Lucene search
K

3702 matches found

CERT
CERT
added 2011/07/13 12:0 a.m.72 views

Brocade BigIron RX switch ACL bypass vulnerability

Overview Brocade BigIron RX switch devices are susceptible to an access control list ACL bypass vulnerability by sending packets with the source port 179. Description Brocade BigIron RX switch devices do not properly restricted packets sent with a source port of 179. Port 179 is commonly used for...

7.3AI score
Exploits0References1
CERT
CERT
added 2011/07/07 12:0 a.m.38 views

libpng invalid sCAL chunk processing vulnerability

Overview libpng reads uninitialized memory when processing invalid sCAL chunks. Description When libpng encounters a sCAL chunk that is empty it will read uninitialized memory. libpng also does not properly handle a sCAL chunk that lacks the terminating zero between the two strings...

8.8CVSS8.5AI score0.04227EPSS
Exploits1References2
CERT
CERT
added 2011/07/05 12:0 a.m.49 views

ISC BIND 9 RPZ zone named denial-of-service vulnerability

Overview ISC BIND 9 contains a remote crashing vulnerability when running with certain RPZ configurations. Description According to ISC:A defect in the affected versions of BIND could cause the "named" process to exit when queried, if the server has recursion enabled and was configured with an RP...

2.6CVSS6AI score0.0888EPSS
Exploits1References2
CERT
CERT
added 2011/07/05 12:0 a.m.132 views

ISC BIND 9 named denial of service vulnerability

Overview ISC BIND 9 contains a remote packet denial of service vulnerability when running as an authoritative or recursive server. Description According to ISC:A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packe...

5CVSS8.4AI score0.19265EPSS
Exploits1References1
CERT
CERT
added 2011/06/27 12:0 a.m.17 views

Parodia blind SQL injection vulnerability

Overview The Parodia job board software is vulnerable to a blind SQL injection vulnerability. Parodia 6.8 and earlier versions are reported to be affected. Description Parodia is an ASP based job board application used for recruitment web sites. The Parodia software fails to properly sanitize SQL...

7.9AI score
Exploits0References1
CERT
CERT
added 2011/06/27 12:0 a.m.25 views

ManageEngine ServiceDesk directory traversal vulnerability

Overview ManageEngine ServiceDesk contains a directory traversal vulnerability which may allow a remote, unauthenticated attacker to obtain sensitive information. Description ManageEngine ServiceDesk Plus 8.0, and possibly prior versions, contains a directory traversal vulnerability in the...

7.2AI score
Exploits0References1
CERT
CERT
added 2011/06/22 12:0 a.m.41 views

LibreOffice 3.3 'Lotus Word Pro' document import filter contains multiple vulnerabilities

Overview LibreOffice 3.3.2 includes a feature to import 'Lotus Word Pro' .lwp documents. This import filter contains multiple vulnerabilities. CERT/CC has confirmed that code execution is possible by exploiting a stack buffer overflow. Description LibreOffice 3.3.2, 3.3.1, and possibly earlier...

9.3CVSS7.1AI score0.07042EPSS
Exploits0References4
CERT
CERT
added 2011/06/15 12:0 a.m.48 views

Adobe Reader and Acrobat font memory corruption vulnerability

Overview Adobe Reader and Acrobat fail to properly handle font data, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description A critical vulnerability exists in the font parsing code in Adobe Reader and Acrobat. The vulnerability results i...

9.3CVSS7AI score0.0365EPSS
Exploits0References5
CERT
CERT
added 2011/06/07 12:0 a.m.22 views

Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers

Overview Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description Autonomy Keyview IDOL is a set of libraries that can decode over 1,000 different file formats. The...

8.9AI score
Exploits0References3
CERT
CERT
added 2011/06/07 12:0 a.m.48 views

Cisco AnyConnect SSL VPN arbitrary code execution

Overview The Cisco AnyConnect SSL VPN ActiveX and Java clients contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Cisco AnyConnect is an SSL VPN solution that is commonly initiated through use of a web browser...

