Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2006/09/05 12:0 a.m.•53 views

Windows Task Scheduler buffer overflow

Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...

10CVSS7.1AI score0.66952EPSS
Exploits4
Saint
Saint
•added 2006/05/15 12:0 a.m.•53 views

Windows compressed folders buffer overflow

Added: 05/15/2006 CVE: CVE-2004-0575 BID: 11382 OSVDB: 10695 Background Microsoft Windows XP and Windows Server 2003 include the ability to natively handle ZIP files. Problem A buffer overflow when handling compressed folders allows command execution when a specially crafted ZIP file is opened by...

10CVSS6.8AI score0.603EPSS
Exploits4
Saint
Saint
•added 2006/04/06 12:0 a.m.•53 views

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

10CVSS6.9AI score0.61668EPSS
Exploits8
Saint
Saint
•added 2019/04/16 12:0 a.m.•52 views

KACE K1000 Remote Code Execution

Added: 04/16/2019 Background KACE Systems Management Appliance manages, secures, and services network-connected devices. Problem A vulnerability in KACE Systems Management Appliance K1000 could allow unauthenticated command execution. Resolution Upgrade to the latest version of your KACE Systems...

2.6AI score
Exploits0
Saint
Saint
•added 2016/06/15 12:0 a.m.•52 views

Apache Continuum saveInstallation.action command execution

Added: 06/15/2016 Background Apache Continuum is a continuous integration server for Java projects. Problem A remote attacker could execute arbitrary commands by sending a POST request to saveInstallation.action with a specially crafted installation.varValue parameter. Resolution Upgrade to a...

8.2AI score
Exploits0
Saint
Saint
•added 2015/04/14 12:0 a.m.•52 views

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

7.2CVSS7.9AI score0.09887EPSS
Exploits16
Saint
Saint
•added 2014/10/24 12:0 a.m.•52 views

Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability

Added: 10/24/2014 CVE: CVE-2014-4114 BID: 70419 OSVDB: 113140 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. For...

9.3CVSS8.2AI score0.81628EPSS
Exploits22
Saint
Saint
•added 2014/08/07 12:0 a.m.•52 views

Kolibri WebServer HTTP GET Request Handling Buffer Overflow

Added: 08/07/2014 CVE: CVE-2014-4158 BID: 68195 OSVDB: 108090 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...

7.5CVSS7.1AI score0.14301EPSS
Exploits7
Saint
Saint
•added 2014/02/11 12:0 a.m.•52 views

Android WebView addJavascriptInterface Arbitrary Java Method Access

Added: 02/11/2014 CVE: CVE-2013-4710 OSVDB: 97520 Background Android is a Linux-based operating system used primarily on touchscreen mobile devices such as smartphones and tablet computers. It was originally developed by Android Inc., but is now owned by Google. WebView is a sub-class of the...

9.3CVSS6.7AI score0.42623EPSS
Exploits6
Saint
Saint
•added 2013/10/24 12:0 a.m.•52 views

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS8.3AI score0.07437EPSS
Exploits4
Saint
Saint
•added 2013/09/19 12:0 a.m.•52 views

HP LeftHand Virtual SAN Appliance hydra Ping Hostname Overflow

Added: 09/19/2013 CVE: CVE-2012-3285 BID: 57754 OSVDB: 89919 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...

10CVSS7.9AI score0.08695EPSS
Exploits4
Saint
Saint
•added 2013/01/28 12:0 a.m.•52 views

Nagios 3 history.cgi Command Injection

Added: 01/28/2013 CVE: CVE-2012-6096 BID: 56879 OSVDB: 88322 Background Nagios is a network host and service monitoring and management system. Problem The Nagios history.cgi script is vulnerable to a stack overflow when parsing the host parameter. This may allow an attacker to execute arbitrary...

7.5CVSS7.2AI score0.6645EPSS
Exploits15
Saint
Saint
•added 2012/05/02 12:0 a.m.•52 views

Oracle WebCenter Forms Recognition SSSplitter ActiveX Overwrite

Added: 05/02/2012 CVE: CVE-2012-1710 BID: 53062 OSVDB: 81366 Background Oracle WebCenter Imaging is a combined document management and business process management suite, marketed as a component of the Oracle Fusion Middleware portfolio of products. Oracle Forms Recognition OFR is an intelligent...

