4305 matches found
Ubuntu overlayfs privilege elevation
Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...
Radia Client Automation radexecd.exe command injection
Added: 02/25/2015 CVE: CVE-2015-1497 BID: 72612 OSVDB: 118382 Background Radia Client Automation is an endpoint management solution. Problem The radexecd.exe daemon does not properly authenticate or sanitize user requests, allowing remote attackers to execute arbitrary commands. Resolution Use th...
IBM Rational Quality Manager and Test Lab Manager Policy Bypass
Added: 11/05/2010 CVE: CVE-2010-4094 BID: 44172 Background IBM Rational Quality Manager is a web-based centralized test management environment for test planning, workflow control, tracking and metrics reporting. IBM Rational Quality Manager incorporates Apache Tomcat 5 to help serve custom web...
Revive Adserver deserialization vulnerability
Added: 12/16/2019 CVE: CVE-2019-5434 Background Revive Adserver is a free, open source ad serving system. Problem A deserialization vulnerability in Revive Adserver allows remote attackers to execute arbitrary commands injected into the what parameter of the openads.spc RPC method of adxmlrpc.php...
Drupal REST module command execution
Added: 02/27/2019 CVE: CVE-2019-6340 BID: 107106 Background Drupal is an open-source content management system written in PHP. Problem The Drupal REST module does not properly sanitize input from non-form sources, allowing an attacker to execute arbitrary code. Resolution Upgrade to Drupal 8.5.11...
Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability
Added: 10/24/2014 CVE: CVE-2014-4114 BID: 70419 OSVDB: 113140 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. For...
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow
Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...
Oracle Java Rhino Script Engine Code Execution
Added: 12/02/2011 CVE: CVE-2011-3544 BID: 50218 OSVDB: 76500 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
Added: 01/03/2011 CVE: CVE-2010-4314 BID: 45301 OSVDB: 66959 Background Novell iPrint is an application which allows users to install and manage printers. Problem A buffer overflow vulnerability in Novell iPrint browser plugin allows command execution when a user loads a web page with an overly...
Windows Cursor and Icon handling vulnerability
Added: 04/27/2006 CVE: CVE-2004-1049 BID: 12233 OSVDB: 12842 Background The LoadImage API in Microsoft Windows provides functions for loading cursors, animated cursors, and icons. Problem An integer overflow in the LoadImage API allows command execution when a user opens a specially crafted curso...
Microsoft Azure Open Management Infrastructure remote command execution
Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...
Apache Struts 2 Jakarta Multipart Parser file upload command execution
Added: 03/16/2017 CVE: CVE-2017-5638 BID: 96729 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The Jakarta...
Bash environment variable command injection in Cisco UCS Manager
Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...
Apple QuickTime TeXML Style Element Buffer Overflow
Added: 12/24/2012 CVE: CVE-2012-3752 BID: 56557 OSVDB: 87087 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who...
Windows Telnet credential reflection
Added: 08/12/2009 CVE: CVE-2009-1930 BID: 35993 OSVDB: 56904 Background Microsoft Windows operating systems come with a telnet service. This service prompts a user to provide a login name and password. Following successful authentication, the server displays a shell prompt, allowing the user to r...
Spring Framework Data Binding vulnerability
Added: 04/05/2022 Background The Spring Framework provides a comprehensive programming and configuration model for modern Java-based enterprise applications. Problem Spring Framework is affected by a data binding vulnerability when running with JDK 9 or higher. The vulnerability allows remote cod...
Joomla User-Agent PHP object injection
Added: 12/17/2015 CVE: CVE-2015-8562 BID: 79195 Background Joomla is a content management system written in PHP. Problem A vulnerability which occurs when Joomla saves browser session information could allow a remote, unauthenticated attacker to inject PHP objects via the User-Agent header, leadi...
Symantec Endpoint Protection Manager authentication bypass
Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...
Apache Struts DefaultActionMapper redirect Prefix Vulnerability
Added: 08/01/2013 CVE: CVE-2013-2251 BID: 61189 OSVDB: 95405 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Struts use...
Java Runtime Environment MixerSequence Function Pointer Control
Added: 02/28/2012 CVE: CVE-2010-0842 BID: 39077 OSVDB: 63493 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free
Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...
Cisco IOS HTTP access level authentication bypass
Added: 12/23/2010 CVE: CVE-2001-0537 BID: 2936 OSVDB: 578 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands at the highest privilege level level 15 without needing to authenticate by...
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow
Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Commvault Command Center upload path traversal
Added: 05/16/2025 Background Commvault is a unified backup and recovery solution for cloud ready organizations. It gives complete backup and recovery protection for your business to cover all data wherever it resides. Problem A path traversal vulnerability allows unauthenticated users to upload...
TikiWiki elfinder file upload
Added: 07/14/2016 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The third-party elfinder component allows unauthenticated users to upload arbitrary files, which can then be executed using a simple HTTP request. Resolution Upgrade to TikiWiki 12.9,...
Oracle Java Applet2ClassLoader Vulnerability
Added: 05/05/2011 CVE: CVE-2010-4452 BID: 46388 OSVDB: 71193 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
NETGEAR ReadyNAS Surveillance Command Execution
Added: 08/30/2016 CVE: CVE-2016-5674 BID: 92318 Background NETGEAR ReadyNAS Surveillance combines their storage and switching solution NETGEAR ReadyNAS Network Attached Storage system with network video recording software from NUUO to provide an affordable surveillance solution for small...