6.7AI score
Exploits0References3
CERT
CERT
added 2011/06/02 12:0 a.m.33 views

RSLinx Classic EDS Wizard buffer overflow vulnerability

Overview Rockwell Automation RSLinx Classic EDS Hardware Installation Tool contains a buffer overflow vulnerability. Description According to Rockwell Automation's website: RSLinx Classic provides plant-floor device connectivity for a wide variety of Rockwell Software applications such as RSLogix...

9.3CVSS7AI score0.07588EPSS
Exploits0References4
CERT
CERT
added 2011/05/31 12:0 a.m.18 views

HP LoadRunner buffer overflow vulnerability

Overview HP LoadRunner contains a buffer overflow vulnerability when parsing Virtual User script files. Description According to HP's website: HP LoadRunner software is the industry standard for performance validation. It allows you to prevent application performance problems by detecting...

7.7AI score
Exploits0References1
CERT
CERT
added 2011/05/31 12:0 a.m.45 views

Anymacro Mail System G4X email server web interface directory traversal vulnerability

Overview Anymacro Mail System G4X email server web interface contains a directory traversal vulnerability. Description According to Anymacro's website: Anymacro Mail System is a professional e-mail and unified messaging product solution. Anymacro Mail System can be used for an e-mail platform for...

7AI score
Exploits0References1
CERT
CERT
added 2011/05/31 12:0 a.m.38 views

Imperva SecureSphere management GUI contains an XSS vulnerability

Overview An XSS vulnerability exists in the Imperva SecureSphere management GUI. Description Dell SecureWorks' SWRX-2011-001 advisory states:"A vulnerability exists in Imperva SecureSphere due to improper validation of user-controlled input. User-controllable input is not properly sanitized for...

4.3CVSS5.9AI score0.01248EPSS
Exploits0References3
CERT
CERT
added 2011/05/27 12:0 a.m.136 views

ISC BIND named negative caching vulnerability

Overview ISC BIND contains a vulnerability in the processing of large RRSIG RRsets included in a negative cache response. Description According to ISC:DNS systems use negative caching to improve DNS response time. This will keep a DNS resolver from repeatedly looking up domains that do not exist...

5CVSS8.5AI score0.24638EPSS
Exploits1References1
CERT
CERT
added 2011/05/25 12:0 a.m.41 views

Erlang/OTP SSH library uses a weak random number generator

Overview The Erlang/OTP SSH library's random number generator is not cryptographically strong because it relies on predictable seed material. Description Geoff Cant's report states:The Erlang/OTP ssh library implements a number of cryptographic operations that depend on cryptographically strong...

7.8CVSS7.3AI score0.03046EPSS
Exploits1References3
CERT
CERT
added 2011/05/25 12:0 a.m.20 views

Unbound DNS resolver denial of service vulnerability

Overview A specially crafted DNS query may cause Unbound to respond with an empty UDP packet which triggers an assertion failure and stops the daemon. Description NLnetLabs advisory states:"Certain types of DNS queries may cause Unbound to respond with a DNS error message. The code generating thi...

4.3CVSS6.3AI score0.07085EPSS
Exploits1References3
CERT
CERT
added 2011/05/18 12:0 a.m.27 views

SmarterTools default basic web server vulnerabilities

Overview Multiple SmarterTools applications install a default basic web server which contains multiple vulnerabilities Description Multiple SmarterTools applications by default install a basic web server which allows administrators to start using the application immediately after installation. Th...

7.2AI score
Exploits0References4
CERT
CERT
added 2011/05/17 12:0 a.m.61 views

OpenSSL leaks ECDSA private key through a remote timing attack

Overview The OpenSSL ladder implementation for scalar multiplication of points on elliptic curves over binary fields is susceptible to a timing attack vulnerability. This vulnerability can be used to steal the private key of a TLS server that authenticates with ECDSA signatures and binary curves...

2.6CVSS6AI score0.0343EPSS
Exploits1References2
CERT
CERT
added 2011/05/11 12:0 a.m.131 views

Postfix SMTP server Cyrus SASL support contains a memory corruption vulnerability

Overview The Postfix SMTP server has a memory corruption error when the Cyrus SASL library is used with authentication mechanisms other than PLAIN and LOGIN. Description The Postfix Advisory for CVE-2011-1720 states:"The Postfix SMTP server fails to create a new Cyrus SASL server handle after...

