13538 matches found
Graphite Web Unsafe Module Handling Code Execution (CVE-2013-5093)
A command injection vulnerability has been reported in Graphite Web...
PineApp Mail-SeCure livelog.html Command Injection
Multiple command Injection vulnerabilities exist in PineApp Mail-SeCure...
SolarWinds Orion Pepco32c ActiveX Control Buffer Overflow
A heap-based buffer overflow vulnerability exists in SolarWinds Orion Server and Application Monitor. The vulnerability is due to insufficient bounds checking specific parameter of the Pepco32c control. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to visit a...
BlackHole Toolkit v2 Adobe Reader Payload Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
SpringSource Spring Framework XML External Entity Information Disclosure (CVE-2013-4152)
An information disclosure vulnerability exists in SpringSource Spring Framework...
MIT Kerberos V5 KDC TCP Handling Denial of Service (CVE-2005-1174)
There exists a heap corruption vulnerability in the MIT Kerberos V5 Key Distribution Center KDC implementation...
BlackHole Toolkit v2 Landing Page Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
OpenSSH maxstartup Threshold Connection Exhaustion Denial of Service - ver 2 (CVE-2010-5107)
A denial of service vulnerability exists in the OpenSSH server daemon sshd. The vulnerability is due to a default configuration that only allows a small number of unauthenticated connections, after which the server will stop accepting any new connections. A remote unauthenticated attacker can...
HP Data Protector CRS Opcode 260 Stack Buffer Overflow (CVE-2013-2332)
A stack buffer overflow has been discovered in HP Data Protector...
Corel PaintShop Pro Insecure Library Loading (CVE-2013-0733)
A code execution vulnerability exists in Corel's PaintShop Pro...
Oracle Java SE XML Digital Signature Spoofing (CVE-2013-2461)
A spoofing vulnerability has been reported in Oracle Java SE...
HP Data Protector CRS Opcode 264 Stack Buffer Overflow (CVE-2013-2327)
A stack buffer overflow has been discovered in HP Data Protector...
Digium Asterisk SIP Invalid SDP Media Descriptions Denial of Service (CVE-2013-5642)
A denial of service vulnerability exists in Asterisk Open Source, Certified Asterisk and Asterisk with Digiumphones...
Digium Asterisk SIP Terminated Channel ACK with SDP Denial of Service (CVE-2013-5641)
A denial of service vulnerability exists in Asterisk Open Source and Certified Asterisk...
BlackHole Toolkit v2 JAVA Payload Stage Code Execution (CVE-2012-0507; CVE-2012-1723; CVE-2013-0422; CVE-2013-0431; CVE-2013-1493)
BlackHole is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with BlackHole by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware to the target...
OpenSSH maxstartup Threshold Connection Exhaustion denial of service (CVE-2010-5107)
A denial of service vulnerability exists in the OpenSSH server daemon sshd. The vulnerability is due to a default configuration that only allows a small number of unauthenticated connections, after which the server will stop accepting any new connections. A remote unauthenticated attacker can...
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload (CVE-2013-3520)
An Arbitrary File Upload vulnerability has been reported in VMware vCenter Chargeback Manager...
HP System Management Homepage iprange Stack Buffer Overflow (CVE-2013-2362)
A stack buffer overflow exists in HP System Management Homepage...
HP ProCurve Manager SNAC UpdateDomainControllerServlet Code Execution (CVE-2013-4811)
A vulnerability has been reported in HP ProCurve Manager SNAC...
HP Intelligent Management Center BIMS bimsDownload Information Disclosure (CVE-2013-4823)
An information disclosure vulnerability has been reported in the BIMS add-in module of HP Intelligent Management Center.The vulnerability is due to lack of authentication and insufficient input validation in the bimsDownload servlet when processing HTTP request parameters. Remote attackers can...
Multiple Products DVR Configuration Disclosure (CVE-2013-1391)
A configuration disclosure vulnerability has been reported in the DVR web server of multiple vendors which allows authentication bypass. A remote attacker could get the unencrypted configuration file by requesting the "/DVR.cfg" without entering credentials. Successful exploitation of this...
PHP Session Serializer Session Data Injection (CVE-2010-3065)
A Session Data Injection vulnerability has been reported in php framework...
PhpMyAdmin Remote Variable Manipulation (CVE-2011-2505)
A remote variable manipulation vulnerability has been reported in PhpMyAdmin...
PhpMyAdmin Sweky Remote Code Injection Exploit (CVE-2011-2506)
A Code Injection vulnerability has been reported in PhpMyAdmin...