9.8CVSS9.3AI score0.11636EPSS
Exploits4
Saint
Saint
•added 2012/02/28 12:0 a.m.•52 views

Java Runtime Environment MixerSequence Function Pointer Control

Added: 02/28/2012 CVE: CVE-2010-0842 BID: 39077 OSVDB: 63493 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

7.5CVSS9.6AI score0.77721EPSS
Exploits9
Saint
Saint
•added 2011/11/14 12:0 a.m.•52 views

Novell ZENworks LaunchHelp.dll ActiveX Control LaunchProcess Code Execution

Added: 11/14/2011 CVE: CVE-2011-2657 BID: 50274 OSVDB: 76700 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

6.8CVSS7.1AI score0.48366EPSS
Exploits10
Saint
Saint
•added 2011/04/17 12:0 a.m.•52 views

7-Technologies Interactive Graphical SCADA System Remote Code Execution

Added: 04/17/2011 CVE: CVE-2011-1567 BID: 46936 Background 7-Technologies Interactive Graphical SCADA System IGSS is a SCADA solution used mainly in Denmark and the US. Problem 7T IGSS server contains multiple stack overflows, a format string vulnerability, a remote command execution vulnerabilit...

10CVSS6.6AI score0.69618EPSS
Exploits10
Saint
Saint
•added 2011/03/17 12:0 a.m.•52 views

Cisco Security Agent Management Center Code Execution

Added: 03/17/2011 CVE: CVE-2011-0364 BID: 65436 OSVDB: 70884 Background Cisco Security Agent Management Center is the server component of Cisco's Security Agent endpoint IPS solution. It is responsible for collecting event log information from endpoints and distributing rules updates. Problem The...

10CVSS6.2AI score0.19617EPSS
Exploits9
Saint
Saint
•added 2010/06/15 12:0 a.m.•52 views

Windows Help and Support Center -FromHCP URL whitelist bypass

Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...

9.3CVSS6.5AI score0.75458EPSS
Exploits11
Saint
Saint
•added 2010/04/22 12:0 a.m.•52 views

Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow

Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...

7.5CVSS9.6AI score0.03538EPSS
Exploits4
Saint
Saint
•added 2010/04/20 12:0 a.m.•52 views

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

10CVSS9.6AI score0.69949EPSS
Exploits7
Saint
Saint
•added 2009/08/14 12:0 a.m.•52 views

Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow

Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...

9.3CVSS6.8AI score0.5161EPSS
Exploits8
Saint
Saint
•added 2009/06/05 12:0 a.m.•52 views

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

10CVSS7.7AI score0.08435EPSS
Exploits5
Saint
Saint
•added 2009/04/10 12:0 a.m.•52 views

Oracle WebLogic Server IIS Connector JSESSIONID buffer overflow

Added: 04/10/2009 CVE: CVE-2008-5457 BID: 33177 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability in the WebLogic IIS connector allows remote attackers to execute arbitrary commands by sending a long, special...

10CVSS7.5AI score0.61309EPSS
Exploits12
Saint
Saint
•added 2009/03/12 12:0 a.m.•52 views

Tivoli Storage Manager heap corruption

Added: 03/12/2009 CVE: CVE-2008-4563 BID: 34077 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. Problem A heap overflow allows remote attackers to execute arbitrary commands. Resolution Apply the workaround or solution...

10CVSS7.4AI score0.28987EPSS
Exploits5
Saint
Saint
•added 2009/03/03 12:0 a.m.•52 views

Fujitsu SystemcastWizard Lite PXE service buffer overflow

Added: 03/03/2009 CVE: CVE-2009-0270 BID: 33342 OSVDB: 51486 Background SystemcastWizard Lite is support software for the setup of Primequest systems. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted datagram to the...

10CVSS7.8AI score0.05531EPSS
Exploits4
Saint
Saint
•added 2009/02/27 12:0 a.m.•52 views

Adobe Reader JBIG2 image stream buffer overflow

Added: 02/27/2009 CVE: CVE-2009-0658 BID: 33751 OSVDB: 52073 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file containing a special...