6.8CVSS10AI score0.21646EPSS
Exploits1References3
CERT
CERT
added 2011/05/06 12:0 a.m.38 views

Samsung Data Management Server vulnerable to SQL injection

Overview The Samsung Integrated Management System DMS is used to manage several air conditioning units. The DMS contains a built-in web server that is susceptible to SQL injection attacks. Description The DMS application's authentication form can be bypassed with SQL injection attacks. Versions...

7.5CVSS7.4AI score0.01779EPSS
Exploits0References6
CERT
CERT
added 2011/05/02 12:0 a.m.20 views

Proofpoint Protection Server contains multiple vulnerabilities

Overview Proofpoint Protection Server contains multiple vulnerabilities including authentication bypass, insufficient authorization checks, command injection, SQL injection, and directory traversal. Description Clear Skies Security's advisory states:"Enduser Authentication Bypass User-level acces...

8.3AI score
Exploits0References2
CERT
CERT
added 2011/04/19 12:0 a.m.43 views

Oracle Outside In contains exploitable vulnerabilities in Lotus 123 and Microsoft CAB file parsers

Overview Oracle Outside In contains exploitable vulnerabilities in Lotus 123 and Microsoft CAB file parsers, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of libraries that can decode over 500 different...

7.3AI score
Exploits0References8
CERT
CERT
added 2011/04/18 12:0 a.m.32 views

Wireshark DECT dissector vulnerability

Overview Wireshark's DECT dissector contains a remote code execution vulnerability in the context of the user running a packet capture or reading a packet capture file. Description Paul Makowski's report states:/epan/dissectors/packet-dect.c contains a stack-based buffer overflow via a call to...

9.3CVSS8AI score0.41744EPSS
Exploits18References4
CERT
CERT
added 2011/04/12 12:0 a.m.101 views

Adobe Flash Player contains unspecified code execution vulnerability

Overview Adobe Flash contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The following versions of Adobe Flash versions contain an unspecified vulnerability that can result in memory corruption: Adobe Flash Playe...

9.3CVSS8.6AI score0.9941EPSS
Exploits14References5
CERT
CERT
added 2011/04/05 12:0 a.m.40 views

NetGear WNAP210 remote password disclosure and password bypass vulnerability

Overview NetGear WNAP210 is vulnerable to remote administrator password disclosure and administrative web page login bypass. Description Netgear's ProSafe Wireless-N Access Point WNAP210 contains a vulnerability which may allow a remote unauthenticated attacker to recover the device's administrat...

7.2AI score
Exploits0References2
CERT
CERT
added 2011/04/05 12:0 a.m.42 views

Oracle Solaris 10 password hashes leaked through back-out patch files

Overview Oracle Solaris 10 back-out patch files undo.Z contain password hashes which may be readable by unprivileged users. Description The root password hash along with other users' password hashes may be contained in the back-out patch files. In some instances, these files may be readable by...

2.1CVSS5.8AI score0.00381EPSS
Exploits1
CERT
CERT
added 2011/04/05 12:0 a.m.24 views

Dell Kace K2000 Appliance unauthenticated access and information disclosure vulnerability

Overview Dell KACE K2000 Systems Deployment Appliance contains a hidden CIFS share that allows anonymous access. Description According to Dell KACE's knowledge base article: "The Dell KACE K2000 Systems Deployment Appliance version 3.3.36822 and earlier uses a read-only CIFS fileshare named...

7.5AI score
Exploits0References1
CERT
CERT
added 2011/04/05 12:0 a.m.99 views

ISC dhclient vulnerability

Overview The ISC dhclient contains a vulnerability that could allow a remote attacker to execute arbitrary code on the client machine. Description According to ISC:ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server like hostname before passing the...

7.5CVSS6.9AI score0.84292EPSS
Exploits6References1
CERT
CERT
added 2011/04/04 12:0 a.m.25 views

pWhois Layer Four Traceroute 3.x vulnerability

Overview Given a specific set of command line arguments, Layer Four Traceroute lft will produce a segmentation fault leading to a possible privilege escalation vulnerability. Description pWhois Layer Four Traceroute 3.x contains a vulnerability when parsing command line arguments. Earlier version...

