Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2009/06/22 12:0 a.m.•43 views

Oracle Secure Backup login.php ora_osb_lcookie command execution

Added: 06/22/2009 CVE: CVE-2008-4006 BID: 33177 OSVDB: 51343 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

10CVSS7.2AI score0.03433EPSS
Exploits4
Saint
Saint
•added 2009/06/22 12:0 a.m.•43 views

Oracle Secure Backup login.php ora_osb_lcookie command execution

Added: 06/22/2009 CVE: CVE-2008-4006 BID: 33177 OSVDB: 51343 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

10CVSS7.2AI score0.03433EPSS
Exploits4
Saint
Saint
•added 2009/06/05 12:0 a.m.•43 views

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

10CVSS7.7AI score0.08435EPSS
Exploits5
Saint
Saint
•added 2009/05/29 12:0 a.m.•43 views

Adobe Reader Javascript API getAnnots method vulnerability

Added: 05/29/2009 CVE: CVE-2009-1492 BID: 34736 OSVDB: 54130 Background Adobe Reader is free software for viewing PDF documents. Problem A vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the getAnnots method with specially crafted arguments...

9.3CVSS6.3AI score0.25522EPSS
Exploits5
Saint
Saint
•added 2009/05/06 12:0 a.m.•43 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.1AI score0.08036EPSS
Exploits5
Saint
Saint
•added 2009/03/10 12:0 a.m.•43 views

Citect SCADA ODBC Service Overflow

Added: 03/10/2009 CVE: CVE-2008-2639 BID: 29634 OSVDB: 46105 Background The CitectSCADA and CitectFacilities applications include ODBC server capabilities to provide remote SQL access to a relational database. The ODBC Server component listens on port 20222/tcp by default. Problem A buffer overfl...

7.6CVSS7.7AI score0.77717EPSS
Exploits12
Saint
Saint
•added 2009/01/20 12:0 a.m.•43 views

Oracle Secure Backup login.php rbtool command injection

Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...

10CVSS7.3AI score0.3857EPSS
Exploits9
Saint
Saint
•added 2008/12/18 12:0 a.m.•43 views

Microsoft Excel TXO and OBJ record parsing memory corruption

Added: 12/18/2008 CVE: CVE-2008-4265 BID: 32618 OSVDB: 50556 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens an Excel...

9.3CVSS6.5AI score0.2465EPSS
Exploits5
Saint
Saint
•added 2008/11/10 12:0 a.m.•43 views

Adobe Acrobat util.printf JavaScript function buffer overflow

Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...

9.3CVSS8.2AI score0.98482EPSS
Exploits19
Saint
Saint
•added 2008/07/30 12:0 a.m.•43 views

Apache Tomcat JK Web Server Connector URI worker map buffer overflow

Added: 07/30/2008 CVE: CVE-2007-0774 BID: 22791 OSVDB: 33855 Background Apache Tomcat is a Java web application platform which can run under various types of web servers. The JK Web Server Connector modjk is used for communication between Tomcat and the web server. Problem A buffer overflow in a...

7.5CVSS8AI score0.81513EPSS
Exploits8
Saint
Saint
•added 2008/07/25 12:0 a.m.•43 views

Oracle WebLogic Server Apache Connector POST buffer overflow

Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.8AI score0.83589EPSS
Exploits9
Saint
Saint
•added 2008/07/02 12:0 a.m.•44 views

HP OpenView Network Node Manager connectedNodes.ovpl command execution

Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...

7.5CVSS9.9AI score0.7409EPSS
Exploits9
Saint
Saint
•added 2008/06/20 12:0 a.m.•43 views

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding OLE framework. Problem A buffer overflow vulnerability in the OLE importer allows...

9.3CVSS7.8AI score0.57015EPSS
Exploits10
Saint
Saint
•added 2008/05/19 12:0 a.m.•43 views

Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow

Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...

9.3CVSS6.9AI score0.37762EPSS
Exploits5
Saint
Saint
•added 2008/05/15 12:0 a.m.•43 views

Motorola Timbuktu login request buffer overflow

Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...

10CVSS7.9AI score0.06264EPSS
Exploits4
Saint
Saint
•added 2008/04/25 12:0 a.m.•43 views

Computer Associates Alert Notification Server opcode 23 buffer overflow

Added: 04/25/2008 CVE: CVE-2007-4620 BID: 28605 OSVDB: 44040 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...

9CVSS7.8AI score0.52274EPSS
Exploits8
Saint
Saint
•added 2008/04/07 12:0 a.m.•43 views

Cisco Secure ACS UCP CSuserCGI.exe buffer overflow

Added: 04/07/2008 CVE: CVE-2008-0532 BID: 28222 OSVDB: 42961 Background Cisco Secure Access Control Server ACS is a centralized user access control framework which can be used with routers, switches, firewalls, VPNs, and other devices. User Changeable Passwords UCP, a utility implemented by Cisco...

10CVSS7.7AI score0.57136EPSS
Exploits7
Saint
Saint
•added 2008/01/07 12:0 a.m.•43 views

Adobe Flash Player ActionScript launch command execution

Added: 01/07/2008 CVE: CVE-2008-5499 BID: 32896 OSVDB: 50796 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem An input validation vulnerability allows command execution when the browser loads an SWF file which contains shell...

