Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2013/01/04 12:0 a.m.•70 views

Internet Explorer CButton Use After Free Vulnerability

Added: 01/04/2013 CVE: CVE-2012-4792 BID: 57070 OSVDB: 88774 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem All references to DOM button objects are not properly removed when a DOM buttom object is deleted. If the stale reference...

9.3CVSS8.8AI score0.78823EPSS
Exploits12
Saint
Saint
•added 2012/02/11 12:0 a.m.•70 views

Telnetd Encryption Key ID Code Execution

Added: 02/11/2012 CVE: CVE-2011-4862 BID: 51182 OSVDB: 78020 Background Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection. Problem The flaw is caused due to a...

10CVSS7.1AI score0.95104EPSS
Exploits19
Saint
Saint
•added 2011/04/08 12:0 a.m.•70 views

Zend Server Java Bridge Remote Code Execution

Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...

Exploits0
Saint
Saint
•added 2010/06/07 12:0 a.m.•70 views

CA XOsoft Control Service entry_point.aspx Remote Code Execution

Added: 06/07/2010 CVE: CVE-2010-1223 BID: 39238 OSVDB: 63611 Background CA XOsoft is storage and recovery management software that includes applications for combined business continuity and disaster recovery. The CA XOsoft product family includes CA XOsoft Replication, CA XOsoft High Availability...

10CVSS7.5AI score0.16755EPSS
Exploits5
Saint
Saint
•added 2010/03/22 12:0 a.m.•70 views

Adobe Reader Libtiff TIFFFetchShortPair Stack Buffer Overflow

Added: 03/22/2010 CVE: CVE-2010-0188 BID: 38195 OSVDB: 62526 Background Adobe Reader is free software for viewing PDF documents. Problem A stack buffer overflow vulnerability allows command execution when a user opens a PDF file with an embedded TIFF image that has one of several fields encoded a...

9.3CVSS8.4AI score0.88246EPSS
Exploits12
Saint
Saint
•added 2007/12/28 12:0 a.m.•70 views

Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow

Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...

10CVSS7.8AI score0.13021EPSS
Exploits12
Saint
Saint
•added 2006/05/04 12:0 a.m.•70 views

Windows Metafile rendering buffer overflow

Added: 05/04/2006 CVE: CVE-2004-0209 BID: 11375 OSVDB: 10692 Background A Windows Metafile image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A buffer overflow in the Windows Graphics Rendering Engine allows command execution when a malforme...

10CVSS6.6AI score0.62054EPSS
Exploits8
Saint
Saint
•added 2006/03/07 12:0 a.m.•70 views

Microsoft Visual Studio .dbp and .sln buffer overflow

Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...

5.1CVSS7.1AI score0.22396EPSS
Exploits5
Saint
Saint
•added 2026/05/07 12:0 a.m.•69 views

MetInfo weixinreply command injection

Added: 05/07/2026 Background MetInfo is an open-source content management system CMS written in PHP and MySQL developed in China. Problem A vulnerability in the weixinreply class allows remote attackers to execute arbitrary commands by sending an API request with specially crafted EventKey and...

6.1AI score
Exploits0
Saint
Saint
•added 2019/12/31 12:0 a.m.•69 views

Alcatel OmniVista remote command execution

Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...

4.1AI score
Exploits0
Saint
Saint
•added 2016/06/15 12:0 a.m.•69 views

Apache Continuum saveInstallation.action command execution

Added: 06/15/2016 Background Apache Continuum is a continuous integration server for Java projects. Problem A remote attacker could execute arbitrary commands by sending a POST request to saveInstallation.action with a specially crafted installation.varValue parameter. Resolution Upgrade to a...

2AI score
Exploits0
Saint
Saint
•added 2016/02/03 12:0 a.m.•69 views

IBM WebSphere Management Server Apache Commons

Added: 02/03/2016 CVE: CVE-2015-7450 Background IBM WebSphere Management console 7.x and 8.5.0 - 8.5.5.7 are packaged with a vulnerable version of the Apache Commons package. Problem Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...

10CVSS10AI score0.97655EPSS
Exploits10
Saint
Saint
•added 2015/02/10 12:0 a.m.•69 views

HP Data Protector Unauthenticated Remote Code Execution

Added: 02/10/2015 CVE: CVE-2014-2623 BID: 68672 OSVDB: 109069 Background HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP. Problem HP Data Protector is vulnerable to remote unauthenticated arbitrary command executi...