7.2CVSS6.2AI score0.00388EPSS
Exploits0References1
CERT
CERT
added 2011/04/01 12:0 a.m.28 views

IPComp encapsulation nested payload vulnerability

Overview Some IPComp implementations may contain a kernel memory corruption vulnerability in their handling of nested encapsulation of IPComp payloads. Description RFC 3173 defines the IP Payload Compression Protocol IPComp as:IP payload compression is a protocol to reduce the size of IP datagram...

6.8CVSS7.8AI score0.05077EPSS
Exploits4References2
CERT
CERT
added 2011/03/21 12:0 a.m.38 views

OpenSLP denial of service vulnerability

Overview OpenSLP contains a vulnerability in the handling of packets containing malformed extensions, which can result in a denial-of-service condition. Description Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover...

5CVSS7.6AI score0.17223EPSS
Exploits1References3
CERT
CERT
added 2011/03/21 12:0 a.m.32 views

Foolabs Xpdf contains a denial of service vulnerability

Overview Foolabs Xpdf contains a denial of service vulnerability caused by the t1lib library incorrectly parsing Type 1 fonts. Description According to Foolabs: Xpdf is an open source viewer for Portable Document Format PDF files. These are sometimes also called 'Acrobat' files, from the name of...

6.8CVSS7.1AI score0.13055EPSS
Exploits0References1
CERT
CERT
added 2011/03/15 12:0 a.m.50 views

Adobe Flash Player contains unspecified code execution vulnerability

Overview Adobe Flash contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The following versions of Adobe Flash versions contain an unspecified vulnerability that can result in memory corruption: Adobe Flash Playe...

9.3CVSS7.8AI score0.66821EPSS
Exploits8References5
CERT
CERT
added 2011/03/15 12:0 a.m.29 views

MIT KDC vulnerable to double-free when PKINIT enabled

Overview The KDC in releases krb5-1.7 and later are vulnerable to a double-free vulnerability if they are configured to respond to PKINIT requests. Description The MIT krb5 Security Advisory 2011-003 states:"The MIT Kerberos 5 Key Distribution Center KDC daemon is vulnerable to a double-free...

7.6CVSS6.4AI score0.08267EPSS
Exploits0References3
CERT
CERT
added 2011/03/07 12:0 a.m.249 views

STARTTLS plaintext command injection vulnerability

Overview Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. Description STARTTLS is an extension to plaintext communication protocols that offers a way to upgrade a plaintext connection to an encrypted TLS or SSL connection...

6.8CVSS8.7AI score0.16334EPSS
Exploits1References3
CERT
CERT
added 2011/03/02 12:0 a.m.14 views

Wireshark 6LoWPAN denial of service vulnerability

Overview Wireshark will crash on 32-bit systems while reading a malformed 6LoWPAN packet. Description Paul Makowski's report states:dissect6lowpaniphcin /epan/dissectors/packet-6lowpan.c trusts user supplied data when incrementing 'offset '. It is possible for the user to increment 'offset ' to a...

7.3AI score
Exploits0References4
CERT
CERT
added 2011/02/23 12:0 a.m.15 views

Mutare Software Enabled VoiceMail (EVM) system web interface cross-site request forgery vulnerabilities

Overview The Mutare Software Enabled VoiceMail EVM system web interface is susceptible to cross-site request forgery and cross-site scripting attacks. Description The Mutare Software Enabled VoiceMail EVM system web interface allows the user to change their Enabled VoiceMail EVM PIN, delete their...

6.6AI score
Exploits0
CERT
CERT
added 2011/02/23 12:0 a.m.15 views

IBM WebSphere Portal Server input validation vulnerability

Overview IBM WebSphere Portal Server does not validate entry path inputted data. Description From the IBM Portal website: "IBM WebSphere Portal software provides a composite application or business mashup framework and the advanced tooling needed to build flexible, SOA-based solutions, as well as...

6.8AI score
Exploits0References2
CERT
CERT
added 2011/02/22 12:0 a.m.31 views

ISC Bind 9 IXFR or DDNS update combined with high query rate DoS vulnerability

Overview A denial-of-service condition exists in certain cases when an ISC Bind server processes a IXFR transfer or dynamic update. Description The ISC security advisory states:"When an authoritative server processes a successful IXFR transfer or a dynamic update, there is a small window of time...

