Lucene search
K
CertMost viewed

3702 matches found

CERT
CERT
added 2003/03/21 12:0 a.m.12 views

HP Tru64 UNIX "dxchpwd" contains buffer overflow

Overview The Hewlett Packard Tru64 "dxchpwd" command contains a locally exploitable buffer overflow. Description The Hewlett Packard Tru64 operating system contains a command, known as "dxchpwd," that allows users to change passwords. This program is vulnerable to a buffer overflow. --- Impact Th...

6.9AI score
Exploits0References2
CERT
CERT
added 2003/03/19 12:0 a.m.12 views

IBM Tivoli Firewall Toolbox contains vulnerability

Overview A vulnerability in the Tivoli Firewall Toolbox version 1.2 has been discovered that can lead to remote unauthorized compromise of the environment with in the firewall system. Description A buffer overflow vulnerability in the communications layer of the Tivoli Firewall Toolbox has been...

8.1AI score
Exploits0
CERT
CERT
added 2003/02/17 12:0 a.m.12 views

Yahoo! Mobile service discloses random sensitive information to unauthorized users

Overview The Yahoo! Mobile service contains an information exposure vulnerability. Description The Yahoo! Mobile Service enables users of handheld devices to take advantage of the same kinds of services Yahoo! Inc. offers to traditional desktop computing users e.g. web browsing, email, etc.. A...

6.7AI score
Exploits0References1
CERT
CERT
added 2002/09/24 12:0 a.m.12 views

Cherokee Web Server fails to drop privileges after daemon starts

Overview Cherokee fails to drop root privileges after binding to port 80. Description Cherokee is a compact, open-source web server. Cherokee is designed to start as root and drop root privileges after binding to port 80. However, versions of Cherokee prior to 0.2.7 fail to drop root privileges...

7.7AI score
Exploits0References2
CERT
CERT
added 2002/09/24 12:0 a.m.12 views

Cherokee Web Server does not adequately validate user input thereby allowing remote command execution

Overview Cherokee does not properly validate HTTP requests. Attackers may exploit this vulnerability to execute arbitrary commands as root. Description Cherokee is a compact, open-source web server. Cherokee passes Uniform Resource Identifiers URI's from HTTP requests directly to the shell withou...

7.8AI score
Exploits0References2
CERT
CERT
added 2002/09/16 12:0 a.m.12 views

PHP fails to filter ASCII control characters from string arguments of mail() function

Overview PHP does not properly filter parameters to its mail function. Description PHP is a scripting language widely used in web application development. PHP includes a function called mail that takes message parameters such as recipient address and sends mail using sendmail. PHP does not filter...

6.5AI score
Exploits0References2
CERT
CERT
added 2002/09/10 12:0 a.m.12 views

HP Tru64 UNIX "imapd" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "imapd" contains a locally exploitable buffer overflow. Description "imapd" is the IMAP daemon. A locally exploitable buffer overflow in "imapd" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/08/30 12:0 a.m.12 views

HP Tru64 UNIX contains buffer overflow in libc libraries (SSRT2257)

Overview The HP Tru64 Unix operating system contains multiple buffer overflow vulnerabilities. Description A vulnerability exists in the way in which the libc libraries handle environment variables in the HP Tru64 UNIX operating system. As a result, local attackers may be able to execute arbitrar...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/04/05 12:0 a.m.12 views

AOL Instant Messenger vulnerable to DoS via crafted GIF file

Overview AOL Instant Messenger AIM is an application that allows one peer to communicate with another. A vulnerability exists that can crash the client of a victim. Description AIM allows users to send image files to one another. By sending a crafted GIF image, an attacker can cause the victim's...

6.7AI score
Exploits0References1
CERT
CERT
added 2001/11/20 12:0 a.m.12 views

MandrakeSoft Mandrake Linux Apache default configuration sample programs disclose server information

Overview The default installation of Apache on MandrakeSoft Mandrake Linux includes sample programs which may unnecessarily disclose information about the server. Description MandrakeSoft produces a Linux distribution called Mandrake Linux that includes the Apache web server. The default...

