Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2014/08/07 12:0 a.m.•62 views

Kolibri WebServer HTTP GET Request Handling Buffer Overflow

Added: 08/07/2014 CVE: CVE-2014-4158 BID: 68195 OSVDB: 108090 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...

7.5CVSS7.1AI score0.14301EPSS
Exploits7
Saint
Saint
•added 2013/06/15 12:0 a.m.•62 views

Novell ZENworks Mobile Management MDM.php Language Parameter Vulnerability

Added: 06/15/2013 CVE: CVE-2013-1081 BID: 58402 OSVDB: 91119 Background ZENworks Mobile Management ZMM offers centralized management tools that are useful for deploying new mobile devices in the workforce, whether those devices are company-issued or privately owned. ZMM ensures that users have th...

7.5CVSS7.2AI score0.68079EPSS
Exploits10
Saint
Saint
•added 2013/03/22 12:0 a.m.•62 views

WellinTech KingView KingMess.exe Log File Parsing Overflow

Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...

10CVSS7.3AI score0.61492EPSS
Exploits8
Saint
Saint
•added 2013/02/11 12:0 a.m.•62 views

Schneider Electric Interactive Graphical SCADA System Data Collector Overflow

Added: 02/11/2013 CVE: CVE-2013-0657 BID: 57449 OSVDB: 89324 Background Schneider Electric Interactive Graphical SCADA System IGSS is a supervisory control and data acquisition SCADA system designed to monitor and control industrial processes. The Data Collector DC.exe component listens on port...

10CVSS7.5AI score0.21262EPSS
Exploits8
Saint
Saint
•added 2012/08/30 12:0 a.m.•62 views

Oracle Java findMethod findClass Security Bypass

Added: 08/30/2012 CVE: CVE-2012-4681 BID: 55213 OSVDB: 84867 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS10AI score0.98536EPSS
Exploits10
Saint
Saint
•added 2011/12/12 12:0 a.m.•62 views

Iron Mountain Connected Backup Opcode 13 Processing Command Injection

Added: 12/12/2011 CVE: CVE-2011-2397 BID: 50884 OSVDB: 77495 Background Iron Mountain Connected Backup is a solution for automatic online backup and recovery for Microsoft Windows and Mac OS X. An agent is installed on each computer that is to be backed up. The agent listens by default on TCP por...

10CVSS7.4AI score0.05521EPSS
Exploits4
Saint
Saint
•added 2011/11/28 12:0 a.m.•62 views

Measuresoft ScadaPro xf Command Execution

Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...

10CVSS7.2AI score0.36429EPSS
Exploits5
Saint
Saint
•added 2011/08/22 12:0 a.m.•62 views

Adobe Flash Player ActionScript Function Arguments Code Execution

Added: 08/22/2011 CVE: CVE-2011-2110 BID: 48268 OSVDB: 73007 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute...

10CVSS8.9AI score0.86421EPSS
Exploits11
Saint
Saint
•added 2008/12/18 12:0 a.m.•62 views

Microsoft Excel TXO and OBJ record parsing memory corruption

Added: 12/18/2008 CVE: CVE-2008-4265 BID: 32618 OSVDB: 50556 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens an Excel...

9.3CVSS6.5AI score0.2465EPSS
Exploits5
Saint
Saint
•added 2008/01/07 12:0 a.m.•62 views

Adobe Flash Player ActionScript launch command execution

Added: 01/07/2008 CVE: CVE-2008-5499 BID: 32896 OSVDB: 50796 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem An input validation vulnerability allows command execution when the browser loads an SWF file which contains shell...

9.3CVSS6.4AI score0.79426EPSS
Exploits11
Saint
Saint
•added 2007/07/20 12:0 a.m.•62 views

Trend Micro OfficeScan session cookie buffer overflow

Added: 07/20/2007 CVE: CVE-2007-3454 BID: 24641 OSVDB: 36629 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the CGIOCommon.dll shared library allows remote attackers to execute arbitrary commands by sending ...

10CVSS7.8AI score0.05531EPSS
Exploits4
Saint
Saint
•added 2006/09/18 12:0 a.m.•62 views

Mercury Mail IMAP DELETE command buffer overflow

Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...

10CVSS7.6AI score0.72459EPSS
Exploits8
Saint
Saint
•added 2006/02/14 12:0 a.m.•62 views

AWStats configdir parameter command execution

Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...