10CVSS9.8AI score0.89394EPSS
Exploits20
Saint
Saint
•added 2012/08/29 12:0 a.m.•69 views

SAP NetWeaver SAPHostControl Command Injection

Added: 08/29/2012 BID: 55084 OSVDB: 84821 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Problem The NetWeaver management console exposes an authenticated SOAP web service interface. During the authentication phase, user-supplied values...

0.5AI score
Exploits0
Saint
Saint
•added 2012/05/30 12:0 a.m.•69 views

IBM Rational ClearQuest CQOle ActiveX

Added: 05/30/2012 CVE: CVE-2012-0708 BID: 53170 OSVDB: 81443 Background Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker. Problem The ClearQuest web client installs ActiveX modules on the client system. Thes...

9.3CVSS6.3AI score0.3095EPSS
Exploits10
Saint
Saint
•added 2012/02/28 12:0 a.m.•69 views

Java Runtime Environment MixerSequence Function Pointer Control

Added: 02/28/2012 CVE: CVE-2010-0842 BID: 39077 OSVDB: 63493 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

7.5CVSS8.9AI score0.77721EPSS
Exploits9
Saint
Saint
•added 2012/01/24 12:0 a.m.•69 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS6AI score0.20561EPSS
Exploits4
Saint
Saint
•added 2011/08/29 12:0 a.m.•69 views

HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution

Added: 08/29/2011 CVE: CVE-2011-2404 BID: 49100 OSVDB: 74510 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software HPTicketMgr.dll is vulnerable to directory traversal due to insufficient input validation by the...

7.5CVSS6.7AI score0.7374EPSS
Exploits9
Saint
Saint
•added 2010/12/01 12:0 a.m.•69 views

Microsoft Excel Drawing Exception Handling vulnerability

Added: 12/01/2010 CVE: CVE-2010-3335 BID: 44659 OSVDB: 69087 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A use-after-free vulnerability during exception handling in Microsoft Office allows comman...

9.3CVSS7.7AI score0.23915EPSS
Exploits5
Saint
Saint
•added 2010/11/26 12:0 a.m.•69 views

Oracle Virtual Server Agent Command Injection

Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...

9CVSS7.2AI score0.02381EPSS
Exploits4
Saint
Saint
•added 2010/11/16 12:0 a.m.•69 views

Microsoft Office RTF pFragments Property Stack Buffer Overflow

Added: 11/16/2010 CVE: CVE-2010-3333 BID: 44652 OSVDB: 69085 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A stack buffer overflow vulnerability exists when...

9.3CVSS8.1AI score0.89497EPSS
Exploits14
Saint
Saint
•added 2009/12/22 12:0 a.m.•69 views

HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow

Added: 12/22/2009 CVE: CVE-2009-4179 BID: 37261 OSVDB: 60930 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the ovalarm.exe CGI program allows command execution when an attacker sends an HTTP request to this...

10CVSS6.8AI score0.66973EPSS
Exploits8
Saint
Saint
•added 2007/12/24 12:0 a.m.•69 views

HP OpenView Network Node Manager ovlogin.exe buffer overflow

Added: 12/24/2007 CVE: CVE-2007-6204 BID: 26741 OSVDB: 39529 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sendin...

10CVSS7.7AI score0.69613EPSS
Exploits9
Saint
Saint
•added 2007/07/16 12:0 a.m.•69 views

Windows MDAC RDS.Dataspace ActiveX control vulnerability

Added: 07/16/2007 CVE: CVE-2006-0003 BID: 17462 OSVDB: 24517 Background Microsoft Data Access Components MDAC enable Universal Data Access in Windows applications deployed over a network. Problem A cross-zone scripting vulnerability in the RDS.Dataspace ActiveX control in MDAC allows command...

5.1CVSS6.1AI score0.825EPSS
Exploits6
Saint
Saint
•added 2006/11/10 12:0 a.m.•69 views

Microsoft IIS ASP chunked encoding buffer overflow

Added: 11/10/2006 CVE: CVE-2002-0079 BID: 4485 OSVDB: 768 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A buffer overflow in the ASP ISAPI filter allows remote attackers to execute arbitrary comman...