6.7AI score
Exploits0References1
CERT
CERT
added 2001/07/27 12:0 a.m.12 views

SCO UnixWare uux contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uux, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

8.3AI score
Exploits0References3
CERT
CERT
added 2001/05/04 12:0 a.m.12 views

Hewlett Packard HP-UX text editors contain buffer overflow

Overview A buffer overflow in the text editor on certain Hewlett-Packard systems could compromise system availability. Description Various text editing programs on HP systems that rely upon the same facilities, including e, ex, vi, edit, view, and vedit, contain a buffer overflow that could...

7.5AI score
Exploits0
CERT
CERT
added 2026/06/03 12:0 a.m.11 views

Securly Chrome Extension contains multiple weak encryption and access control vulnerabilities

Overview Version 3.0.7 of the Securly Chrome Extension contains multiple vulnerabilities involving insecure data transmission, weak cryptography, and improper access control. These issues may expose sensitive filtering rules, enable the manipulation of downloaded configuration files, and allow...

7.5CVSS5.5AI score0.00432EPSS
Exploits0
CERT
CERT
added 2026/04/09 12:0 a.m.11 views

Multiple Heap Buffer Overflows in Orthanc DICOM Server

Overview Multiple vulnerabilities have been identified in Orthanc DICOM Server version, 1.12.10 and earlier, that affect image decoding and HTTP request handling components. These vulnerabilities include heap buffer overflows, out-of-bounds reads, and resource exhaustion vulnerabilities that may...

9.8CVSS6.9AI score0.00666EPSS
Exploits0
CERT
CERT
added 2026/03/30 12:0 a.m.11 views

Kyverno is vulnerable to server-side request forgery (SSRF)

Overview Kyverno, versions 1.16.0 to present, contains an SSRF vulnerability in its CEL-based HTTP functions, which lack URL validation or namespace scoping and allow namespaced policies to trigger arbitrary internal HTTP requests. An attacker with only namespace-level permissions can exploit thi...

9.8CVSS6.1AI score0.00705EPSS
Exploits0References3
CERT
CERT
added 2026/01/20 12:0 a.m.11 views

Stack-based buffer overflow in libtasn1 versions v4.20.0 and earlier

Overview A stack-based buffer overflow vulnerability exists in GNU libtasn1, a low-level ASN.1 parsing library. The issue is caused by unsafe string concatenation in the asn1expandoctetstring function located in decoding.c. Under worst-case conditions, this results in a one-byte stack overflow th...

7.5CVSS6AI score0.01109EPSS
Exploits0References4
CERT
CERT
added 2026/01/16 12:0 a.m.11 views

Livewire Filemanager contains an insecure .php component that allows for unauthenticated RCE in Laravel Products

Overview A vulnerability, tracked as CVE-2025-14894, has been discovered within Livewire Filemanager, a tool designed for usage within Laravel applications. The Livewire Filemanager tool allows for users to upload various files, including PHP files, and host them within the Laravel application...

9.8CVSS8.2AI score0.00571EPSS
Exploits0References2
CERT
CERT
added 2025/08/02 12:0 a.m.11 views

Partner Software/Partner Web does not sanitize Report files and Note content, allowing for XSS and RCE

Overview Partner Software and Partner Web, both products of their namesake company, Partner Software, fail to sanitize report or note files, allowing for XSS attacks. Partner Software is subdivision of N. Harris Computer Corporation and is a field application development company, with products...

9.8CVSS6.7AI score0.0069EPSS
Exploits0References2
CERT
CERT
added 2025/07/11 12:0 a.m.11 views

SMM callout vulnerabilities identified in Gigabyte UEFI firmware modules

Overview System Management Mode SMM callout vulnerabilities have been identified in UEFI modules present in Gigabyte firmware. An attacker could exploit one or more of these vulnerabilities to elevate privileges and execute arbitrary code in the SMM environment of a UEFI-supported processor. Whil...

8.2CVSS7.8AI score0.00199EPSS
Exploits0References4
CERT
CERT
added 2007/06/05 12:0 a.m.11 views

Microsoft Internet Explorer cross-domain frame race condition

Overview Microsoft Internet Explorer contains a race condition that results in a cross-domain violation. Description Internet Explorer uses a cross-domain security model to maintain separation between browser frames from different sources. This model is designed to prevent code in one domain from...