7.5CVSS6.6AI score0.74941EPSS
Exploits11
Saint
Saint
•added 2005/11/30 12:0 a.m.•62 views

RSA SecurID Web Agent for IIS redirect buffer overflow

Added: 11/30/2005 CVE: CVE-2005-4734 BID: 26424 OSVDB: 20151 Background RSA SecurID Web Agent for IIS provides access control for IIS web servers using one-time authentication tokens. Problem A buffer overflow in IISWebAgentIF.dll could allow a remote attacker to execute arbitrary commands using ...

6.4CVSS7.8AI score0.54485EPSS
Exploits8
Saint
Saint
•added 2014/04/17 12:0 a.m.•61 views

Internet Explorer CMarkup Object Handling Use-after-free Vulnerability

Added: 04/17/2014 CVE: CVE-2014-0322 BID: 65551 OSVDB: 103354 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 9 and 10 contain a use-after-free vulnerability in the CMarkup component of the MSHTML...

9.3CVSS9.1AI score0.85239EPSS
Exploits23
Saint
Saint
•added 2013/10/24 12:0 a.m.•61 views

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS8.3AI score0.07437EPSS
Exploits4
Saint
Saint
•added 2013/05/13 12:0 a.m.•61 views

Nagios Remote Plugin Executor Metacharacter Filtering Omission

Added: 05/13/2013 CVE: CVE-2013-1362 BID: 58142 OSVDB: 90582 Background Nagios is a network host and service monitoring and management system. Nagios Remote Plugin Executor NRPE is an addon for Nagios that allows remote execution of Nagios plugins on other Linux/Unix machines. Problem Nagios Remo...

7.5CVSS7.4AI score0.65724EPSS
Exploits9
Saint
Saint
•added 2013/03/11 12:0 a.m.•61 views

Cool PDF Reader Image Stream Stack Overflow

Added: 03/11/2013 CVE: CVE-2012-4914 BID: 57461 OSVDB: 89349 Background Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS. Problem Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on ima...

9.3CVSS7.3AI score0.28391EPSS
Exploits11
Saint
Saint
•added 2012/11/26 12:0 a.m.•61 views

Webmin show.cgi Open Function Call Command Execution

Added: 11/26/2012 CVE: CVE-2012-2982 BID: 55446 OSVDB: 85248 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem Webmin 1.59 and earlier are vulnerable to remote code execution as a result of...

6.5CVSS7.2AI score0.61925EPSS
Exploits10
Saint
Saint
•added 2012/07/23 12:0 a.m.•61 views

HP Data Protector Express Opcode 0x320 Overflow

Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...

10CVSS7.1AI score0.10436EPSS
Exploits4
Saint
Saint
•added 2012/07/23 12:0 a.m.•61 views

Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion

Added: 07/23/2012 CVE: CVE-2012-1723 BID: 53960 OSVDB: 82877 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS9.7AI score0.93688EPSS
Exploits9
Saint
Saint
•added 2012/06/15 12:0 a.m.•61 views

Microsoft OLE Object File Handling vulnerability

Added: 06/15/2012 CVE: CVE-2011-3400 BID: 50977 OSVDB: 77663 Background Object Linking and Embedding OLE allows applications to create and edit compound documents. For example, a Microsoft Excel spreadsheet can be embedded within a Microsoft Word application. Problem A vulnerability when handling...

9.3CVSS6.3AI score0.71722EPSS
Exploits11
Saint
Saint
•added 2012/04/25 12:0 a.m.•61 views

Microsoft Expression Design wintab32.dll Library Loading

Added: 04/25/2012 CVE: CVE-2012-0016 BID: 52375 OSVDB: 80001 Background Microsoft Expression Design is a commercial professional illustration vector and raster graphic design tool for web images. Problem Microsoft Expression Design contains a flaw in the way it loads dynamic-link libraries DLL. T...

9.3CVSS6.5AI score0.21892EPSS
Exploits5
Saint
Saint
•added 2011/11/23 12:0 a.m.•61 views

Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability

Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...

7.5CVSS7.1AI score0.93916EPSS
Exploits9
Saint
Saint
•added 2011/07/18 12:0 a.m.•61 views

HP OpenView Storage Data Protector Opcode 27 Stack Buffer Overflow

Added: 07/18/2011 CVE: CVE-2011-1865 BID: 48486 OSVDB: 73571 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The OmniInet process omniinet.exe is...

