Lucene search
K

3702 matches found

CERT
CERT
added 2014/12/18 12:0 a.m.53 views

Multiple Dell iDRAC IPMI v1.5 implementations use insufficiently random session ID values

Overview The Intelligent Platform Management Interface IPMI v1.5 implementations in multiple Dell iDRAC releases are vulnerable to arbitrary command injection due to use of insufficiently random session ID values. Description CWE-330: Use of Insufficiently Random Values - CVE-2014-8272The IPMI...

5CVSS7.6AI score0.21152EPSS
Exploits6References4
CERT
CERT
added 2014/12/15 12:0 a.m.104 views

EMC Documentum products contain multiple vulnerabilities

Overview EMC Documentum products including Content Server, D2, and Web Development Kit WDK contain multiple vulnerabilities. Description EMC Documentum Content Server, D2, and WDK contain numerous vulnerabilities of varying impact. For details, view our spreadsheet. For status from the vendor,...

9AI score
Exploits0References3
CERT
CERT
added 2014/12/15 12:0 a.m.22 views

CA LISA Release Automation contains multiple vulnerabilities

Overview CA LISA Release Automation 4.7.1.385 contains multiple vulnerabilities Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2014-8246CA LISA Release Automation 4.7.1.385 contains a global Cross-Site Request Forgery CSRF vulnerability. The application allows a malicious user to...

6.8CVSS7.4AI score0.01805EPSS
Exploits0References2
CERT
CERT
added 2014/12/12 12:0 a.m.40 views

Honeywell OPOS suite Stack Buffer Overflow vulnerability

Overview The Honeywell OPOS OLE for Retail Point-of-Sale POS Suite is vulnerable to a stack buffer overflow attack. Description The Honeywell OPOS Suite provides a standard programming interface that allows POS hardware to be easily integrated into retail POS systems based on Microsoft Windows...

7.5CVSS7.5AI score0.04747EPSS
Exploits0References3
CERT
CERT
added 2014/12/09 12:0 a.m.73 views

Recursive DNS resolver implementations may follow referrals infinitely

Overview Recursive DNS resolvers may become stuck following an infinite chain of referrals due to a malicious authoritative server. Description RFC 1034 describes the standard technical issues of enabling domain delegations in DNS, but does not provide a specific implementation, leaving DNS serve...

7.8CVSS7.3AI score0.65683EPSS
Exploits0References2
CERT
CERT
added 2014/12/05 12:0 a.m.41 views

Zenoss Core contains multiple vulnerabilities

Overview The Zenoss Core application, server, and network management platform software contains multiple vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code. Description The Zenoss Core application, server, and network management platform software...

9.3CVSS8.4AI score0.19683EPSS
Exploits0References1
CERT
CERT
added 2014/11/18 12:0 a.m.965 views

Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature

Overview Microsoft Windows Kerberos KDC contains a vulnerability allowing an authenticated unprivileged domain user to escalate privileges to a domain administrator account, allowing the user to compromise any computer on the domain. Description CWE-347: Improper Verification of Cryptographic...

9CVSS8.6AI score0.87448EPSS
Exploits8References3
CERT
CERT
added 2014/11/13 12:0 a.m.230 views

Microsoft Secure Channel (Schannel) vulnerable to remote code execution via specially crafted packets

Overview A critical vulnerability in Microsoft Windows systems could allow a remote attacker to execute arbitrary code via specially crafted network packets. Description Microsoft Secure Channel Schannel is a security package that provides SSL and TLS on Microsoft Windows platforms. Due to a flaw...

10CVSS7.7AI score0.95988EPSS
Exploits1References8
CERT
CERT
added 2014/11/13 12:0 a.m.154 views

Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer

Overview A vulnerability in Microsoft Windows OLE could allow remote code execution if a user views a specially-crafted web page in Internet Explorer. Description The Microsoft Windows OLE OleAut32.dll library provides the SafeArrayRedim function that allows resizing of SAFEARRAY objects in memor...

9.3CVSS8.7AI score0.94996EPSS
Exploits39References4
CERT
CERT
added 2014/11/07 12:0 a.m.23 views

IBM Notes Traveler for Android transmits user credentials over HTTP

Overview The IBM Notes Traveler application for Android does not enforce the use of HTTPS for transmitting user credentials, which can allow an attacker to obtain this information. Description IBM Notes Traveler formerly known as Lotus Notes Traveler is an application that allows access to email,...

