13538 matches found
PHP xml_parse_into_struct Heap Memory Corruption (CVE-2013-4113)
A heap memory corruption vulnerability exists in xmlparseintostruct function in PHP...
Microsoft DirectShow Remote Code Execution (MS13-056; CVE-2013-3174)
A remote code execution vulnerability has been reported in the Microsoft DirectShow. The vulnerability is due to faulty GIF image files parsing. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted GIF file. A successfull exploitation of this vulnerability...
Web Servers Malicious URL Directory Traversal
There exists a directory traversal vulnerability On different web servers...
ISC BIND RDATA Handling Assertion Failure Denial of Service (CVE-2012-4244; CVE-2013-4854)
A denial of service vulnerability exists in ISC BIND. The vulnerability is due to an assertion failure that occurs when handling malformed RDATA. A remote attacker could exploit this vulnerability by sending a DNS query response with a specially crafted resource record to an affected server...
Non Compliant SSL (CVE-2003-0719; CVE-2004-0826)
A vulnerability exists in SSL library. Remote attacker could construct a specially crafted SSL negotiation packet that could cause the library to crash...
Joomla Unauthorized File Upload Remote Code Execution
A remote code execution vulnerability has been reported in Joomla. The vulnerability is due to improper validation of an uploaded file's extension. A remote attacker may exploit this issue by uploading a specially crafted php file. Successful exploitation would allow an attacker to execute...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3188)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3194)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3193)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3184)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Cisco OSPF LSA Manipulation Denial of Service (CVE-2013-0149)
A denial of service vulnerability has been reported in Multiple Cisco Products...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3191)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft .NET Framework Array Access Violation (MS13-052; CVE-2013-3131; CVE-2013-3134)
A remote code execution vulnerability exists in the way the .NET Framework handles multidimensional arrays of small structures. The vulnerability is caused when the .NET Framework improperly handles multidimensional arrays of small structures. An attacker who successfully exploited this...
Microsoft DirectAccess ICMP Denial of Service (MS13-064; CVE-2013-3182)
A denial of service vulnerability has been reported in Windows 2012 server...
Microsoft Windows ICMPv6 Router Advertisement Denial of Service (MS13-065; CVE-2013-3183)
There exists a denial of service vulnerability in Windows TCP/IP stack...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3199)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Active Directory Federation Services Information Disclosure (MS13-066; CVE-2013-3185)
An information disclosure vulnerability exists in Active Directory Federation Services AD FS that could allow the unintentional disclosure of account information...
Canon Wireless Printer Denial Of Service (CVE-2013-4615)
A Denial Of Service vulnerability has been reported in a Canon Wireless Printer...
Microsoft Windows RPC Elevation Of Privilege (MS13-062; CVE-2013-3175)
An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3189)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Windows Uniscribe Font Parsing Engine Memory Corruption (MS13-060; CVE-2013-3181)
A remote code execution vulnerability exists in the Unicode Scripts Processor included in affected versions of Microsoft Windows...
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3187)
A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
Web Servers Malicious HTTP Request Directory Traversal (CVE-2005-3299; CVE-2014-7174; CVE-2022-1476; CVE-2022-29806)
There exists a directory traversal vulnerability On different web servers. The vulnerability is due to an input validation error in a web server that does not properly sanitize the parameters in request body for the directory traversal patterns. Successful exploitation allows unauthenticated remo...
Oracle Java sun.awt.image.ImagingLib.lookupByteBI Buffer Overflow (CVE-2013-2463)
A heap buffer overflow vulnerability exists in Oracle Java. The vulnerability is due to improper bounds checking during a call to sun.awt.image.ImagingLib.lookupByteBI method. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page...
SugarCRM unserialize() PHP Code Execution
A remote code execution vulnerability has been reported in SugarCRM servers 6.3.1 and below. The vulnerability is due to an error while parsing the user data to currentquerybypage parameter. Remote authenticated attacker can exploit this vulnerability by sending malicious command to the affected...
MoinMoin twikidraw Action Directory Traversal (CVE-2012-6081)
A directory traversal vulnerability has been reported in MoinMoin server application. The vulnerability is caused due to improper sanitization of query strings from the path. A remote attacker can exploit this vulnerability by sending crafted requests to the affected server. Successful exploitati...
Oracle MySQL Server Geometry Query Denial Of Service (CVE-2013-1861)
A denial of service vulnerability has been reported in MySQL database server...
Apache Struts Open Redirect Arbitrary Website Redirection (CVE-2013-2248)
An open redirect vulnerability has been reported in Apache Struts...
Sysax Multi-Server SSHD Key Exchange Denial of Service
A denial of service vulnerability has been reported in Sysax Multi-Server 6.10...
HP Data Protector CRS Opcode 234 Stack Buffer Overflow (CVE-2013-2326)
A buffer overflow has been reported in HP Data Protector. The vulnerability exists in the Cell Request Service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 234, which can result in a stack buffer overflow. A remote, unauthenticated attacker...