10CVSS7.7AI score0.88948EPSS
Exploits18
Saint
Saint
•added 2011/03/17 12:0 a.m.•61 views

Cisco Security Agent Management Center Code Execution

Added: 03/17/2011 CVE: CVE-2011-0364 BID: 65436 OSVDB: 70884 Background Cisco Security Agent Management Center is the server component of Cisco's Security Agent endpoint IPS solution. It is responsible for collecting event log information from endpoints and distributing rules updates. Problem The...

10CVSS6.2AI score0.19617EPSS
Exploits9
Saint
Saint
•added 2010/08/19 12:0 a.m.•61 views

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

9.3CVSS6.5AI score0.17612EPSS
Exploits4
Saint
Saint
•added 2009/10/27 12:0 a.m.•61 views

Adobe Reader FlateDecode filter TIFF Predictor integer overflow

Added: 10/27/2009 CVE: CVE-2009-3459 BID: 36600 OSVDB: 58729 Background Adobe Reader is free software for viewing PDF documents. Problem An integer overflow in the FlateDecode filter in Adobe Reader allows command execution when a user opens a PDF file containing specially crafted compressed...

9.3CVSS6.7AI score0.86583EPSS
Exploits12
Saint
Saint
•added 2009/06/15 12:0 a.m.•61 views

Microsoft Works File Converter FontName buffer overflow

Added: 06/15/2009 CVE: CVE-2009-1533 BID: 35184 OSVDB: 54939 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows command execution when a user opens a WPS file...

9.3CVSS6.7AI score0.3562EPSS
Exploits5
Saint
Saint
•added 2009/02/26 12:0 a.m.•61 views

Java Runtime Environment JAR manifest Main Class buffer overflow

Added: 02/26/2009 CVE: CVE-2008-5354 BID: 32608 OSVDB: 50499 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in JRE allows command execution when a user opens a JAR archive containing a manifest file with a specially craft...

9.3CVSS7.9AI score0.04798EPSS
Exploits5
Saint
Saint
•added 2008/12/24 12:0 a.m.•61 views

Computer Associates License Service invalid command buffer overflow

Added: 12/24/2008 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary...

4.6CVSS7.5AI score0.46344EPSS
Exploits24
Saint
Saint
•added 2008/11/13 12:0 a.m.•61 views

Adobe Acrobat and Reader JavaScript buffer overflow

Added: 11/13/2008 CVE: CVE-2007-5659 BID: 27641 OSVDB: 41495 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem Buffer overflow vulnerabilities in several JavaScript functions allow command execution when a user loads ...

9.3CVSS9.3AI score0.94222EPSS
Exploits9
Saint
Saint
•added 2007/02/16 12:0 a.m.•61 views

VERITAS NetBackup bpcd daemon command chaining vulnerability

Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...

10CVSS7.3AI score0.04235EPSS
Exploits4
Saint
Saint
•added 2006/02/17 12:0 a.m.•61 views

Microsoft IIS .HTR ISAPI chunked encoding buffer overflow

Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...

7.5CVSS6.9AI score0.23901EPSS
Exploits4
Saint
Saint
•added 2016/05/06 12:0 a.m.•60 views

Apache Struts Dynamic Method Invocation command execution

Added: 05/06/2016 CVE: CVE-2016-3081 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. The Dynamic Method Invocation...

9.3CVSS8.3AI score0.9373EPSS
Exploits12
Saint
Saint
•added 2013/11/18 12:0 a.m.•60 views

Symantec Altiris DS SQL injection

Added: 11/18/2013 CVE: CVE-2008-2286 BID: 29198 OSVDB: 45313 Background Altiris Deployment Solution DS is software for managing the configuration of machines on a network. Problem An SQL injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

7.5CVSS8.1AI score0.32678EPSS
Exploits9
Saint
Saint
•added 2013/08/30 12:0 a.m.•60 views

Oracle Java Runtime Environment AWT storeImageArray Vulnerability

Added: 08/30/2013 CVE: CVE-2013-2465 BID: 60657 OSVDB: 94339 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the storeImageArray function of the Abstract Window Toolkit AWT library awt.dll allows command execution when ...

10CVSS8.3AI score0.98704EPSS
Exploits10
Saint
Saint
•added 2013/07/18 12:0 a.m.•60 views

Apache Struts URL includeParams Attribute OGNL Code Injection

Added: 07/18/2013 CVE: CVE-2013-2115 BID: 60167 OSVDB: 93645 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem...