7.5CVSS7.7AI score0.71195EPSS
Exploits4
Saint
Saint
•added 2006/06/26 12:0 a.m.•69 views

MailEnable HTTPMail Authorization header buffer overflow

Added: 06/26/2006 CVE: CVE-2005-1348 BID: 13350 OSVDB: 15737 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's HTTPMail...

7.5CVSS7.7AI score0.72622EPSS
Exploits6
Saint
Saint
•added 2006/04/07 12:0 a.m.•69 views

VERITAS Backup Exec Agent Browser hostname buffer overflow

Added: 04/07/2006 CVE: CVE-2004-1172 BID: 11974 OSVDB: 12418 Background VERITAS Backup Exec for Windows is a data backup and recovery solution. Problem A buffer overflow in the VERITAS Backup Exec Agent Browser allows a remote attacker to execute commands by sending a long, specially crafted...

10CVSS7.2AI score0.81791EPSS
Exploits7
Saint
Saint
•added 2006/02/02 12:0 a.m.•69 views

Mercury Mail Transport System Phonebook service buffer overflow

Added: 02/02/2006 CVE: CVE-2005-4411 BID: 16396 OSVDB: 22103 Background Mercury Mail Transport System is a free mail server for Windows and Netware platforms. It includes a Phone Book service which runs on port 105/TCP. Problem A buffer overflow vulnerability in the Phone Book service allows remo...

7.5CVSS7.3AI score0.64659EPSS
Exploits8
Saint
Saint
•added 2005/12/22 12:0 a.m.•69 views

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

7.5CVSS7.3AI score0.86365EPSS
Exploits9
Saint
Saint
•added 2005/11/04 12:0 a.m.•69 views

Sybase EAServer WebConsole buffer overflow

Added: 11/04/2005 CVE: CVE-2005-2297 BID: 14287 OSVDB: 17995 Background Sybase EAServer is a web application server. Problem A buffer overflow in the Sybase EAServer WebConsole allows a remote attcker to execute arbitrary commands by requesting /WebConsole/Login.jsp with a long query string...

4.6CVSS7.9AI score0.74202EPSS
Exploits6
Saint
Saint
•added 2014/11/17 12:0 a.m.•68 views

Windows OLE Automation Array command execution

Added: 11/17/2014 CVE: CVE-2014-6332 BID: 70952 OSVDB: 114533 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. Probl...

9.3CVSS8.5AI score0.94996EPSS
Exploits39
Saint
Saint
•added 2014/11/17 12:0 a.m.•68 views

Windows OLE Automation Array command execution

Added: 11/17/2014 CVE: CVE-2014-6332 BID: 70952 OSVDB: 114533 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. Probl...

9.3CVSS8.5AI score0.94996EPSS
Exploits39
Saint
Saint
•added 2014/10/10 12:0 a.m.•68 views

Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow

Added: 10/10/2014 CVE: CVE-2014-5289 BID: 69263 OSVDB: 110142 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...

5.8CVSS9.7AI score0.12021EPSS
Exploits13
Saint
Saint
•added 2013/02/15 12:0 a.m.•68 views

Ruby on Rails XML Processor YAML Deserialization

Added: 02/15/2013 CVE: CVE-2013-0156 BID: 57187 OSVDB: 89026 Background Ruby on Rails is a full stack, Web application framework optimized for sustainable programming productivity, allowing writing sound code by favoring convention over configuration. Problem Ruby on Rails versions prior to 2.3.1...

7.5CVSS7.7AI score0.99449EPSS
Exploits21
Saint
Saint
•added 2013/01/25 12:0 a.m.•68 views

rsh Excessive Trust Vulnerability

Added: 01/25/2013 CVE: CVE-1999-0515 Background The rsh service allows remote users, using an rsh client, to execute individual shell commands on an rsh server without the need for a password. The rsh process uses the .rhosts file to list trusted hosts those machines allowed to use the service...

10CVSS7.9AI score0.04635EPSS
Exploits4
Saint
Saint
•added 2012/07/17 12:0 a.m.•68 views

Oracle AutoVue SetMarkupMode ActiveX Overflow

Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...

7.5CVSS6.4AI score0.59413EPSS
Exploits10
Saint
Saint
•added 2012/01/13 12:0 a.m.•68 views

Plone Zope SAXutils Command Execution

Added: 01/13/2012 CVE: CVE-2011-3587 BID: 49857 OSVDB: 76105 Background Plone is a free and open source content management system built on top of the Zope application server. Plone can be used for any kind of website, including blogs, internet sites, webshops and internal websites. Problem Plone...