5CVSS6AI score0.0188EPSS
Exploits0References2
CERT
CERT
added 2014/11/03 12:0 a.m.51 views

uIP and lwIP DNS resolver vulnerable to cache poisoning

Overview The DNS resolver implemented in uIP and lwIP is vulnerable to cache poisoning due to non-randomized transaction IDs TXIDs and source port reuse. Description CWE-330: Use of Insufficiently Random Values - CVE-2014-4883The DNS resolver implemented in all versions of uIP, as well as lwIP...

4.3CVSS6.6AI score0.00572EPSS
Exploits0References5
CERT
CERT
added 2014/10/31 12:0 a.m.96 views

Linksys SMART WiFi firmware contains multiple vulnerabilities

Overview Linksys EA series routers running the Linksys SMART WiFi firmware contain multiple vulnerabilities. Description CWE-320: Key Management Errors - CVE-2014-8243An remote, unauthenticated attacker can read the router's .htpassword file by requesting https:///.htpasswd. The .htpasswd file...

7.5CVSS6.3AI score0.03976EPSS
Exploits2References10
CERT
CERT
added 2014/10/29 12:0 a.m.19 views

drchrono Electronic Health Record (EHR) web applications vulnerable to cross-site scripting and cross-site request forgery

Overview drchrono Electronic Health Record EHR web applications allow cross-site scripting XSS and cross-site request forgery CSRF that could allow an attacker to obtain sensitive patient information. Description drchrono provides an EHR web application service at drchrono.com, onpatient.com, and...

6.7AI score
Exploits0References2
CERT
CERT
added 2014/10/28 12:0 a.m.36 views

GNU Wget creates arbitrary symbolic links during recursive FTP download

Overview GNU wget allows arbitrary filesystem access when creating symbolic links during a recursive FTP download. This allows an attacker to overwrite files with the permissions of the user running wget. Description CWE-59:CWE-59: Improper Link Resolution Before File Access 'Link Following' Wget...

9.3CVSS6.3AI score0.39883EPSS
Exploits4References7
CERT
CERT
added 2014/10/23 12:0 a.m.17 views

Incorrect implementation of NAT-PMP in multiple devices

Overview Many NAT-PMP devices are incorrectly configured, allowing them to field requests received on external network interfaces or map forwarding routes to addresses other than that of the requesting host, making them potentially vulnerable to information disclosure and malicious port mapping...

7.2AI score
Exploits0References5
CERT
CERT
added 2014/10/17 12:0 a.m.131 views

POODLE vulnerability in SSL 3.0

Overview Many modern TLS clients can fall back to version 3.0 of the SSL protocol, which is vulnerable to a padding-oracle attack when Cypher-block chaining CBC mode is used. This is commonly referred to as the "POODLE" Padding Oracle On Downgraded Legacy Encryption attack. Description CWE-327: U...

4.3CVSS4.3AI score0.99999EPSS
Exploits7References4
CERT
CERT
added 2014/10/17 12:0 a.m.27 views

Centreon contains multiple vulnerabilities

Overview Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 contain multiple vulnerabilities. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' - CVE-2014-3829 Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 are...

10CVSS8AI score0.80998EPSS
Exploits9References4
CERT
CERT
added 2014/10/08 12:0 a.m.40 views

IBM WebSphere Application Server contains multiple vulnerabilities

Overview IBM WebSphere Application Server, including the Hypervisor Edition, contains cross-site scripting and cross-site request forgery vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-4770IBM WebSphere Applicatio...

6CVSS5.4AI score0.01932EPSS
Exploits0References3
CERT
CERT
added 2014/10/07 12:0 a.m.82 views

BMC Track-It! contains multiple vulnerabilities

Overview BMC Track-It! version 11.3.0.355 contains multiple vulnerabilities Description CWE-306: Missing Authentication for Critical Function -CVE-2014-4872 BMC Track-It! exposes several dangerous remote .NET services on port 9010 without authentication. .NET remoting allows a user to invoke...

7.5CVSS10AI score0.80095EPSS
Exploits16References4
CERT
CERT
added 2014/10/07 12:0 a.m.45 views

Cryoserver Security Appliance vulnerable to privilege escalation

Overview Cryoserver Security Appliance 7.3.x vulnerable to privilege escalation Description CWE-264: Permissions, Privileges, and Access Controls Cryoserver Security Appliance 7.3.x does not properly assign permission to the /etc/init.d/cryoserver shell script and allows the default support accou...