9.3CVSS8AI score0.87719EPSS
Exploits7
Saint
Saint
•added 2008/12/24 12:0 a.m.•52 views

Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow

Added: 12/24/2008 CVE: CVE-2004-0363 BID: 9916 OSVDB: 6249 Background Norton AntiSpam 2004, which is included in Norton Internet Security 2004, is spam filtering software. Problem A buffer overflow vulnerability in the SymSpamHelper ActiveX control symspam.dll allows command execution when a user...

7.5CVSS6.9AI score0.66567EPSS
Exploits7
Saint
Saint
•added 2008/11/28 12:0 a.m.•52 views

GoodTech SSH Server SFTP buffer overflow

Added: 11/28/2008 CVE: CVE-2008-4726 BID: 31879 OSVDB: 49249 Background GoodTech SSH Server is an SSH Server providing secure remote console, secure file transfer, and secure port forwarding capabilities for Windows platforms. Problem Buffer overflow vulnerabilities in GoodTech SSH Server allow...

9CVSS7.6AI score0.44252EPSS
Exploits6
Saint
Saint
•added 2008/11/13 12:0 a.m.•52 views

Adobe Acrobat and Reader JavaScript buffer overflow

Added: 11/13/2008 CVE: CVE-2007-5659 BID: 27641 OSVDB: 41495 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem Buffer overflow vulnerabilities in several JavaScript functions allow command execution when a user loads ...

9.3CVSS9.3AI score0.94222EPSS
Exploits9
Saint
Saint
•added 2008/01/15 12:0 a.m.•52 views

Novell GroupWise Client IMG SRC buffer overflow

Added: 01/15/2008 CVE: CVE-2007-6435 BID: 26875 OSVDB: 40870 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability in the GroupWise client allows command execution when a user replies to or forwards a message containing an IMG tag with a...

9.3CVSS6.8AI score0.06588EPSS
Exploits5
Saint
Saint
•added 2007/12/24 12:0 a.m.•52 views

Samba lsa_io_trans_names buffer overflow

Added: 12/24/2007 CVE: CVE-2007-2446 BID: 24195 OSVDB: 34699 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in the LSA RPC interface allows a remote attacker to execute...

10CVSS9.2AI score0.77806EPSS
Exploits23
Saint
Saint
•added 2007/11/02 12:0 a.m.•52 views

Lotus Domino IMAP mailbox name buffer overflow

Added: 11/02/2007 CVE: CVE-2007-3510 BID: 26176 OSVDB: 40953 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in Lotus Domino could allow a remote, authenticated attacker to execute arbitrary commands by sending ...

9CVSS7.7AI score0.05033EPSS
Exploits5
Saint
Saint
•added 2007/10/18 12:0 a.m.•52 views

BrightStor ARCserve Message Engine opnum 0x10d buffer overflow

Added: 10/18/2007 CVE: CVE-2007-5327 BID: 26015 OSVDB: 41369 Background CA ARCserve Bac kup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs a Message Engine RPC service on port 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remot...

10CVSS7.8AI score0.16084EPSS
Exploits4
Saint
Saint
•added 2007/10/11 12:0 a.m.•52 views

Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...

7.5CVSS7.2AI score0.4571EPSS
Exploits5
Saint
Saint
•added 2007/09/06 12:0 a.m.•52 views

ClamAV milter popen command injection

Added: 09/06/2007 CVE: CVE-2007-4560 BID: 25439 OSVDB: 36909 Background ClamAV is an open-source anti-virus toolkit. clamav-milter is a derivative of ClamAV for e-mail servers running Sendmail. Problem An insecure call to the popen function in clamav-milter, when running in black hole mode, allow...

7.6CVSS9.5AI score0.83539EPSS
Exploits12
Saint
Saint
•added 2007/05/30 12:0 a.m.•52 views

Sun Java System Web Proxy sockd buffer overflow

Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...

10CVSS7.8AI score0.25703EPSS
Exploits4
Saint
Saint
•added 2007/03/02 12:0 a.m.•52 views

Trend Micro ServerProtect ENG_SendEMail buffer overflow

Added: 03/02/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSendEMail function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
•added 2006/10/19 12:0 a.m.•52 views

BrightStor ARCserve discovery service ASBRDCST.DLL buffer overflow

Added: 10/19/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29534 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...