PineApp Mail-SeCure confnetworking.html nsserver command execution
Added: 11/25/2013 CVE: CVE-2013-6830 BID: 63817 OSVDB: 100029 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection...
Java SE AtomicReferenceArray Unsafe Security Bypass
Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Novell Client nwspool.dll EnumPrinters buffer overflow
Added: 02/22/2008 CVE: CVE-2008-0639 BID: 27741 OSVDB: 41510 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by a buffer overflow in the EnumPrinters function, allowing remote attackers to execute...
IBM WebSphere Management Server Apache Commons
Added: 02/03/2016 CVE: CVE-2015-7450 Background IBM WebSphere Management console 7.x and 8.5.0 - 8.5.5.7 are packaged with a vulnerable version of the Apache Commons package. Problem Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...
Microsoft Word RTF Object Confusion
Added: 07/24/2014 CVE: CVE-2014-1761 BID: 66385 OSVDB: 104895 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow exists due to an error in processing RTF files. The flaw is triggered by supplying a...
Telnetd Encryption Key ID Code Execution
Added: 02/11/2012 CVE: CVE-2011-4862 BID: 51182 OSVDB: 78020 Background Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection. Problem The flaw is caused due to a...
Sunway ForceControl SNMP NetDBServer Signed Integer Buffer Overflow
Added: 09/29/2011 BID: 49747 OSVDB: 75798 Background Sunway ForceControl is a Chinese SCADA/HMI software application widely used in China to help run weapons systems, utilities and chemical plants. It is also used to a lesser extent in other countries, including the US. SNMP NetDBServer is one of...
Microsoft Exchange X-LINK2STATE buffer overflow
Added: 01/13/2006 CVE: CVE-2005-0560 BID: 13118 OSVDB: 15467 Background Microsoft Exchange is an e-mail server for Microsoft Windows operating systems. Problem A buffer overflow condition in the handling of the X-LINK2STATE extended verb could allow a remote attacker to execute arbitrary commands...
Moxa AWK-3131A iw_console privilege escalation vulnerability
Added: 02/27/2020 CVE: CVE-2019-5136 Background Moxa AWK-3131A is a 3-in-1 industrial wireless AP/bridge/client device. Problem A privilege escalation vulnerability exists in the iwconsole functionality where a specially crafted menu selection string can cause an escape from the restricted consol...
Java Runtime Environment Color Management memory overwrite
Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
ABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow
Added: 03/01/2012 CVE: CVE-2012-0245 BID: 52123 OSVDB: 79476 Background ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks,...
Oracle Java Rhino Script Engine Code Execution
Added: 12/02/2011 CVE: CVE-2011-3544 BID: 50218 OSVDB: 76500 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Microsoft Client Service for NetWare tree name buffer overflow
Added: 11/16/2006 CVE: CVE-2006-4688 BID: 20984 OSVDB: 30260 Background The Client Service for NetWare, also known as the Gateway Service for NetWare, allows Windows users to access NetWare file, print, and directory services. It is available with Microsoft Windows operating systems but is not...
Windows LSASS buffer overflow
Added: 04/04/2006 CVE: CVE-2003-0533 BID: 10108 OSVDB: 5248 Background The Local Security Authority Subsystem Service LSASS provides an interface for managing local security, domain authentication, and Active Directory processes. Problem A buffer overflow in the DsRolepInitializeLog function in t...
Microsoft Exchange X-LINK2STATE buffer overflow
Added: 01/13/2006 CVE: CVE-2005-0560 BID: 13118 OSVDB: 15467 Background Microsoft Exchange is an e-mail server for Microsoft Windows operating systems. Problem A buffer overflow condition in the handling of the X-LINK2STATE extended verb could allow a remote attacker to execute arbitrary commands...
McAfee VirusScan Enterprise for Linux authentication token brute force
Added: 12/23/2016 CVE: CVE-2016-8023 BID: 94823 Background McAfee VirusScan Enterprise for Linux is real-time, anti-malware software for Linux. Problem McAfee VirusScan Enterprise for Linux allows remote attackers to execute arbitrary commands by exploiting multiple vulnerabilities, including the...
Java Runtime Environment DriverManager doPrivileged block sandbox bypass
Added: 05/24/2013 CVE: CVE-2013-1488 BID: 58504 OSVDB: 91472 Background Oracle Java is a development platform for developing and deploying Java applications. It includes the Java Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements for executing a Ja...
Java SE AtomicReferenceArray Unsafe Security Bypass
Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Wireshark DECT Dissector Remote Stack Buffer Overflow
Added: 10/19/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark...
Windows Print Spooler EnumeratePrintShares buffer overflow
Added: 06/16/2009 CVE: CVE-2009-0228 BID: 35206 Background The Windows Print Spooler manages the printing process on Windows operating systems. Problem A buffer overflow vulnerability in the EnumeratePrintShares function in the Windows Print Spooler service allows arbitrary command execution when...
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
Microsoft Azure Open Management Infrastructure remote command execution
Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...
Moxa AWK-3131A iw_console privilege escalation vulnerability
Added: 02/27/2020 CVE: CVE-2019-5136 Background Moxa AWK-3131A is a 3-in-1 industrial wireless AP/bridge/client device. Problem A privilege escalation vulnerability exists in the iwconsole functionality where a specially crafted menu selection string can cause an escape from the restricted consol...