6.8CVSS6.4AI score0.00315EPSS
Exploits0References2
CERT
CERT
added 2014/10/06 12:0 a.m.110 views

Rejetto HTTP File Server (HFS) search feature fails to handle null bytes

Overview Rejetto HTTP File Server HFS search feature in versions 2.3, 2.3a, and 2.3b fails to handle null bytes. Description CWE-158: Improper Neutralization of Null Byte or NUL Character - CVE-2014-6287Rejetto HFS versions 2.3, 2.3a, and 2.3b are vulnerable to remote command execution due to a...

10CVSS9.6AI score0.99323EPSS
Exploits23References5
CERT
CERT
added 2014/10/06 12:0 a.m.46 views

NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting vulnerability

Overview NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' NetCommWireless NB604N ADSL2+ Wireless N300 Modem Routers running...

4.3CVSS5.4AI score0.01107EPSS
Exploits0References2
CERT
CERT
added 2014/10/03 12:0 a.m.51 views

HP System Management Homepage vulnerable to cross-site scripting

Overview HP System Management Homepage versions 7.2.3 and 7.3.2.1 contain a reflected cross site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-2640HP System Management Homepage versions 7.2.3 and 7.3.2.1...

4.3CVSS5.7AI score0.03884EPSS
Exploits0References2
CERT
CERT
added 2014/10/03 12:0 a.m.133 views

Brocade Vyatta 5400 vRouter contains multiple vulnerabilities

Overview Brocade Vyatta 5400 vRouter versions 6.4Rx, 6.6Rx, and 6.7R1 contain multiple vulnerabilities. Description Brocade Vyatta 5400 vRouter versions 6.4Rx, 6.6Rx, and 6.7R1 contain the following vulnerabilities:CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS...

9CVSS7AI score0.02749EPSS
Exploits0References1
CERT
CERT
added 2014/09/25 12:0 a.m.237 views

GNU Bash shell executes commands in exported functions in environment variables

Overview GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. Description UPDATE: New CVE-IDs added for incomplete patches. Additional resources added and vendor patch information updated.CWE-78: OS Command Injection Bash supports exporting of...

9AI score
Exploits0References10
CERT
CERT
added 2014/09/24 12:0 a.m.37 views

Mozilla Network Security Services (NSS) fails to properly verify RSA signatures

Overview The Mozilla Network Security Services NSS library fails to properly verify RSA signatures due to incorrect ASN.1 parsing of DigestInfo. This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate. Description CWE-295: Improper Certificate Validation RSA...

7.5CVSS5.8AI score0.1617EPSS
Exploits0References8
CERT
CERT
added 2014/09/19 12:0 a.m.58 views

FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities

Overview Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks CWE-300 and a heap-based overflow vulnerability CWE-122. Description Fortinet FortiGate and FortiWiFi 4.00.6 and possibly earlier versions are susceptible to man-in-the-middle attacks CWE-300 and a...

7.5CVSS7.6AI score0.05143EPSS
Exploits0References3
CERT
CERT
added 2014/09/11 12:0 a.m.57 views

Embarcadero Delphi and C++Builder VCL BMP file processing buffer overflow

Overview Embarcadero Delphi and C++ Builder Visual Component Library VCL bitmap BMP file processing code contains a buffer overflow that could allow an attacker to execute arbitrary code. Description Embarcadero Delphi and C++ Builder tools contain a buffer overflow CWE-119 in VCL BMP file...

6.8CVSS7.4AI score0.05697EPSS
Exploits0References5
CERT
CERT
added 2014/09/10 12:0 a.m.74 views

CacheGuard OS contains a cross-site request forgery vulnerability

Overview CacheGuard OS v5.7.7 does not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery CSRF vulnerability. Description CWE-352: Cross-Site Request Forgery CSRF CacheGuard OS v5.7.7 does not sufficiently verify wheth...

6.8CVSS6.6AI score0.01238EPSS
Exploits1References2
CERT
CERT
added 2014/09/08 12:0 a.m.46 views

Netgear ProSafe Plus Configuration Utility writes out plaintext passwords to backup configuration files

Overview The Netgear ProSafe Plus Configuration Utility exposes password information via the configuration backup file. Description CWE-200- Information Exposure The Netgear ProSafe Plus Configuration Utility provides a feature to back up switch configuration. In the backup file, the device...