7.5CVSS7.7AI score0.78513EPSS
Exploits12
Saint
Saint
•added 2006/10/06 12:0 a.m.•52 views

Microsoft Message Queuing buffer overflow

Added: 10/06/2006 CVE: CVE-2005-0059 BID: 13112 OSVDB: 15458 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow in Microsoft Message Queuing allows remote attackers to execute arbitrary...

10CVSS7.5AI score0.76803EPSS
Exploits10
Saint
Saint
•added 2006/09/05 12:0 a.m.•52 views

Windows Task Scheduler buffer overflow

Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...

10CVSS7AI score0.66952EPSS
Exploits4
Saint
Saint
•added 2006/08/11 12:0 a.m.•52 views

Windows Server Service buffer overflow

Added: 08/11/2006 CVE: CVE-2006-3439 BID: 19409 OSVDB: 27845 Background The Windows Server Service supports file, print, and named-pipe sharing over the network. Problem A buffer overflow vulnerability in the Windows Server Service allows remote attackers to execute arbitrary commands. Resolution...

10CVSS7.6AI score0.85461EPSS
Exploits16
Saint
Saint
•added 2006/08/07 12:0 a.m.•52 views

BrightStor ARCserve Universal Agent buffer overflow

Added: 08/07/2006 CVE: CVE-2005-1018 BID: 13102 OSVDB: 15471 Background The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP. Problem A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary comman...

7.5CVSS7.8AI score0.58983EPSS
Exploits7
Saint
Saint
•added 2006/02/17 12:0 a.m.•52 views

Lotus Notes HTML Speed Reader URL buffer overflow

Added: 02/17/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23068 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a lon...

9.3CVSS6.8AI score0.07922EPSS
Exploits8
Saint
Saint
•added 2006/01/24 12:0 a.m.•52 views

QuickTime JPEG buffer overflow

Added: 01/24/2006 CVE: CVE-2005-2340 BID: 16212 OSVDB: 22335 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution when a user opens a specially crafted JPEG file. Resolution Upgrade to QuickTime 7.0.4 or higher...

7.5CVSS6.7AI score0.25506EPSS
Exploits5
Saint
Saint
•added 2005/11/25 12:0 a.m.•52 views

Internet Explorer inline content filename extension vulnerability

Added: 11/25/2005 CVE: CVE-2001-0727 BID: 3578 OSVDB: 3033 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Using a null byte %00 in the filename field found in the Content-disposition header, a remote web server may be able to...

7.5CVSS7.8AI score0.31007EPSS
Exploits4
Saint
Saint
•added 2017/01/26 12:0 a.m.•51 views

WebEx browser extension command execution

Added: 01/26/2017 CVE: CVE-2017-3823 BID: 95737 Background Cisco WebEx is an online meeting solution. Extensions are available for all major web browsers, which enable users to join meetings from their browser. Problem A vulnerability in the WebEx browser extensions allows command execution when ...

9.3CVSS8.8AI score0.27231EPSS
Exploits6
Saint
Saint
•added 2015/06/26 12:0 a.m.•51 views

Ubuntu overlayfs privilege elevation

Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...

7.8CVSS7.3AI score0.37679EPSS
Exploits22
Saint
Saint
•added 2014/05/13 12:0 a.m.•51 views

Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation

Added: 05/13/2014 CVE: CVE-2013-1763 BID: 58137 OSVDB: 90604 Background Netlink is a feature of the Linux kernel which allows communication between kernel and user space. Problem An array index error in the sockdiagrcvmsg function in the Linux kernel allows local users to gain root privileges by...

7.2CVSS8.2AI score0.0418EPSS
Exploits12
Saint
Saint
•added 2013/12/27 12:0 a.m.•51 views

RealPlayer RMP File Version Attribute Buffer Overflow

Added: 12/27/2013 CVE: CVE-2013-6877 BID: 64398 OSVDB: 101356 Background RealNetworks RealPlayer includes an embedded player which plays media embedded in a web page. Problem RealNetworks Windows RealPlayer 17.0.2.206 and earlier versions are vulnerable to remote code execution due to improper...

9.3CVSS7.4AI score0.11345EPSS
Exploits11
Saint
Saint
•added 2013/10/24 12:0 a.m.•51 views

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS8.2AI score0.07437EPSS
Exploits4
Total number of security vulnerabilities4305