4305 matches found
Alcatel OmniVista remote command execution
Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...
IBM Rational ClearQuest CQOle ActiveX
Added: 05/30/2012 CVE: CVE-2012-0708 BID: 53170 OSVDB: 81443 Background Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker. Problem The ClearQuest web client installs ActiveX modules on the client system. Thes...
Sysax SSH Username Remote Code Execution
Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...
EMC Autostart ftAgent Overflow
Added: 09/19/2011 CVE: CVE-2011-2735 BID: 49238 OSVDB: 74597 Background EMC AutoStart is a cross-platform high-availability clustering solution. Problem The Agent Service of EMC AutoStart listens on TCP port 8045 and is vulnerable to a heap overflow when parsing malformed messages with opcode 0x1...
DATAC RealWin SCADA Server TAG function stack overflow
Added: 04/20/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...
HP Operations Manager hidden Tomcat account
Added: 06/18/2010 CVE: CVE-2009-3843 BID: 37086 OSVDB: 60317 Background HP Operations Manager is a consolidated event and performance management console that correlates infrastructure, network and end-user experience events across an IT infrastructure. Problem A hidden Apache Tomcat account allow...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Microsoft Excel FORMAT record array index memory corruption
Added: 09/24/2008 CVE: CVE-2008-3005 BID: 30639 OSVDB: 47408 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens a spreadsheet...
Firebird username buffer overflow
Added: 02/11/2008 CVE: CVE-2008-0467 BID: 27467 OSVDB: 40924 Background Firebird is a freely available relational database which is available for multiple platforms. Problem A buffer overflow vulnerability in Firebird allows remote, unauthenticated attackers to execute arbitrary commands by sendi...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
MeteoBridge template.cgi command injection
Added: 10/03/2025 CVE: CVE-2025-4008 Background MeteoBridge is a device which connects personal weather stations to public weather networks. Problem A command injection vulnerability in the MeteoBridge web interface could allow remote, unauthenticated attackers to execute arbitrary commands by...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
IBM WebSphere Management Server Apache Commons
Added: 02/03/2016 CVE: CVE-2015-7450 Background IBM WebSphere Management console 7.x and 8.5.0 - 8.5.5.7 are packaged with a vulnerable version of the Apache Commons package. Problem Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...
F5 rsync daemon ConfigSync interface cmi module vulnerability
Added: 09/02/2014 CVE: CVE-2014-2927 BID: 69461 OSVDB: 110595 Background F5 BIG-IP is a suite of security, availability and acceleration products. Problem When configured to support failover, multiple BIG-IP products are vulnerable to an unauthenticated rsync access vulnerability that can be...
Smart Software Solutions CoDeSys Webserver URI Copying Stack Buffer Overflow
Added: 12/16/2011 CVE: CVE-2011-5007 BID: 50849 OSVDB: 77387 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Web Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The SCADA Web Server listens on TCP port 8080. Problem The CmpWebServer.d...
Adobe Reader Libtiff TIFFFetchShortPair Stack Buffer Overflow
Added: 03/22/2010 CVE: CVE-2010-0188 BID: 38195 OSVDB: 62526 Background Adobe Reader is free software for viewing PDF documents. Problem A stack buffer overflow vulnerability allows command execution when a user opens a PDF file with an embedded TIFF image that has one of several fields encoded a...
Microsoft Visual Studio 2005 WMI Object Broker vulnerability
Added: 01/15/2007 CVE: CVE-2006-4704 BID: 20843 OSVDB: 30155 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Problem A flaw in the WMI Object Broker ActiveX control allows attackers to bypass security zone restrictions, leading ...
BrightStor ARCserve Discovery service 9b command buffer overflow
Added: 12/08/2006 CVE: CVE-2006-6379 BID: 21502 OSVDB: 30775 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...
Windows Media Player plugin EMBED buffer overflow
Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...
Citrix Session Recording deserialization vulnerability
Added: 08/27/2025 CVE: CVE-2024-8069 Background Citrix Session Recording is software for recording and archiving sessions for retrieval and playback. Problem Unsafe object deserialization in Citrix Session Recording could allow a remote attacker to execute arbitrary commands by sending a speciall...
FortiOS Fortimanager_Access SSH account backdoor
Added: 01/25/2016 CVE: CVE-2016-1909 Background FortiOS is the operating system used by FortiGate network security appliances. Problem An undocumented account can be used to gain unauthorized access to the appliance. Resolution Upgrade to FortiOS 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0, or...
Java MBeanInstantiator.findClass and Recursive Reflection Sandbox Escape
Added: 01/14/2013 CVE: CVE-2013-0422 BID: 57246 OSVDB: 89059 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Java SE AtomicReferenceArray Unsafe Security Bypass
Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass
Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...
RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass
Added: 06/07/2010 CVE: CVE-2010-0738 BID: 39710 OSVDB: 64171 Background JBoss Application Server AS is a full-featured open source Java application server that includes full support for J2EE-based APIs. JBoss AS runs on numerous operating systems e.g., Linux, FreeBSD, Mac OS X, and Microsoft...