3.3CVSS6.3AI score0.00755EPSS
Exploits1References2
CERT
CERT
added 2014/09/04 12:0 a.m.48 views

Netmaster cable modem information leakage vulnerability

Overview The Netmaster CBW700N wireless cable modem enables remote SNMP public access by default Description CWE-200- Information Exposure The Netmaster CBW700N wireless cable modem running software version 81.447.392110.729.024 was found to expose sensitive information such as username, password...

5CVSS8.2AI score0.17133EPSS
Exploits3References3
CERT
CERT
added 2014/09/04 12:0 a.m.46 views

Arris Touchstone cable modem information leakage vulnerabiliity

Overview Arris Touchstone DG950A cable modem enables SNMP public access by default. Description CWE-200- Information Exposure The Arris Touchstone DG950A cable modem running software version 7.10.131 was found to expose sensitive information such as passwords, ssids, and wifi keys via the SNMP...

5CVSS8.3AI score0.17133EPSS
Exploits3References3
CERT
CERT
added 2014/09/03 12:0 a.m.31 views

Multiple Android applications fail to properly validate SSL certificates

Overview Multiple Android applications fail to properly validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle MITM attack. Description When communicating via HTTPS, an application should validate the SSL chain to be sure that the...

7.1AI score
Exploits0References9
CERT
CERT
added 2014/08/07 12:0 a.m.30 views

Iridium Pilot and OpenPort contain multiple vulnerabilities

Overview Broadband satellite terminals using Iridium Pilot and OpenPort have been found to contain undocumented hardcoded login credentials CWE-798. Additionally, these broadband satellite terminals utilize an insecure proprietary communications protocol that allows unauthenticated users to perfo...

9.3CVSS8AI score0.03653EPSS
Exploits0References2
CERT
CERT
added 2014/08/07 12:0 a.m.42 views

Cobham Aviator satellite terminals contain multiple vulnerabilities

Overview Cobham Aviator 700D and 700E satellite terminals contain multiple vulnerabilities. Description Cobham Aviator 700D and 700E satellite communication terminals contain the following vulnerabilities:CWE-327:Use of a Broken or Risky Cryptographic Algorithm - CVE-2014-2942 Please note that th...

7.2CVSS6.8AI score0.00486EPSS
Exploits0References3
CERT
CERT
added 2014/08/07 12:0 a.m.48 views

Cobham thraneLINK improper verification of firmware updates vulnerability

Overview Cobham's thraneLINK protocol does not verify cryptographic signatures for firmware updates before installing them. This may allow an attacker to deploy a malicious firmware update to the device. Description CWE-347: Improper Verification of Cryptographic Signature IOActive reports that...

9.3CVSS7.4AI score0.02762EPSS
Exploits0References4
CERT
CERT
added 2014/08/07 12:0 a.m.42 views

Cobham SATCOM products' web interface contains a weak password recovery vulnerability

Overview Some Cobham products have a web interface that contains a weak password recovery mechanism for the administrator account. Description CWE-640: Weak Password Recovery Mechanism for Forgotten Password IOActive has reported that Cobham SAILOR 900 VSAT, SAILOR FleetBroadBand 150/250/500,...

7.8CVSS6.9AI score0.01882EPSS
Exploits0References6
CERT
CERT
added 2014/08/07 12:0 a.m.65 views

UEFI EDK2 Capsule Update vulnerabilities

Overview The EDK2 UEFI reference implementation contains multiple vulnerabilities in the Capsule Update mechanism. Description The open source EDK2 project provides a reference implementation of the Unified Extensible Firmware Interface UEFI. Researchers at The MITRE Corporation have discovered...

7.2CVSS7.5AI score0.00587EPSS
Exploits0References3
CERT
CERT
added 2014/08/07 12:0 a.m.28 views

Cobham Sailor 6000 series satellite terminal contain hardcoded credentials

Overview Cobham Sailor 6000 series satellite terminals contain hardcoded credentials for communicating via the Tbus 2 protocol. Description Note: this is a different vulnerability from VU460687CWE-798: Use of Hard-coded Credentials IOActive reports that Cobham Sailor 6000 series satellite...

7.1CVSS7.3AI score0.01971EPSS
Exploits0References2
CERT
CERT
added 2014/08/07 12:0 a.m.30 views

Cobham Sailor satellite terminals contain hardcoded credentials

Overview Cobham Sailor 900 and 6000 series satellite terminals contain hardcoded credentials. Description CWE-798: Use of Hard-coded Credentials IOActive reports that Cobham Sailor 900 and 6000 series satellite communication terminals running firmware version: 1.08 MFHF / 2.11 VHF contain hardcod...