TP-Link Wireless Lite N Access Point Directory Traversal (CVE-2012-5687)
A directory traversal vulnerability has been reported in TP-LINK TL-WR841N Wireless Router Web-Based Management. The vulnerability is due to lack of sanitization of the URL paramaters. A remote attacker can exploit this issue by viewing the router configuration and password files...
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution (CVE-2013-4983)
A command injection vulnerability has been reported in Sophos Web Protection Appliance. The vulnerability is due to sblistpack component, reachable from the web interface without authentication. An unauthenticated remote attacker could execute arbitrary OS commands on the Sophos appliance...
Sophos Web Protection Appliance patience.cgi Directory Traversal (CVE-2013-2641)
A directory traversal vulnerability has been reported in Sophos Web Protection Appliance, specifically on the /cgi-bin/patience.cgi component. A remote attacker can exploit this issue by reading arbitary files from the filesystem. These files include configuration files containing sensitive...
Apple IOS and OSX WebKit Engine Denial Of Service
A denial of service vulnerability has been reported in Apple IOS and OSX WebKit engine...
McAfee ePolicy Orchestrator Multiple Cross Site Scripting (CVE-2013-4883)
Multiple cross site scripting vulnerabilities have been reported in McAfee ePolicy Orchestrator...
Microsoft Windows RAS Manager Registry Corruption (CVE-2006-2371)
A buffer overflow vulnerability has been reported in Microsoft Routing and Remote Access Service. The flaw is caused by improper boundary checking of user-supplied data to the Routing and Remote Access service. A remote attacker may leverage this vulnerability by sending a crafted request to the...
Squid HTTP Host Header Port Handling Denial of Service (CVE-2013-4123)
A denial-of-service vulnerability exists in Squid proxy...
Apple Safari Heap Buffer Overflow (CVE-2012-3748)
A remote code execution vulnerability has been reported in Apple Safari...
Joomla Content Editor Malicious User Agent Code Execution
Joomla Content Editor JCE is an extension for Joomla which provides a set of web content editing tools. An attacker may use a malicious user agent to compromise security on systems with JCE installed...
Apple QuickTime MJPEG Frame stsd Atom Heap Overflow (CVE-2013-1020)
A heap overflow vulnerability exists in Apple QuickTime...
HP Data Protector CRS Opcode 1092 Stack Buffer Overflow (CVE-2013-2331)
A stack buffer overflow has been discovered in HP Data Protector...
PHP SdnToJewish Function Integer Overflow (CVE-2013-4635)
A denial of service vulnerability exists in PHP...
Apache Struts XWork Error Page Multiple Cross-Site Scripting (CVE-2011-1772)
A Cross-Site Scripting vulnerability has been reported in Apache Struts. The vulnerabilities are due to unsanitized parameters in various automatically generated error pages. A remote attacker can exploit these vulnerabilities by enticing a victim to follow a specially crafted link. Successful...
HP Data Protector CRS Opcode 215 and 263 Stack Buffer Overflow (CVE-2013-2328)
Two stack buffer overflows have been discovered in HP Data Protector...
PHP phpLDAPadmin Remote Code Execution (CVE-2011-4075)
A remote code execution vulnerability has been reported in phpLDAPadmin web server...
Microsoft SharePoint Server Parameter Injection (MS13-084; CVE-2013-3895)
An elevation of privilege vulnerability exists in Microsoft SharePoint Server...
Microsoft Internet Explorer Javascript Runtime Denial Of Service (MS13-082; CVE-2013-3861)
A remote Denial of Service vulnerability has been reported in Microsoft Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-080; CVE-2013-3897)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Word File Parsing Memory Corruption (MS13-086; CVE-2013-3891)
A remote code execution vulnerability exists in Microsoft Word...
Microsoft Internet Explorer Memory Corruption (MS13-080: CVE-2013-3874)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft .NET Framework Entity Expansion Denial of Service (MS13-082; CVE-2013-3860)
A denial of service vulnerability exists in the .NET Framework...
Microsoft Internet Explorer Memory Corruption (MS13-080; CVE-2013-3875)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-080; CVE-2013-3886)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft .NET Framework OpenType Font Parsing Remote Code Execution (MS13-082; CVE-2013-3128)
A remote code execution vulnerability has been reported in Microsoft .Net Framework...
Microsoft Internet Explorer Memory Corruption (MS13-080; CVE-2013-3885)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-080: CVE-2013-3873)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...