9.3CVSS7AI score0.78546EPSS
Exploits15
Saint
Saint
•added 2011/06/07 12:0 a.m.•68 views

HP Data Protector Client EXEC_CMD Command Execution

Added: 06/07/2011 CVE: CVE-2011-0923 BID: 46234 OSVDB: 72526 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The HP Data Protector Client is vulnerable to remote code execution as a result of insufficient input validation of...

10CVSS7.3AI score0.81081EPSS
Exploits30
Saint
Saint
•added 2010/12/23 12:0 a.m.•68 views

Cisco IOS HTTP access level authentication bypass

Added: 12/23/2010 CVE: CVE-2001-0537 BID: 2936 OSVDB: 578 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands at the highest privilege level level 15 without needing to authenticate by...

9.3CVSS7.3AI score0.6845EPSS
Exploits8
Saint
Saint
•added 2010/11/16 12:0 a.m.•68 views

Microsoft Office RTF pFragments Property Stack Buffer Overflow

Added: 11/16/2010 CVE: CVE-2010-3333 BID: 44652 OSVDB: 69085 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A stack buffer overflow vulnerability exists when...

9.3CVSS8.1AI score0.89497EPSS
Exploits14
Saint
Saint
•added 2010/06/24 12:0 a.m.•68 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
Saint
Saint
•added 2007/08/02 12:0 a.m.•68 views

Ipswitch IMail IMAP SUBSCRIBE command buffer overflow

Added: 08/02/2007 CVE: CVE-2007-3927 BID: 24962 OSVDB: 36222 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SUBSCRIBE command...

10CVSS7.6AI score0.21893EPSS
Exploits4
Saint
Saint
•added 2007/07/19 12:0 a.m.•68 views

Computer Associates Alert Notification Server buffer overflow

Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...

9.3CVSS7.8AI score0.1409EPSS
Exploits5
Saint
Saint
•added 2007/05/24 12:0 a.m.•68 views

Microsoft Excel Named Graph record buffer overflow

Added: 05/24/2007 CVE: CVE-2007-0215 BID: 23760 OSVDB: 34393 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...

7.6CVSS6.7AI score0.31546EPSS
Exploits4
Saint
Saint
•added 2006/11/03 12:0 a.m.•68 views

Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow

Added: 11/03/2006 CVE: CVE-2006-0272 BID: 16287 OSVDB: 22567 Background Oracle Database Server includes the DBMSXMLSCHEMA component, which contains procedures for managing XML schemas. Problem A buffer overflow vulnerability in the DBMSXMLSCHEMA.GENERATESCHEMA procedure allows database users to...

9CVSS7.5AI score0.05819EPSS
Exploits4
Saint
Saint
•added 2006/01/24 12:0 a.m.•68 views

Trend Micro ServerProtect Management Console isaNVWRequest.dll chunked POST buffer overflow

Added: 01/24/2006 CVE: CVE-2005-1929 BID: 15865 OSVDB: 21771 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in ServerProtect Management Console could allow a remote attacker to execute commands using a chunked POST request to isaNVWRequest.dll. Resolution Use t...

7.5CVSS7.3AI score0.04944EPSS
Exploits4
Saint
Saint
•added 2014/07/24 12:0 a.m.•67 views

Microsoft Word RTF Object Confusion

Added: 07/24/2014 CVE: CVE-2014-1761 BID: 66385 OSVDB: 104895 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow exists due to an error in processing RTF files. The flaw is triggered by supplying a...

9.3CVSS7.9AI score0.7746EPSS
Exploits10
Saint
Saint
•added 2013/04/04 12:0 a.m.•67 views

Java Runtime Environment Color Management memory overwrite

Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

10CVSS9.8AI score0.86151EPSS
Exploits10
Saint
Saint
•added 2013/03/18 12:0 a.m.•67 views

SonicWall Multiple Products skipSessionCheck Authentication Bypass

Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...

9.7AI score0.89402EPSS
Exploits9
Saint
Saint
•added 2013/02/21 12:0 a.m.•67 views

Adobe Flash Player SWF Content Regular Expression Heap Overflow

Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...

9.3CVSS9.1AI score0.77597EPSS
Exploits10
Total number of security vulnerabilities4305