7.1AI score
Exploits0References5
CERT
CERT
added 2007/05/29 12:0 a.m.11 views

Avast! antivirus buffer overflow vulnerability

Overview Avast! antivirus contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute code a vulnerable system. Description Avast! antivirus is an antivirus application that can scan different types of files. The Symbian Installer Format SIS file format is used b...

8.3AI score
Exploits0References4
CERT
CERT
added 2006/08/18 12:0 a.m.11 views

Drivers for the Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability

Overview Microsoft Windows drivers for Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Intel 2100 PRO/Wireless Network Connection Hardware The Inte...

7.4AI score
Exploits0References1
CERT
CERT
added 2006/07/07 12:0 a.m.11 views

Dell Openmanage CD launches unauthenticated services

Overview Dell Openmanage CD launches X11 and SSH daemons that permit unauthenticated users full access. Description The Dell Openmanage CD gives system administrators using Dell servers access to drivers, diagnostic tools, remote system control, and other utilities. When loaded, the CD launches X...

7.7AI score
Exploits0References2
CERT
CERT
added 2006/05/30 12:0 a.m.11 views

Secure Elements Class 5 AVR server fails to properly authenticate registration messages

Overview The Secure Elements Class 5 AVR server fails to properly authenticate registration messages. This may allow an attacker to cause a denial-of-service condition on the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that...

7.2AI score
Exploits0References1
CERT
CERT
added 2004/07/27 12:0 a.m.11 views

Multiple Cisco ONS control cards fail to properly handle malformed ICMP packets

Overview A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Description Cisco's Optical Networking product line consists of a series of devices designed to offer high-bandwidth data...

7.3AI score
Exploits0References4
CERT
CERT
added 2004/01/22 12:0 a.m.11 views

Cisco default install of IBM Director agent fails to authenticate users for remote administration

Overview Cisco IBM Director agent fails to authenticate users for remote administration. Description Cisco voice products e.g. CallManager, IP Interactive Voice Response, IP Call Center Express that run on IBM servers install IBM Director agent to provide administrative management. The default...

7.1AI score
Exploits0References3
CERT
CERT
added 2003/10/30 12:0 a.m.11 views

Avaya Argent Office uses weak authentication for TFTP-based administrative control

Overview The Avaya Argent Office contains a weak authentication mechanism for administrative access. Description The Avaya Argent Office uses a TFTP-based mechanism to accept requests for administrative functions. By requesting "files" from the device via its internal interface, administrators ca...

7.2AI score
Exploits0References1
CERT
CERT
added 2003/09/30 12:0 a.m.11 views

OpenSSL does not securely handle invalid public key when configured to ignore errors

Overview A vulnerability in the way OpenSSL handles invalid public keys in client certificate messages could allow a remote attacker to cause a denial of service. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typical...

7.6AI score
Exploits0References5
CERT
CERT
added 2003/05/05 12:0 a.m.11 views

Cisco Catalyst switches allow access to "enable mode" without password

Overview Cisco Catalyst OS 7.51 contains a vulnerability that allows anyone who can obtain command line access to gain "enable" mode access without knowledge of the "enable" password. Description Cisco Catalyst OS is an operating system for Cisco's line of Catalyst switches. Version 7.51 of...

7.2AI score
Exploits0References2
CERT
CERT
added 2003/04/07 12:0 a.m.11 views

SETI@home client vulnerable to buffer overflow

Overview A buffer overflow vulnerability in the SETI@home client could allow a remote attacker to execute arbitrary code or cause the SETI@home client to fail. An exploit for this vulnerability is known to exist and may be circulating. Description From the SETI@home website:SETI@home is a...

8.3AI score
Exploits0References4
CERT
CERT
added 2003/03/13 12:0 a.m.11 views

Lotus Domino Server susceptible to a pre-authentication buffer overflow during Notes authentication

Overview Lotus Domino is vulnerable to a pre-authentication buffer overflow attack during Notes authentication. Description A buffer overflow vulnerability may be exploited during Notes authentication to a Lotus Domino server. Versions prior to 5.0.12 and 6.0 are affected. According to the Rapid7...