Sysax Multi-Server Create Folder Buffer Overflow (CVE-2012-6530)
A buffer overflow vulnerability had been reported in Sysax Multi Server 5.64 Create Folder. The vulnerability is due to insufficient boundary check when creating a new folder. A remote attacker can exploit this weakness by entering a very long folder name. Successful exploitation could result in...
Apple Safari webarchive File Format UXSS
A UXSS stack vulnerability has been reported in the Apple Safari webarchive File Format...
Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182)
A heap overflow vulnerability has been reported in Samba daemon. The vulnerability is due to an error on the PIDL auto-generated code in the LSA RPC service of the Samba daemon. Remote attackers could exploit this vulnerability by making a specially crafted call to SetInformationPolicy to set a...
Apache Struts Remote Command Execution (CVE-2013-2251)
A Remote command execution vulnerability has been reported in Apache Struts. The vulnerability is due to a design flaw which allows attackers to manipulate parameters prefixed with action: redirect: redirectAction:...
ClamAV UPX File PE parsing Memory Access Error (CVE-2013-2020)
A memory access error vulnerability exists in ClamAV antivirus software. The vulnerability is due to an errors in "pe.c" while parsing UPX-packed executable files. Remote attackers could exploit the vulnerability to cause a denial of service condition. Successful exploitation would lead to...
Trimble Navigation SketchUp PICT File Buffer Overflow - Improved Performance (CVE-2013-3664)
A remote code execution vulnerability has been reported in Trimble SketchUp. The vulnerability is due to a stack buffer overflow while processing PICT files which contain a malicious number of ARGB entries. A remote attacker can exploit this vulnerability by enticing a target user to open a...
HP System Management Homepage iprange Parameter Code Execution
A code execution vulnerability exists in HP System Management Homepage SMH...
Dell SonicWALL GMS Arbitrary File Upload
An arbitrary file upload vulnerability has been reported in SonicWALL GMS 6...
Oracle MySQL Server InnoDB Memcached Plugin Resource Exhaustion - High Confidence (CVE-2013-1570)
A memory exhaustion vulnerability has been reported in the InnoDB memcached plugin component of Oracle MySQL Server. This vulnerability is due to incorrect freeing of allocated memory when processing certain type of requests. A remote unauthenticated attacker can exploit this vulnerability by...
Kordil EDMS Unauthenticated File Upload
An arbitrary file upload vulnerability has been reported in Kordil EDMS. The vulnerability is due improper script verification...
FreeBSD NFS Server READDIR Request Memory Corruption (CVE-2013-3266)
A memory corruption vulnerability has been reported in nfsrvdreaddir function in FreeBSD NFS server. The vulnerability is due to insufficient sanitation of READDIR requests and can result in the underlying filesystem to interpret a file as a directory. A remote attacker can exploit this...
PhpTax pfilez Remote Code Execution
A remote code execution vulnerability exits in PHPTax application...
Lianja SQL db_netserver Stack Buffer Overflow
A stack buffer overflow vulnerability has been reported in Lianja SQL Server...
IBM Tivoli Endpoint Manager POST Query Buffer Overflow (CVE-2011-1220)
A stack based buffer overflow in IBM Tivoli Endpoint...
IBM Notes PNG Image Parsing Integer Overflow (CVE-2013-2977)
A code execution vulnerability has been reported in IBM Notes formerly Lotus Notes. The vulnerability is due to an integer overflow while parsing PNG images. A remote unauthenticated attacker can exploit this vulnerability by enticing the target user to view a malicious email. Successful...
Microsoft RPC Services Path Canonicalization Remote Code Execution (CVE-2008-4250)
A remote code execution vulnerability has been reported in applications based on the SMB protocol...
Ektron XSLT Transform Remote Code Execution (CVE-2012-5357)
A remote code execution vulnerability has been reported in Ektron CMS in XslCompiledTransform class...
SAP NetWeaver SOAP Request SXPG_COMMAND_EXECUTE Command Execution
A remote command execution vulnerability has been reported in SAP NetWeaver's SOAP interface. The vulnerability is due to insufficient validation of incoming SOAP requests. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted SOAP request to the affected...
Oracle Java sun.awt.image.ImagingLib.lookupByteBI Memory Corruption (CVE-2013-2470)
A memory corruption vulnerability has been reported in Oracle Java. The vulnerability is due to access of uninitialized memory during a call to sun.awt.image.ImagingLib.lookupByteBI method. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted w...
HP Data Protector CRS Opcode 259 Stack Buffer Overflow (CVE-2013-2329)
A stack buffer overflow has been reported in HP Data Protector. The vulnerability is in the CRS.exe service, which listens on a randomly chosen port. The application fails to sanitize input with opcode 259, which can result in a stack buffer overflow. A remote, unauthenticated attacker can exploi...