7.1CVSS8.5AI score0.13598EPSS
Exploits1References1
CERT
CERT
added 2011/02/18 12:0 a.m.35 views

PivotX password reset vulnerability

Overview The PivotX web content management system 2.2.3 and earlier is affected by a password reset vulnerability. Description PivotX contains a vulnerability that allows an attacker to change the password of any account just by guessing the username. Version 2.2.4 has been reported to not be...

7.5CVSS6.5AI score0.04019EPSS
Exploits0References3
CERT
CERT
added 2011/02/16 12:0 a.m.43 views

Microsoft Windows browser election message kernel pool overflow

Overview A vulnerability exists in the way the Microsoft Windows browser service handles Browser Election messages. Description From Description of the Microsoft Computer Browser Service:"The browser service maintains a list of the domain name or workgroup name the computer is in, and the protoco...

7.8AI score
Exploits0References4
CERT
CERT
added 2011/02/11 12:0 a.m.31 views

Adobe Shockwave 11.5.9.615 contains multiple memory corruption vulnerabilities

Overview Adobe Shockwave Player 11.5.9.615 and earlier versions on the Windows and Macintosh operating systems contain critical vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Macromedia Shockwave Player is...

6.9AI score
Exploits0References1
CERT
CERT
added 2011/02/10 12:0 a.m.43 views

Adobe Flash memory corruption vulnerability

Overview Adobe Flash contains an memory corruption vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code. Description Adobe Flash versions 10.1.102.64 and earlier contain a vulnerability that can result in memory corruption, which can allow arbitrary code...

8.9AI score
Exploits0References3
CERT
CERT
added 2011/02/04 12:0 a.m.88 views

Majordomo 2 _list_file_get() directory traversal vulnerability

Overview Majordomo 2 contains a directory traversal vulnerability in the listfilegetfunction, which may allow a remote, unauthenticated attacker to obtain sensitive information. Description Majordomo 2 contains a directory traversal vulnerability in the listfilegetfunction lib/Majordomo.pm caused...

5CVSS9.1AI score0.95388EPSS
Exploits10References3
CERT
CERT
added 2011/02/03 12:0 a.m.28 views

SCADA Engine BACnet OPC Client buffer overflow vulnerability

Overview SCADA Engine BACnet OPC Client contains a buffer overflow when parsing .csv files. This vulnerability may allow an attacker to execute arbitrary code. Description According to SCADA Engine website: "The SCADA Engine BACnet OPC Server is a server that provides data access DA, Alarms and...

7.9AI score
Exploits0References5
CERT
CERT
added 2011/02/03 12:0 a.m.25 views

MOXA Device Manager MDM Tool buffer overflow

Overview The MOXA Device Manager MDM Tool contains a stack-based buffer overflow. Description The MOXA Device Manager consists of an MDM Tool, which allows local users to connect to a remote MDM Gateway to monitor and manage embedded computers installed with MDM Agent software. MOXA Device Manage...

7.9AI score
Exploits0References3
CERT
CERT
added 2011/02/03 12:0 a.m.19 views

Sielco Sistemi Winlog server stack overflow

Overview Sielco Sistemi Winlog TCP/IP server contains a stack overflow vulnerability Description According to Sielco Sistemi's website: "Winlog is a software package for SCADA/HMI applications with web support, OPC client and a wide library of communication drivers and protocols for most PLCs...

9.3CVSS7.4AI score0.40462EPSS
Exploits5References4
CERT
CERT
added 2011/02/03 12:0 a.m.27 views

IntelliCom NetBiter NB100 and NB200 platforms contain multiple vulnerabilities

Overview IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. Description IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. A user who has been authenticated at the superadmin level highest...

7.4AI score
Exploits0References3
CERT
CERT
added 2011/02/03 12:0 a.m.89 views

Automated Solutions Modbus/TCP Master OPC server Modbus TCP header vulnerability

Overview Automated Solutions OPC Server contains a heap corruption vulnerability in the Modbus/TCP Master OPC server. Description Automated Solutions Modbus/TCP Master OPC Server contains a heap corruption vulnerability. The server is vulnerable to an attacker writing an arbitrary number of doubl...

7.6CVSS7.2AI score0.16195EPSS
Exploits1References2
Total number of security vulnerabilities3702