8.6AI score
Exploits0References2
CERT
CERT
added 2002/09/24 12:0 a.m.11 views

PHP-Nuke does not adequately authenticate users thereby allowing attackers to change user information

Overview PHP-Nuke's saveuser function does not adequately authenticate users. Attackers may exploit this vulnerability to change user data and gain access to accounts. Description PHP-Nuke is a set of PHP scripts designed to simplify web site creation and maintenance. PHP-Nuke's saveuser function...

7.1AI score
Exploits0References2
CERT
CERT
added 2002/02/11 12:0 a.m.11 views

KTH Kerberos Telnet implementations do not strictly enforce client encryption request

Overview A vulnerability exists in the KTH Kerberos IV and Kerberos V Heimdal Telnet implementations. When a KTH Kerberos Telnet client requests data encryption and the server does not appear to support it, the client will establish the connection using no encryption. A properly located attacker...

7AI score
Exploits0References3
CERT
CERT
added 2001/11/28 12:0 a.m.11 views

Cisco IOS Firewall Feature Set fails to check IP protocol type thereby allowing packets to bypass dynamic access control lists

Overview The Cisco IOS Firewall Feature Set also known as Cisco Secure Integrated Software, or Context Based Access Control may allow an intruder to pass traffic through the firewall in violation of implied security policies. Description It is important to note that only configurations that use t...

7.3AI score
Exploits0References3
CERT
CERT
added 2001/07/27 12:0 a.m.11 views

SCO UnixWare uuxcmd contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uuxcmd, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

8.3AI score
Exploits0References3
CERT
CERT
added 2026/04/20 12:0 a.m.10 views

SGLang is vulnerable to remote code execution when rendering chat templates from a model file

Overview A remote code execution vulnerability has been discovered in the SGLang project, specifically in the reranking endpoint /v1/rerank. A CVE has been assigned to track the vulnerability; CVE-2026-5760. An attacker can create a malicious model for SGLang to achieve RCE. Successful exploitati...

9.8CVSS7.5AI score0.00852EPSS
Exploits2References6
CERT
CERT
added 2026/02/12 12:0 a.m.10 views

PyMuPDF path traversal and arbitrary file write vulnerabilities

Overview A path traversal vulnerability leading to arbitrary file write exist in PyMuPDF version 1.26.5, within the ‘embeddedget’ function in ‘main.py’. This vulnerability is caused by improper handling of untrusted embedded file metadata, which is used directly as an output path, enabling...

8.2CVSS5.9AI score0.00354EPSS
Exploits0References2
CERT
CERT
added 2026/01/20 12:0 a.m.10 views

Server-Side Template Injection (SSTI) vulnerability exist in Genshi

Overview A Server-Side Template Injection SSTI vulnerability exists in the Genshi template engine due to unsafe evaluation of template expressions. Genshi processes template expressions using Python’s 'eval’ and ‘exec’ functions while allowing fallback access to Python built-in objects. If an...

9.8CVSS6.7AI score0.00726EPSS
Exploits0References1
CERT
CERT
added 2026/01/16 12:0 a.m.10 views

The Librarian does not secure its interface, allowing for access to internal system data

Overview Multiple vulnerabilities were discovered in The Librarian, an AI-powered personal assistant tool provided by the company TheLibrarian.io. The Librarian can be used to manage personal email, calendar, documents, and other information through external services, such as Gmail and Google...

7.5CVSS6.2AI score0.00373EPSS
Exploits0References2
CERT
CERT
added 2026/01/09 12:0 a.m.10 views

BeeS Software Solutions BeeS Examination Tool (BET) portal contains SQL injection vulnerability

Overview The BeeS Examination Tool BET portal from BeeS Software Solutions contains an SQL injection vulnerability in its website login functionality. More than 100 universities use the BET portal for test administration and other academic tasks. The vulnerability enables arbitrary SQL commands t...