HP OpenView Network Node Manager nnmRptConfig.exe CGI Template Buffer Overflow
Added: 01/09/2010 CVE: CVE-2009-3848 BID: 37296 OSVDB: 60926 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...
Apache Log4j JNDI message lookup vulnerability
Added: 12/16/2021 Background Apache Log4j is a logging library used by many Java applications. Problem An attacker who is able to control log message content could embed a JNDI reference to an LDAP or RMI URL which downloads an executable Java class, leading to arbitrary command execution...
Citrix SD-WAN Appliance SQL and command injection
Added: 07/26/2019 Background Citrix Software-defined wide-area network SD-WAN is a service that grants the enterprise with the ability to dynamically connect branch offices and data centers on a global scale. Problem Citrix SD-WAN 10.1.x and 10.2.x before 10.2.3 allow unauthenticated SQL injectio...
Oracle WebLogic Apache Commons library deserialization vulnerability
Added: 11/20/2015 CVE: CVE-2015-4852 BID: 77539 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Apache Commons is a widely used Java library which is included in WebLogic Server. Problem A vulnerability in the Apache Commons library used by Oracl...
Java MBeanInstantiator.findClass and Recursive Reflection Sandbox Escape
Added: 01/14/2013 CVE: CVE-2013-0422 BID: 57246 OSVDB: 89059 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
CA ARCserve D2D Axis2 default password
Added: 01/26/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background CA ARCserve D2D is a disk-based backup solution. Problem CA ARCserve D2D deploys Axis2 with default credentials which can be used to gain unauthorized access to the web application server. By then uploading a specially crafte...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Apache mod_rewrite LDAP URL buffer overflow
Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...
VERITAS NetBackup bpcd daemon command chaining vulnerability
Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...
Windows LSASS buffer overflow
Added: 04/04/2006 CVE: CVE-2003-0533 BID: 10108 OSVDB: 5248 Background The Local Security Authority Subsystem Service LSASS provides an interface for managing local security, domain authentication, and Active Directory processes. Problem A buffer overflow in the DsRolepInitializeLog function in t...
VERITAS NetBackup Volume Manager Daemon buffer overflow
Added: 12/04/2005 CVE: CVE-2005-3116 BID: 15353 OSVDB: 20674 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The Volume Manager Daemon VMD has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port...
CraftCMS generate-transform command injection
Added: 03/25/2026 Background CraftCMS is a content management system written in PHP. Problem A vulnerability in CraftCMS allows remote attackers to inject arbitrary PHP code into the session file and then execute it using a specially crafted request to generate-transform. Resolution Upgrade to...
Revive Adserver deserialization vulnerability
Added: 12/16/2019 CVE: CVE-2019-5434 Background Revive Adserver is a free, open source ad serving system. Problem A deserialization vulnerability in Revive Adserver allows remote attackers to execute arbitrary commands injected into the what parameter of the openads.spc RPC method of adxmlrpc.php...
Schneider Electric StruxureWare Building Operation Automation Server msh bypass
Added: 03/14/2016 CVE: CVE-2016-2278 Background The Schneider Electric StruxureWare Building Operation software suite provides integrated monitoring, control, and management of energy, HVAC, lighting and fire safety. The Automation Server is a building automation system for small and medium-sized...
Linux kernel futex_requeue privilege elevation
Added: 12/03/2014 CVE: CVE-2014-3153 BID: 67906 OSVDB: 107752 Background The futex system call in Linux provides a mechanism for user-space locking. Problem A vulnerability in the Linux kernel allows an unprivileged user to gain root access using a specially crafted futexrequeue call. Resolution...
Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free
Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...
ABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow
Added: 03/01/2012 CVE: CVE-2012-0245 BID: 52123 OSVDB: 79476 Background ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks,...
HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution
Added: 08/29/2011 CVE: CVE-2011-2404 BID: 49100 OSVDB: 74510 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software HPTicketMgr.dll is vulnerable to directory traversal due to insufficient input validation by the...
HP Performance Manager Apache Tomcat Policy Bypass
Added: 11/05/2010 CVE: CVE-2009-3548 BID: 36954 OSVDB: 60176 Background HP Performance Manager Software is a web-based analysis and visualization tool that analyzes performance trends of applications, systems, and services. HP Performance Manager incorporates Apache Tomcat 5 to help serve custom...
Apache Struts2 XWork ParameterInterceptor security bypass
Added: 08/05/2010 CVE: CVE-2010-1870 BID: 41592 OSVDB: 66280 Background Apache Struts is a Java web application framework. Apache Struts version 2 is based on WebWork 2. WebWork 2 uses XWork to invoke actions based on HTTP parameter names. The ParameterInterceptor component of XWork runs the...
Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow
Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...
Symantec Messaging Gateway Default SSH Password
Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...
Symantec pcAnywhere Host Services Login Overflow
Added: 02/13/2012 CVE: CVE-2011-3478 BID: 51592 OSVDB: 78532 Background Symantec pcAnywhere is a suite of remote connectivity applications that allow users of a system to access their system remotely. Problem A stack overflow exist in the pcAnywhere Host Service when parsing login names. An...