10CVSS6.9AI score0.02215EPSS
Exploits0References2
CERT
CERT
added 2014/08/04 12:0 a.m.38 views

Symantec Endpoint Protection Client contains a kernel pool overflow vulnerability

Overview Symantec Endpoint Protection Client 11.x and 12.x contains a kernel pool overflow vulnerability. Description CWE-788: Access of Memory Location After End of Buffer An attacker logged into a Windows XP, Vista, 7, or 8 system as an unprivileged user is able to cause a kernel pool overflow ...

6.9CVSS6.2AI score0.01628EPSS
Exploits3References4
CERT
CERT
added 2014/07/28 12:0 a.m.40 views

Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting

Overview Silver Peak VX version 6.2.2.047968 is vulnerable to cross-site request forgery and cross-site scripting. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2014-2974Silver Peak VX version 6.2.2.047968 contains a cross-site request forgery vulnerability in /php/useraccount.php...

6.8CVSS7.8AI score0.01681EPSS
Exploits0References3
CERT
CERT
added 2014/07/25 12:0 a.m.43 views

Sabre AirCentre Crew solutions contain a SQL injection vulnerability

Overview Sabre AirCentre Crew solutions version 2010.2.12.20008 and earlier contain an SQL injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' Sabre AirCentre Crew solutions version 2010.2.12.20008 and earlier are...

7.5CVSS8.3AI score0.01309EPSS
Exploits0References2
CERT
CERT
added 2014/07/24 12:0 a.m.25 views

BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow

Overview BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow Description CWE-121-Stack-based Buffer Overflow BulletProof FTP Client 2010 does not check the length of the host parameter set in the quick connect bar. A long host value causes a stack-based buffer overflow,...

6.9AI score
Exploits17References4
CERT
CERT
added 2014/07/24 12:0 a.m.64 views

TestRail cross-site scripting vulnerability

Overview TestRail version 3.1.1.3130 contains a cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Gurock Software TestRail version 3.1.1.3130 contains a stored cross-site scripting vulnerability. The Created ...

4.3CVSS6.6AI score0.01673EPSS
Exploits0References3
CERT
CERT
added 2014/07/23 12:0 a.m.20 views

Resin Pro improperly performs Unicode transformations

Overview Resin Pro 4.0.39 and possibly earlier versions improperly performs Unicode transformations. Description CWE-20:Improper Input Validation Resin Pro 4.0.39 and possibly earlier versions perform incorrect Unicode transformations on output to HTTP responses for ISO-8859-1. This allows an...

5CVSS6.2AI score0.01665EPSS
Exploits0References2
CERT
CERT
added 2014/07/21 12:0 a.m.32 views

Huawei E355 contains a stored cross-site scripting vulnerability

Overview The Huawei E355 built-in web interface contains a stored cross-site scripting vulnerability. Description Huawei E355 wireless broadband modems include a web interface for administration and additional services. The web interface allows users to receive SMS messages using the connected...

4.3CVSS5.9AI score0.00798EPSS
Exploits0References2
CERT
CERT
added 2014/07/21 12:0 a.m.32 views

MicroPact iComplaints cross-site scripting vulnerability

Overview MicroPact iComplaints contains a persistent cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' MicroPact iComplaints contains a persistent cross-site scripting vulnerability. The AddStdLetter.jsp file...

3.5CVSS6.5AI score0.00912EPSS
Exploits0References1
CERT
CERT
added 2014/07/14 12:0 a.m.20 views

Kaseya's agent driver contains NULL pointer dereference

Overview Kaseya's agent driver, kapfa.sys, is vulnerable to a NULL pointer dereference. Description CWE-476: NULL Pointer Dereference Kaseya's agent driver, kapfa.sys, is vulnerable to a NULL pointer dereference. --- Impact A local authenticated attacker may be able to cause a denial-of-service...

1.7CVSS6.7AI score0.0033EPSS
Exploits0References2
CERT
CERT
added 2014/07/11 12:0 a.m.38 views

Datum Systems satellite modem devices contain multiple vulnerabilities

Overview Datum Systems PSM-4500 and PSM-500 series satellite modem devices contain multiple vulnerabilities Description CWE-220:Sensitive Data Under FTP Root - CVE-2014-2950The Datum Systems SnIP operating system on PSM-4500 and PSM-500 satellite modem devices has FTP enabled by default with no...

10CVSS7.1AI score0.02294EPSS
Exploits0References3
Total number of security vulnerabilities3702