13538 matches found
Borland Software InterBase ibserver.exe Service Attach Request Buffer Overflow (CVE-2008-1910)
A buffer overflow vulnerability has been reported in Borland InterBase Server...
Belkin Linksys Multiple Products Directory Traversal Vulnerability
A directory traversal vulnerability has been reported in multiple Belkin Linksys routers...
Adobe Reader And Acrobat PDF Memory Corruption (CVE-2009-1859)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to insufficient boundary check when parsing the COD tag of an embedded JP2 file. A remote attacker can exploit this weakness by enticing the host to open a specially crafted PDF file with an...
GNOME Vino VNC Server Denial of Service (CVE-2013-5745)
A denial of service vulnerability exists in GNOME Vino VNC Server. The vulnerability is caused by an infinite loop error in the rfbProcessClientMessage function in rfbserver.c.The vulnerability is due to improper handling of input which results in a loop with an unreachable exit condition.A remot...
Microsoft Graphics Device Interface Integer Overflow (MS13-089; CVE-2013-3901)
A remote code execution vulnerability has been reported in the Windows Graphics Device Interface GDI...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3912)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3910)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Windows InformationCardSigninHelper Class ActiveX Control Code Execution (MS13-090; CVE-2013-3918)
A remote code execution vulnerability exists in the InformationCardSigninHelper Class ActiveX control, icardie.dll...
Supermicro Onboard IPMI Static SSL Certificate Scanner Information Disclosure (CVE-2013-3619)
An SSL keys handling flaw has been reported in Supermicro IPMI firmware...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3871)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
ARC PcVue ActiveX Control SCADA Remote Code Execution (CVE-2011-4042; CVE-2011-4043 ; CVE-2011-4044; CVE-2011-4045)
A buffer overflow vulnerability has been reported in SCADA ARC PcVue...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3916)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3911)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...
Microsoft Word WPD Remote Code Execution (MS13-091; CVE-2013-1324; CVE-2013-1325)
A remote code execution vulnerability exists in the way that affected Microsoft Office software parses WordPerfect files. The vulnerability is caused when Microsoft Office does not properly process a specially crafted WordPerfect file. Exploitation of this vulnerability requires a user to open a...
Supermicro Onboard IPMI Authenticated Directory Traversal
A directory traversal vulnerability has been reported in Supermicro Onboard IPMI. The vulnerability is due to lack of sanitization of the URL parameters. A remote attacker could exploit this vulnerability by sending a crafted request to an affected server. Successful exploitation may allow an...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3915)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Oracle Outside In OS 2 Metafile Parser stack buffer overflow (CVE-2013-5763; CVE-2013-5879)
A stack buffer overflow vulnerability exists in Oracle Outside-In, a set of libraries used to decode many file formats. The vulnerability is due to a boundary error while processing OS/2 Metafiles. Oracle Outside-In is embedded in many enterprise applications. This vulnerability can be exploited ...
Microsoft Outlook MIME Email Message Parsing Remote Code Execution (MS13-068; CVE-2013-3870; CVE-2013-3905)
A remote code execution vulnerability exists in Microsoft Office Outlook email client...
Microsoft Internet Explorer Information Disclosure (MS13-088: CVE-2013-3908)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer...
Supermicro IPMI Firmware CGI Scanner Remote Code Execution (CVE-2013-3621; CVE-2013-3623)
A buffer overflow vulnerability has been reported in the Supermicro IPMI Firmware. A remote attacker may exploit this issue by sending specially crafted messages to the target server. Exploitation of these vulnerabilities may result in remote code execution as the root user account...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3914)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Internet Explorer Memory Corruption (MS13-088: CVE-2013-3917)
A remote code execution vulnerability has been reported in Internet Explorer...
Apache Tomcat Chunked Transfer Denial of Service - Ver 2 (CVE-2012-3544)
A denial of service vulnerability has been identified in Apache Tomcat as it processes Chunked-Transfer encoded requests. The error is caused by Tomcat not discarding any extensions included in very long Chunked-transfer requests, even if they were not processed. A remote attacker could exploit...
Belkin Linksys E1500/E2500 Remote Command Execution
A remote command execution vulnerability exists in multiple Belkin Linksys routers. The vulnerability is due to improper input validation in the router's Web interface. A remote attacker could exploit this vulnerability by sending a malicious HTTP request to the victim. Successful exploitation of...
Microsoft Office Embedded TIFF Image Remote Code Execution (CVE-2013-3906)
A remote code execution vulnerability has been reported in a graphic rendering library used by Microsoft Office products...
Horde Groupware Webmail Edition Ingo Filter Cross-Site Request Forgery (CVE-2013-6275)
A Cross-Site Request Forgery CSRF vulnerability has been reported in Horde Groupware Webmail Edition. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by convincing the user to follow a malicious link or visit an attacker...
