Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2013/07/24 12:0 a.m.•51 views

HP Data Protector CRS Opcode 211 Stack Buffer Overflow

Added: 07/24/2013 CVE: CVE-2013-2333 BID: 60309 OSVDB: 93867 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in crs.exe when handling requests with opcode 211 allows remote attackers to execute arbitrary commands. Resolution Apply a patch...

10CVSS7.5AI score0.89809EPSS
Exploits8
Saint
Saint
•added 2012/07/17 12:0 a.m.•51 views

Oracle AutoVue SetMarkupMode ActiveX Overflow

Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...

7.5CVSS6.4AI score0.59413EPSS
Exploits10
Saint
Saint
•added 2012/06/22 12:0 a.m.•51 views

Internet Explorer Same ID Property vulnerability

Added: 06/22/2012 CVE: CVE-2012-1875 BID: 53847 OSVDB: 82865 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Internet Explorer allows command execution when a user opens a specially crafted web page which causes...

9.3CVSS8.2AI score0.61655EPSS
Exploits11
Saint
Saint
•added 2011/12/21 12:0 a.m.•51 views

Adobe Reader U3D Heap Overflow

Added: 12/21/2011 CVE: CVE-2011-2462 BID: 50922 OSVDB: 77529 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...

10CVSS10AI score0.86238EPSS
Exploits16
Saint
Saint
•added 2011/11/28 12:0 a.m.•51 views

Measuresoft ScadaPro xf Command Execution

Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...

10CVSS7.2AI score0.36429EPSS
Exploits5
Saint
Saint
•added 2011/11/28 12:0 a.m.•51 views

Measuresoft ScadaPro xf Command Execution

Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...

10CVSS7.2AI score0.36429EPSS
Exploits5
Saint
Saint
•added 2011/11/14 12:0 a.m.•51 views

Novell ZENworks LaunchHelp.dll ActiveX Control LaunchProcess Code Execution

Added: 11/14/2011 CVE: CVE-2011-2657 BID: 50274 OSVDB: 76700 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

6.8CVSS7.1AI score0.48366EPSS
Exploits10
Saint
Saint
•added 2011/10/14 12:0 a.m.•51 views

HP Intelligent Management Center iNodeMngChecker.exe Buffer Overflow

Added: 10/14/2011 CVE: CVE-2011-1867 BID: 48527 OSVDB: 73597 Background HP Intelligent Management Center, also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities. The iNodeMngChecker.exe component listens,...

10CVSS7.5AI score0.25787EPSS
Exploits4
Saint
Saint
•added 2011/10/11 12:0 a.m.•51 views

Wireshark DECT Dissector PCAP File Processing Overflow

Added: 10/11/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector epan/dissectors/packet-dect.c allows command execution via a specially crafted .pcap file. Resolution Upgrade to Wireshark...

9.3CVSS7.8AI score0.41744EPSS
Exploits18
Saint
Saint
•added 2011/06/15 12:0 a.m.•51 views

Microsoft Excel Data Validation Record Parsing Overflow

Added: 06/15/2011 CVE: CVE-2011-0105 BID: 47256 OSVDB: 71765 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel 2002 versions lacking the patch detailed in Microsoft Security Advisory...

9.3CVSS6.9AI score0.71129EPSS
Exploits10
Saint
Saint
•added 2011/05/26 12:0 a.m.•51 views

VLC Media Player Libmodplug CSoundFile::ReadS3M() Function S3M File Handling Overflow

Added: 05/26/2011 CVE: CVE-2011-1574 OSVDB: 72143 Background VideoLAN VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem VLC media player is vulnerable to a stack buffer overflow because the ReadS3M function in libmodplug fails to properl...

6.8CVSS7.2AI score0.42941EPSS
Exploits8
Saint
Saint
•added 2011/05/05 12:0 a.m.•51 views

Oracle Java Applet2ClassLoader Vulnerability

Added: 05/05/2011 CVE: CVE-2010-4452 BID: 46388 OSVDB: 71193 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS9.6AI score0.8316EPSS
Exploits11
Saint
Saint
•added 2010/09/20 12:0 a.m.•51 views

Windows SMB2 buffer overflow

Added: 09/20/2010 CVE: CVE-2009-3103 BID: 36299 OSVDB: 57799 Background SMB2 is the replacement protocol for the SMB Windows filesharing protocol. Problem A buffer overflow vulnerability in the SMB2 Service allows remote attackers to execute arbitrary commands. Resolution Apply the patch referenc...

