible buffer-overflow vulnerability in its RPC routines, due to use of an incorrect variable data type. No further information is available from the vendor. --- Impact The complete impa...
HP Tru64 UNIX "csh" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "csh" contains a locally exploitable buffer overflow. Description "csh" is used to invoke the C shell and interpret commands. A locally exploitable buffer overflow in "csh" may permit a local attacker to gain elevated privileges and execute arbitrary...
HP Tru64 UNIX "inc" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "inc" contains a locally exploitable buffer overflow. Description "inc" is used to incorporate new mail. A locally exploitable buffer overflow in "inc" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable...
HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)
Overview The HP Tru64 UNIX implementation of "ps" contains a locally exploitable buffer overflow. Description "ps" is used to display information about running processes. A locally exploitable buffer overflow in "ps" may permit a local attacker to gain elevated privileges and execute arbitrary co...
HP Tru64 UNIX "at" contains buffer overflow (SSRT2189)
Overview The HP Tru64 UNIX implementation of "at" contains a locally exploitable buffer overflow. Description "at" is used to run a job at a later time. A locally exploitable buffer overflow in "at" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable...
ncompress vulnerable to buffer overflow via long filename
Overview Some versions of ncompress contain a buffer-overflow vulnerability. Description Versions 4.2.4 and earlier of ncompress do not properly handle filenames longer than 1023 characters. --- Impact By supplying long filenames to ncompress, an attacker may be able to gain local access to the...
AOL Instant Messenger vulnerable to DoS via crafted GIF file
Overview AOL Instant Messenger AIM is an application that allows one peer to communicate with another. A vulnerability exists that can crash the client of a victim. Description AIM allows users to send image files to one another. By sending a crafted GIF image, an attacker can cause the victim's...
Apache Web Server vulnerable to DoS via crafted HTTP request
Overview Some versions of the Apache Web server are vulnerable to denial-of-service attacks by crafted HTTP requests. Description A vulnerability exists in some versions the Apache Web HTTPD Server running on Windows 98SE, Windows 2000 SP1, and OS/2. The vulnerability appears to be a bounds...
IBM AIX nslookup buffer overflow in hostname to lookup
Overview There is a buffer overflow in nslookup that will allow local attackers to gain root privileges on vulnerable AIX systems. Description The nslookup command contains a buffer overflow in the hostname to lookup, allowing local attackers to gain root privileges. The vendor IBM has reported...
Hewlett Packard HP-UX text editors contain buffer overflow
Overview A buffer overflow in the text editor on certain Hewlett-Packard systems could compromise system availability. Description Various text editing programs on HP systems that rely upon the same facilities, including e, ex, vi, edit, view, and vedit, contain a buffer overflow that could...
Cisco IOS creates SNMP read-only community string
Overview There is a vulnerability that permits unauthorized access to several switch and router products manufactured by Cisco Systems. An attacker who gains access to an affected device can read its configuration, creating an information leak. Description Certain versions of the Cisco...
Alcatel ADSL modems contain a null default password
Overview The San Diego Supercomputer Center SDSC has recently discovered several vulnerabilities in the Alcatel Speed Touch line of Asymmetric Digital Subscriber Line ADSL modems. These vulnerabilities are the result of weak authentication and access control policies and result in one or more of...
Check Point FireWall-1 allows fragmented packets through firewall if Fast Mode is enabled
Overview If any rules include the "Fast Mode" option, Check Point Firewall-1 and VPN-1 will incorrectly allow unauthorized connection attempts to hosts that should be restricted. Description A feature called "Fast Mode" or "FASTPATH", included in Check Point FireWall-1 and VPN-1 is designed to...
Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function
Overview Internet Explorer may disclose files on your computer if you visit a malicious web site or read a mail message with Active Scripting enabled. Description By design, Microsoft Internet Explorer prevents programs on web sites from reading files on your computer without authorization...
Securly Chrome Extension contains multiple weak encryption and access control vulnerabilities
Overview Version 3.0.7 of the Securly Chrome Extension contains multiple vulnerabilities involving insecure data transmission, weak cryptography, and improper access control. These issues may expose sensitive filtering rules, enable the manipulation of downloaded configuration files, and allow...
Collibra Agent contains improper authentication and path traversal vulnerabilities
Overview The Collibra Platform Agent contains vulnerabilities that can be chained by a remote, unauthenticated attacker to achieve remote code execution. An attacker can exploit these issues by uploading a crafted ZIP archive that writes attacker-controlled files to arbitrary locations on the...
PCTCore64.sys Windows kernel driver contains missing access control vulnerability
Overview The PCTCore64.sys Windows kernel driver from PC Tools Internet Security exposes its \.\PCTCoreDriver device interface with no access control, allowing any user-mode process to interact with the driver and invoke privileged IOCTL I/O Control commands. In a Bring Your Own Vulnerable Driver...
SGLang contains two remote code execution and one path traversal vulnerability
Overview Three vulnerabilities have been discovered in the SGLang project, two enabling remote code execution RCE, and one regarding a path traversal vulnerability. In order for an attacker to exploit these vulnerabilities, the multimodal generation mode must be enabled, and an attacker must have...
Terrarium contains a vulnerability that allows arbitrary code execution
Overview Terrarium is a sandbox-based code execution platform that enables users to run and execute code in a controlled environment, providing a secure way to test and validate code. However, a vulnerability has been discovered in Terrarium that allows arbitrary code execution with root privileg...