9.3CVSS8.2AI score0.72778EPSS
Exploits9
Saint
Saint
•added 2013/01/07 12:0 a.m.•60 views

RealPlayer InternetShortcut URL property buffer overflow

Added: 01/07/2013 CVE: CVE-2012-5691 BID: 56956 OSVDB: 88486 Background RealPlayer is a media player application which can play back various multimedia file formats. Problem A buffer overflow vulnerability in the GetPrivateProfileString function allows command execution when a user opens a...

9.3CVSS6.8AI score0.52703EPSS
Exploits8
Saint
Saint
•added 2012/10/22 12:0 a.m.•60 views

Avaya IP Office Customer Call Reporter ImageUpload.ashx file upload

Added: 10/22/2012 CVE: CVE-2012-3811 BID: 54225 OSVDB: 83399 Background Avaya IP Office is a unified communications solution for mobile workforce. Problem The ImageUpload.ashx script allows unauthenticated users to upload arbitrary script files to the webserver. The script files can then be...

10CVSS6.9AI score0.62876EPSS
Exploits8
Saint
Saint
•added 2012/08/30 12:0 a.m.•60 views

Oracle Java findMethod findClass Security Bypass

Added: 08/30/2012 CVE: CVE-2012-4681 BID: 55213 OSVDB: 84867 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS10AI score0.98536EPSS
Exploits10
Saint
Saint
•added 2012/03/08 12:0 a.m.•60 views

Adobe Flash Player MP4 Copyright Statement Overflow

Added: 03/08/2012 CVE: CVE-2012-0754 BID: 52034 OSVDB: 79300 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Flash Player version prior to 11.1.102.62 do not properly validate the Copyright statement key CPRT in the tag...

10CVSS8.1AI score0.9203EPSS
Exploits11
Saint
Saint
•added 2012/03/01 12:0 a.m.•60 views

ABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow

Added: 03/01/2012 CVE: CVE-2012-0245 BID: 52123 OSVDB: 79476 Background ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks,...

10CVSS7.7AI score0.0818EPSS
Exploits4
Saint
Saint
•added 2011/11/21 12:0 a.m.•60 views

eSignal WinSig.exe long StyleTemplate buffer overflow

Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...

10CVSS7.7AI score0.55778EPSS
Exploits7
Saint
Saint
•added 2011/10/19 12:0 a.m.•60 views

Wireshark DECT Dissector Remote Stack Buffer Overflow

Added: 10/19/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark...

9.3CVSS7.7AI score0.41744EPSS
Exploits18
Saint
Saint
•added 2011/07/27 12:0 a.m.•60 views

Mozilla Firefox nsTreeRange Use After Free

Added: 07/27/2011 CVE: CVE-2011-0073 BID: 47663 OSVDB: 72087 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem Mozilla Firefox and SeaMonkey are prone to a remote code execution vulnerability caused by accessing previously...

10CVSS9.9AI score0.70005EPSS
Exploits5
Saint
Saint
•added 2011/05/27 12:0 a.m.•60 views

Novell ZENworks Asset Management File Upload Traversal

Added: 05/27/2011 CVE: CVE-2010-4229 BID: 47295 OSVDB: 71872 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Asset Management module ZAM of ZENworks version 10.3 prior to 10.3.2 and version 11 fail to validate the...

10CVSS6.5AI score0.25428EPSS
Exploits5
Saint
Saint
•added 2010/11/16 12:0 a.m.•60 views

Microsoft Office RTF pFragments Property Stack Buffer Overflow

Added: 11/16/2010 CVE: CVE-2010-3333 BID: 44652 OSVDB: 69085 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A stack buffer overflow vulnerability exists when...

9.3CVSS8.1AI score0.89497EPSS
Exploits14
Saint
Saint
•added 2010/10/18 12:0 a.m.•60 views

IBM Tivoli Storage Manager FastBack Mount Service Code Execution

Added: 10/18/2010 CVE: CVE-2010-3058 BID: 42549 OSVDB: 67292 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. TSM includes FastBack, which provides a client/server backup solution for the MS Windows environment. FastBack...

7.5CVSS6.5AI score0.02462EPSS
Exploits4
Saint
Saint
•added 2009/04/23 12:0 a.m.•60 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
Total number of security vulnerabilities4305