10CVSS9.9AI score0.90121EPSS
Exploits20
Saint
Saint
•added 2010/04/27 12:0 a.m.•51 views

RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow

Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...

10CVSS7.7AI score0.58051EPSS
Exploits12
Saint
Saint
•added 2010/04/20 12:0 a.m.•51 views

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

10CVSS9.5AI score0.69949EPSS
Exploits7
Saint
Saint
•added 2010/04/20 12:0 a.m.•51 views

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

10CVSS9.4AI score0.69949EPSS
Exploits7
Saint
Saint
•added 2009/11/20 12:0 a.m.•51 views

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

9.3CVSS6.6AI score0.36717EPSS
Exploits8
Saint
Saint
•added 2009/09/24 12:0 a.m.•51 views

Mozilla Firefox PKCS11 Module Installation Code Execution

Added: 09/24/2009 CVE: CVE-2009-3076 BID: 36343 OSVDB: 57977 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem The warning dialog displayed when adding or removing security modules via pkcs11.addmodule or pkcs11.deletemodule can be customized by a...

9.3CVSS6.4AI score0.06724EPSS
Exploits4
Saint
Saint
•added 2009/05/29 12:0 a.m.•51 views

Adobe Reader Javascript API getAnnots method vulnerability

Added: 05/29/2009 CVE: CVE-2009-1492 BID: 34736 OSVDB: 54130 Background Adobe Reader is free software for viewing PDF documents. Problem A vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the getAnnots method with specially crafted arguments...

9.3CVSS6.3AI score0.25522EPSS
Exploits5
Saint
Saint
•added 2009/05/21 12:0 a.m.•51 views

Microsoft PowerPoint 2000 CurrentUserAtom buffer overflow

Added: 05/21/2009 CVE: CVE-2009-1131 BID: 34841 OSVDB: 54393 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a presentation containin...

9.3CVSS6.8AI score0.35927EPSS
Exploits5
Saint
Saint
•added 2009/05/07 12:0 a.m.•51 views

Windows SMB credential reflection vulnerability

Added: 05/07/2009 CVE: CVE-2008-4037 BID: 7385 OSVDB: 49736 Background The Server Message Block SMB protocol is a file sharing protocol implemented in Microsoft Windows. NTLM is a challenge/response-based authentication protocol. Problem An NTLM credential reflection vulnerability allows a remote...

9.3CVSS6.6AI score0.59136EPSS
Exploits9
Saint
Saint
•added 2008/09/24 12:0 a.m.•51 views

DNS zone transfer

Added: 09/24/2008 CVE: CVE-1999-0532 OSVDB: 492 Background A DNS zone transfer is the process by which a secondary name server copies all DNS records for a domain from a primary name server. Problem If DNS zone transfers are not restricted, they can allow attackers to enumerate hosts in a domain...

6.2AI score0.68535EPSS
Exploits7
Saint
Saint
•added 2008/07/30 12:0 a.m.•51 views

Apache Tomcat JK Web Server Connector URI worker map buffer overflow

Added: 07/30/2008 CVE: CVE-2007-0774 BID: 22791 OSVDB: 33855 Background Apache Tomcat is a Java web application platform which can run under various types of web servers. The JK Web Server Connector modjk is used for communication between Tomcat and the web server. Problem A buffer overflow in a...

7.5CVSS8AI score0.81513EPSS
Exploits8
Saint
Saint
•added 2008/05/22 12:0 a.m.•51 views

HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow

Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...

6.8CVSS6.9AI score0.04697EPSS
Exploits4
Saint
Saint
•added 2008/01/04 12:0 a.m.•51 views

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

9.3CVSS6.9AI score0.05554EPSS
Exploits5
Saint
Saint
•added 2007/10/18 12:0 a.m.•51 views

BrightStor ARCserve Message Engine opnum 0x10d buffer overflow

Added: 10/18/2007 CVE: CVE-2007-5327 BID: 26015 OSVDB: 41369 Background CA ARCserve Bac kup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs a Message Engine RPC service on port 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remot...

10CVSS7.8AI score0.16084EPSS
Exploits4
Saint
Saint
•added 2007/09/30 12:0 a.m.•51 views

Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...