Double Executable File Extension Arbitrary File Execution
Certain malicious executable files can be hidden using double extension filenames...
Titan FTP Administrative Password Disclosure
A password disclosure vulnerability has been reported in Titan FTP Server Administrator...
Corel PDF Fusion XPS Stack Buffer Overflow (CVE-2013-3248)
A code execution vulnerability exists in Corel PDF Fusion...
IBM iNotes ActiveX Control Integer Overflow (CVE-2013-3027)
A buffer overflow vulnerability has been reported in IBM iNotes...
GE Intelligent Platforms Proficy SCADA Substitute.bcl Directory Traversal (CVE-2013-0653)
A directory traversal vulnerability has been reported in GE Intelligent Platforms Proficy...
HP Intelligent Management Center BIMS UploadServlet Arbitrary File Upload (CVE-2013-4822)
A code execution vulnerability exists in the Branch Intelligent Management Software BIMS module of Intelligent Management Center...
WikkaWiki Spam Logging PHP Injection (CVE-2011-4449)
A code execution vulnerability has been reported in WikkaWiki version 1.3.2...
Belkin Linksys WRT110 Remote Command Execution (CVE-2013-3568)
A remote command execution vulnerability has been reported in Belkin Linksys WRT110 firmware. The vulnerability is due to the Web interface's failure to sanitize ping targets as well as a lack of CSRF tokens. A remote attacker could exploit this vulnerability by sending a malicious HTTP request t...
HP ProCurve Manager SNAC UpdateCertificatesServlet Code Execution (CVE-2013-4812)
A remote code execution vulnerability has been reported in HP ProCurve Manager SNAC...
Apache Web Server Darkleech Landing Page Stage Code Execution
A website redirection vulnerability has been reported in Apache web servers.Remote attackers can use Darkleech landing page hosted on Apache web server to redirect victims to a malicious URL. Successful redirection will allow the attacker to download malware to the target...
OpenX Ad Server Backdoor PHP Code Execution (CVE-2013-4211)
A Code Execution vulnerability has been reported in OpenX Ad Server. The vulnerability is due to the existence of a backdoor within the flowplayer-3.1.1.min.js library. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could...
Egg Hunting Staged Shellcode High Ports Remote Code Execution
Egg Hunting is a staged shellcode technique. A remote attacker can use Egg Hunting to cause a stack-based overflow on the target. Successful implementation will allow attackers to execute shellcode on a remote machine...
Siemens Simatic SCADA WINCC SQL Insecure Default Credentials Security Bypass (CVE-2010-2772)
A security bypass vulnerability has been reported in Siemens SIMATIC WinCC server. A remote attacker can exploit this issue by using the default hard-coded password to bypass certain security restrictions and gain access to the application's database...
Egg Hunting Staged Shellcode Remote Code Execution
Egg Hunting is a staged shellcode technique. A remote attacker can use Egg Hunting to cause a stack-based overflow on the target. Successful implementation will allow attackers to execute shellcode on a remote machine...
Log1 CMS writeInfo() PHP Code Injection (CVE-2011-4825)
A PHP code injection vulnerability has been reported in the "Ajax File and Image Manager" component in log1 CMS. A remote attacker could inject arbitrary PHP code into data.php via crafted parameters...
Samba smbd read_nttrans_ea_list Infinite Allocation Loop Denial of Service (CVE-2013-4124)
A memory exhaustion vulnerability has been reported in Samba server...
BlackHole Toolkit v2 EXE Payload Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
ImageMagick GIF Comment Processing Off-by-one Buffer Overflow (CVE-2013-4298)
An off-by-one vulnerability has been reported in ImageMagick's GIF handling library...
HP LoadRunner micWebAjax.dll ActiveX Control Stack Buffer Overflow (CVE-2013-2368)
A stack buffer overflow vulnerability has been reported in HP LoadRunner...
HP LoadRunner magentproc.exe Stack Buffer Overflow (CVE-2013-4800)
A stack buffer overflow vulnerability has been detected in HP LoadRunner. The vulnerability is due to insufficient validation of a length value in SSL communication with the magentproc.exe. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to...
HP Data Protector CRS Opcode 1091 Stack Buffer Overflow (CVE-2013-2334)
A stack buffer overflow has been reported in HP Data Protector...
BlackHole Toolkit v2 Flash Player Payload Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
Microsoft Internet Explorer EUC-JP Character Encoding Cross Site Scripting (MS13-059; CVE-2013-3192)
A universal cross site scripting vulnerability exists in Microsoft Internet Explorer...
Novell Netware FTP Server DELE Command Stack Buffer Overflow (CVE-2010-4228)
A code execution vulnerability exists in Novell Netware...