9.8CVSS8AI score0.00689EPSS
Exploits1References3
CERT
CERT
added 2025/10/10 12:0 a.m.10 views

Kiwire Captive Portal contains 3 web vulnerabilities

Overview The Kiwire Captive Portal, provided by SynchroWeb, is an internet access gateway intended for providing guests internet access where many users will want to connect. Three vulnerabilities were discovered within the product, including SQL injection, open redirection, and cross site...

7.3CVSS7AI score0.00371EPSS
Exploits0References1
CERT
CERT
added 2016/02/29 12:0 a.m.10 views

Forwarding Loop Attacks in Content Delivery Networks may result in denial of service

Overview Content Delivery Networks CDNs may in some scenarios be manipulated into a forwarding loop, which consumes server resources and causes a denial of service DoS on the network. Description CWE-400: Uncontrolled Resource Consumption 'Resource Exhaustion' Content Delivery Networks CDNs are...

7.2AI score
Exploits0References1
CERT
CERT
added 2008/07/25 12:0 a.m.10 views

NetApp Data ONTAP contains multiple vulnerabilities

Overview NetApp Data ONTAP contains multiple vulnerabilities. The most severe of these vulnerabilities may allow an attacker to execute commands, view sensitive data, or cause a system to crash. Description NetApp Data ONTAP contains multiple undisclosed vulnerabilities. --- Impact A remote,...

7.7AI score
Exploits0References4
CERT
CERT
added 2007/02/08 12:0 a.m.10 views

Trend Micro AntiVirus fails to properly process malformed UPX packed executables

Overview The Trend Micro AntiVirus scanning engine contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Trend Micro AntiVirus is a virus scanner for Microsoft Windows and Linux. The Trend Micro virus scanning...

8.3AI score
Exploits0References8
CERT
CERT
added 2006/04/20 12:0 a.m.10 views

Oracle Advanced Replication SQL injection vulnerability

Overview An SQL injection vulnerability in the Oracle Advanced Replication component may allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle Advanced Replication component contains a SQL injection vulnerability.The details of this...

8.1AI score
Exploits0References2
CERT
CERT
added 2005/12/06 12:0 a.m.10 views

Perl programs providing user-controlled I/O format strings may contain format string vulnerabilities

Overview Programs written in Perl may contain many of the same types of format string vulnerabilities as programs written in C. Description Perl is a programming language used in many applications and commonly used for web applications. It provides many of the same functions for formatted I/O as ...

7.7AI score
Exploits0References1
CERT
CERT
added 2005/10/21 12:0 a.m.10 views

Oracle Application Server Web Cache vulnerability

Overview Oracle Applications Server Web Cache contains an unspecified information disclosure vulnerability. Description Oracle Applications Server Web Cache contains a vulnerability. The details of this vulnerability are not clear. However, Oracle states this issue can allow an attacker to easily...

6.6AI score
Exploits0References3
CERT
CERT
added 2004/08/11 12:0 a.m.10 views

Sun Solaris X Display Manager does not properly handle invalid XDMCP requests

Overview There is a vulnerability in the way Sun Solaris handles invalid X Display Manager Control Protocol XDMCP requests. Exploitation of this vulnerability could allow an attacker to cause the X Display Manager XDM to crash. Description The X Display Manager xdm1 is responsible for managing...

6.8AI score
Exploits0References2
CERT
CERT
added 2003/05/12 12:0 a.m.10 views

Ethereal contains integer overflow in PPP dissector

Overview Ethereal is a network traffic analysis package. The PPP packet dissector contains a vulnerability that may result in the execution of arbitrary code. Description The PPP packet dissector for Ethereal contains an integer overflow vulnerability. According to the Ethereal Advisory,...

7.8AI score
Exploits0References1
CERT
CERT
added 2002/09/13 12:0 a.m.10 views

HP Tru64 UNIX "dxsysinfo" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "dxsysinfo" contains a locally exploitable buffer overflow. Description "dxsysinfo" is used to monitor system resources. A locally exploitable buffer overflow in "dxsysinfo" may permit a local attacker to gain elevated privileges and execute arbitrary...

8.2AI score
Exploits0References1
Total number of security vulnerabilities3702