IDrive for Windows contains local privilege escalation vulnerability
Overview The IDrive Cloud Backup Client for Windows, versions 7.0.0.63 and earlier, contains a privilege escalation vulnerability that allows any authenticated user to run arbitrary executables with NT AUTHORITY\SYSTEM permissions. Description IDrive is a cloud backup service that allows users to...
LibreChat RAG API contains a log-injection vulnerability
Overview A log-injection vulnerability in the LibreChat RAG API, version 0.7.0, is caused by improper sanitization of user-supplied input written to system logs. An authenticated attacker can forge or manipulate log entries by inserting CRLF characters, compromising the integrity of audit records...
Open5GS WebUI uses a hard-coded secrets including JSON Web Token signing key
Overview The Open5GS WebUI component contains default hardcoded secrets used for security-sensitive operations, including JSON Web Token JWT signing. If these defaults are not changed, an attacker can forge valid authentication tokens and gain administrative access to the WebUI. This can result i...
Livewire Filemanager contains an insecure .php component that allows for unauthenticated RCE in Laravel Products
Overview A vulnerability, tracked as CVE-2025-14894, has been discovered within Livewire Filemanager, a tool designed for usage within Laravel applications. The Livewire Filemanager tool allows for users to upload various files, including PHP files, and host them within the Laravel application...
Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
Overview Saviynt Enterprise Identity Cloud contains user enumeration and authentication bypass vulnerabilities in the local password reset feature. Together, these vulnerabilities could allow a remote, unauthenticated attacker to gain administrative privileges if an SSO solution is not configured...
Autonomy Ultraseek URL redirection vulnerability
Overview The Autonomy Ultraseek search engine contains a URL redirection vulnerability that may allow an attacker to redirect website users to other sites. Description The Autonomy Ultraseek search engine contains a URL redirection vulnerability in the /cs.html?url= paramater. The destination URL...
Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication
Overview A vulnerabilty in Cisco Catalyst Systems that have a Network Analysis Module NAM installed may allow a remote, unauthenticated attacker to gain complete control of this device. Description Cisco Catalyst 6000, 6500, and Cisco 7600 series switches may utilize Cisco's NAM to monitor and...
Google Desktop vulnerable to cross-site scripting
Overview A cross-site scripting vulnerability exists in the Google Desktop Search application. This vulnerability may allow an attacker to take any action on a vulnerable system that the Google Desktop Search can. Description Google Desktop Search is a desktop search program that is integrated in...
Broadcom wireless driver fails to properly process 802.11 probe response frames
Overview A buffer overflow vulnerability exists in the Broadcom BCMWL5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The BCMWL5.SYS driver is a wireless 802.11 device driver...
Oracle Collaboration Suite Email Server contains a vulnerability that may compromise system confidentiality
Overview An unspecified vulnerability in the Oracle Collaboration Suite Email Server may allow a remote, unauthenticated attacker to compromise system confidentiality. Description Oracle Collaboration Suite Email Server contains an unspecified vulnerability. Oracle states this issue can allow an...
Oracle Reporting Framework vulnerability
Overview An unspecified vulnerability in the Oracle Reporting Framework may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle Reporting Framework contains a vulnerability.The details of this vulnerability are not clear. However, Oracle...
IBM Tivoli Directory Server may allow unauthorized access
Overview IBM Tivoli Directory Server may allow unauthorized access to change, modify, and/or delete directory data under certain circumstances. Description The IBM Tivoli Directory Server product is described as:IBM Tivoli Directory Server provides a powerful Lightweight Directory Access Protocol...
Oracle Application Server Internet Directory vulnerability
Overview An unspecified vulnerability in the Oracle Internet Directory may allow a remote, unauthenticated attacker to compromise system confidentiality and integrity. Description Oracle Internet Directory provides directory services, such as LDAP support, for the Oracle Application Server. There...
Cisco IOS Firewall Authentication Proxy vulnerable to buffer overflow via specially crafted user authentication credentials
Overview A buffer overflow vulnerability in Cisco IOS Firewall Authentication Proxy may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service. Description Cisco IOS Firewall Authentication Proxy is a feature that allows network administrators to apply...
Oracle products contain multiple vulnerabilities
Overview Multiple vulnerabilities exist in numerous Oracle products. The impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the diclosure of sensitive information, and denial-of-service conditions. Description Multiple vulnerabilities exist in numerous...
Golden FTP server contains a buffer overflow
Overview Golden FTP server contains a buffer overflow that may allow a remote attacker to execute arbitrary code. Description Golden FTP server is a personal FTP server for the Microsoft Windows platform. The RNTO rename to command is used in conjunction with the RNFR rename from to rename a file...
Cisco IOS contains DoS vulnerability in MPLS packet processing
Overview A denial-of-service vulnerability exists in Cisco's Internetwork Operating System IOS. This vulnerability may allow attackers to conduct denial-of-service attacks on an affected device. Description Multi Protocol Label Switching MPLS is designed to increase the speed of IP...
Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar
Overview Microsoft Internet Explorer does not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the statu...
Multiple Symantec security appliances do not allow the SNMP read-write community string to be changed
Overview A vulnerability exists in multiple Symantec security appliances that could allow a remote attacker to modify the configuration of the device using SNMP. Description The Simple Network Management Protocol SNMP enables network and system administrators to remotely monitor and configure...