6.8CVSS6.6AI score0.31003EPSS
Exploits6
Saint
Saint
•added 2007/01/15 12:0 a.m.•51 views

Microsoft Visual Studio 2005 WMI Object Broker vulnerability

Added: 01/15/2007 CVE: CVE-2006-4704 BID: 20843 OSVDB: 30155 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Problem A flaw in the WMI Object Broker ActiveX control allows attackers to bypass security zone restrictions, leading ...

6.8CVSS6.4AI score0.42846EPSS
Exploits6
Saint
Saint
•added 2006/12/28 12:0 a.m.•51 views

MailEnable POP PASS command buffer overflow

Added: 12/28/2006 CVE: CVE-2006-6605 BID: 21645 OSVDB: 32341 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. Problem A buffer overflow vulnerability in MailEnable allows remote, unauthenticated attackers to execute arbitrary commands by sending a long,...

10CVSS7.9AI score0.05844EPSS
Exploits4
Saint
Saint
•added 2006/09/18 12:0 a.m.•51 views

Mercury Mail IMAP DELETE command buffer overflow

Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...

10CVSS7.5AI score0.72459EPSS
Exploits8
Saint
Saint
•added 2006/06/02 12:0 a.m.•51 views

Samba call_trans2open buffer overflow

Added: 06/02/2006 CVE: CVE-2003-0201 BID: 7294 OSVDB: 4469 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A buffer overflow in the calltrans2open function allows anonymous remote attackers t...

10CVSS7.4AI score0.84502EPSS
Exploits23
Saint
Saint
•added 2006/04/25 12:0 a.m.•51 views

Internet Explorer DHTML object vulnerability

Added: 04/25/2006 CVE: CVE-2005-0553 BID: 13120 OSVDB: 15465 Background Dynamic HTML DHTML allows the creation of interactive web pages. Problem Race conditions in various DHTML methods could allow command execution when a specially crafted web page is loaded in Internet Explorer. Resolution Appl...

5.1CVSS7.5AI score0.50604EPSS
Exploits5
Saint
Saint
•added 2006/03/31 12:0 a.m.•51 views

RealPlayer invalid chunk header heap overflow

Added: 03/31/2006 CVE: CVE-2005-2922 BID: 17202 OSVDB: 24062 Background RealPlayer, RealOne Player, and Helix Player include an embedded player which plays media embedded in a web page. Problem A chunked HTTP response containing an invalid or missing chunk header results in a heap overflow, leadi...

9.3CVSS6.5AI score0.05783EPSS
Exploits5
Saint
Saint
•added 2006/02/24 12:0 a.m.•51 views

Windows NetDDE buffer overflow

Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...

7.5CVSS7.5AI score0.77002EPSS
Exploits8
Saint
Saint
•added 2006/02/05 12:0 a.m.•51 views

Microsoft SQL Server 2000 resolution service buffer overflow

Added: 02/05/2006 CVE: CVE-2002-0649 BID: 5310 OSVDB: 4577 Background Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs...

7.5CVSS7.9AI score0.8475EPSS
Exploits7
Saint
Saint
•added 2006/01/09 12:0 a.m.•51 views

sadmind AUTH_SYS authentication vulnerability

Added: 01/09/2006 CVE: CVE-2003-0722 BID: 8615 OSVDB: 4585 Background sadmind is a service which coordinates distributed system administration operations remotely. The Sun Solstice AdminSuite runs sadmind with the AUTHSYS authentication method by default. Problem The sadmind running with the...

10CVSS7.4AI score0.85678EPSS
Exploits9
Saint
Saint
•added 2005/12/10 12:0 a.m.•51 views

JRun mod_jrun WriteToLog buffer overflow

Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...

10CVSS7.7AI score0.07104EPSS
Exploits4
Saint
Saint
•added 2005/11/29 12:0 a.m.•51 views

IMail IMAP STATUS buffer overflow

Added: 11/29/2005 CVE: CVE-2005-1256 BID: 13727 OSVDB: 16806 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, and a web interface and web calendaring service. Problem A buffer overflow when processing long mailbox names specified in the STAT...

10CVSS7.7AI score0.58898EPSS
Exploits4
Saint
Saint
•added 2020/07/29 12:0 a.m.•50 views

Ruby on Rails local names command execution

Added: 07/29/2020 CVE: CVE-2020-8163 Background Ruby on Rails is a web application framework written in Ruby. Problem Rails applications that allow users to control the names of local variable are affected by a vulnerability that could allow a remote attacker to execute arbitrary commands...

8.8CVSS8.8AI score0.83085EPSS
Exploits10
Saint
Saint
•added 2016/03/14 12:0 a.m.•50 views

Schneider Electric StruxureWare Building Operation Automation Server msh bypass

Added: 03/14/2016 CVE: CVE-2016-2278 Background The Schneider Electric StruxureWare Building Operation software suite provides integrated monitoring, control, and management of energy, HVAC, lighting and fire safety. The Automation Server is a building automation system for small and medium-sized...

9CVSS7.3AI score0.13426EPSS
Exploits7
Saint
Saint
•added 2015/12/14 12:0 a.m.•50 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03268EPSS
Exploits17
Saint
Saint
•added 2015/09/15 12:0 a.m.•50 views

Windows Media Center command execution

Added: 09/15/2015 CVE: CVE-2015-2509 Background Windows Media Center is software for watching DVDs and TV channels on Windows systems. Problem A vulnerability in Windows Media Center could allow command execution when a user opens an .mcl file which references an executable file supplied by an...

9.3CVSS6.5AI score0.71044EPSS
Exploits12
Saint
Saint
•added 2015/04/27 12:0 a.m.•50 views

Samsung iPOLiS Device Manager ReadConfigValue vulnerability

Added: 04/27/2015 CVE: CVE-2015-0555 OSVDB: 118668 Background Samsung iPOLiS Device Manager is software for managing network devices. It comes with an ActiveX control called XnsSdkDeviceIpInstaller.ocx. Problem A buffer overflow vulnerability in the ReadConfigValue and WriteConfigValue methods in...

6.8CVSS6.8AI score0.06388EPSS
Exploits10
Saint
Saint
•added 2015/04/14 12:0 a.m.•50 views

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

7.8CVSS7.6AI score0.09887EPSS
Exploits16
Saint
Saint
•added 2015/02/10 12:0 a.m.•50 views

HP Data Protector Unauthenticated Remote Code Execution

Added: 02/10/2015 CVE: CVE-2014-2623 BID: 68672 OSVDB: 109069 Background HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP. Problem HP Data Protector is vulnerable to remote unauthenticated arbitrary command executi...

10CVSS9.8AI score0.89394EPSS
Exploits20
Saint
Saint
•added 2014/05/29 12:0 a.m.•50 views

Easy File Sharing Web Server SESSIONID Cookie Handling Buffer Overflow

Added: 05/29/2014 CVE: CVE-2014-3791 BID: 67406 OSVDB: 106965 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is...

10CVSS10AI score0.76198EPSS
Exploits6
Saint
Saint
•added 2013/10/17 12:0 a.m.•50 views

Mozilla Firefox XMLSerializer serializeToStream Use-after-free Vulnerability

Added: 10/17/2013 CVE: CVE-2013-0753 BID: 57209 OSVDB: 89021 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem Mozilla Firefox prior to 18.0 contains a use-after-free error in the XMLSerializer when the serializeToStream meth...

9.3CVSS9.3AI score0.51324EPSS
Exploits8
Saint
Saint
•added 2013/09/04 12:0 a.m.•50 views

Oracle Endeca Server createDataStore method command execution

Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...

5.5CVSS7.2AI score0.5984EPSS
Exploits8
Saint
Saint
•added 2013/08/20 12:0 a.m.•50 views

HP LeftHand Virtual SAN Appliance Hydra Service Login Buffer Overflow

Added: 08/20/2013 CVE: CVE-2013-2343 BID: 60884 OSVDB: 94701 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...

10CVSS7.9AI score0.61813EPSS
Exploits8
Saint
Saint
•added 2013/08/08 12:0 a.m.•50 views

Corel PDF Fusion XPS File ZIP Directory Vulnerability

Added: 08/08/2013 CVE: CVE-2013-3248 BID: 61010 OSVDB: 94933 Background Corel PDF Fusion is a software application used to assemble, edit and create PDFs from more than 100 different file types by dragging and dropping them onto the Welcome Screen. It allows adding new text, bookmarks and comment...

9.3CVSS7.4AI score0.18483EPSS
Exploits8
Total number of security vulnerabilities4305