9.3CVSS6.4AI score0.79426EPSS
Exploits11
Saint
Saint
•added 2007/09/21 12:0 a.m.•43 views

Trend Micro ServerProtect SpntSvc RPC buffer overflow

Added: 09/21/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39753 Background ServerProtect is a virus scanner for servers. The Trend Micro ServerProtect service SpntSvc.exe handles RPC requests on port 5168/TCP. Problem Buffer overflow vulnerabilities in the Trend Micro ServerProtect service allow...

10CVSS7.7AI score0.13021EPSS
Exploits12
Saint
Saint
•added 2007/08/03 12:0 a.m.•43 views

Windows rshd buffer overflow

Added: 08/03/2007 CVE: CVE-2007-4006 BID: 25044 OSVDB: 38572 Background The Windows implementation of RSHD is a remote shell daemon which has been adapted to run on Windows platforms. Problem A buffer overflow vulnerability in the Windows implementation of RSHD allows remote attackers to execute...

6.8CVSS7.6AI score0.34481EPSS
Exploits7
Saint
Saint
•added 2007/03/15 12:0 a.m.•43 views

SupportSoft tgctlsi.dll ActiveX control buffer overflow

Added: 03/15/2007 CVE: CVE-2006-6490 BID: 22564 OSVDB: 33481 Background SupportSoft ActiveX controls are used by third-party products to provide remote technical support. Problem SupportSoft ActiveX controls are affected by multiple buffer overflow vulnerabilities which can lead to command...

10CVSS7.2AI score0.1034EPSS
Exploits4
Saint
Saint
•added 2007/03/07 12:0 a.m.•43 views

Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow

Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
•added 2007/01/26 12:0 a.m.•43 views

Microsoft Help Workshop .HPJ file HLP field buffer overflow

Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

9.3CVSS6.8AI score0.30965EPSS
Exploits5
Saint
Saint
•added 2006/12/01 12:0 a.m.•43 views

Novell Client nwspool.dll buffer overflow

Added: 12/01/2006 CVE: CVE-2006-5854 BID: 21220 OSVDB: 30547 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflows in the EnumPrinters and OpenPrinter functions, allowing remote...

7.5CVSS7.4AI score0.57287EPSS
Exploits15
Saint
Saint
•added 2006/10/13 12:0 a.m.•43 views

Microsoft SSL library PCT buffer overflow

Added: 10/13/2006 CVE: CVE-2003-0719 BID: 10116 OSVDB: 5250 Background The Microsoft Secure Sockets Layer SSL library provides support for a number of secure communication protocols, including the Private Communication Technology PCT protocol. Since PCT has been superceded by SSL 3.0, the Microso...

7.5CVSS8AI score0.83412EPSS
Exploits8
Saint
Saint
•added 2006/09/29 12:0 a.m.•43 views

IMail SMTP RCPT TO buffer overflow

Added: 09/29/2006 CVE: CVE-2006-4379 BID: 19885 OSVDB: 28576 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the SMTP daemon allows remote command execution by sending a RCPT TO argument containing a long string between @ and : characters...

7.5CVSS7AI score0.60041EPSS
Exploits8
Saint
Saint
•added 2006/08/11 12:0 a.m.•43 views

Windows Server Service buffer overflow

Added: 08/11/2006 CVE: CVE-2006-3439 BID: 19409 OSVDB: 27845 Background The Windows Server Service supports file, print, and named-pipe sharing over the network. Problem A buffer overflow vulnerability in the Windows Server Service allows remote attackers to execute arbitrary commands. Resolution...

10CVSS7.6AI score0.85461EPSS
Exploits16
Saint
Saint
•added 2006/06/23 12:0 a.m.•43 views

BASE base_qry_common.php file include

Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...

4CVSS6.5AI score0.49185EPSS
Exploits11
Saint
Saint
•added 2006/06/09 12:0 a.m.•43 views

Mozilla Firefox GIF processing buffer overflow

Added: 06/09/2006 CVE: CVE-2005-0399 BID: 12881 OSVDB: 14937 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A heap overflow in Mozilla Firefox when processing GIF images with the obsolete Netscape extension 2 allows command execution when a use...

5.1CVSS6.8AI score0.15116EPSS
Exploits4
Saint
Saint
•added 2006/04/14 12:0 a.m.•43 views

VERITAS NetBackup vnetd bpspsserver buffer overflow

Added: 04/14/2006 CVE: CVE-2006-0991 BID: 17264 OSVDB: 24170 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in bpspsserver allows a remote attacker to execute arbitrary commands by sending a specially crafted Request Service messag...

7.1CVSS7.8AI score0.10972EPSS
Exploits4
Saint
Saint
•added 2006/04/04 12:0 a.m.•43 views

Windows RPC DCOM interface buffer overflow

Added: 04/04/2006 CVE: CVE-2003-0352 BID: 8205 OSVDB: 2100 Background The Distributed Component Object Model is a technology in Microsoft Windows operating systems which allows software components to communicate. Remote Procedure Call RPC is a protocol used to request a service from a program on...

7.5CVSS6.9AI score0.98626EPSS
Exploits9
Saint
Saint
•added 2006/02/10 12:0 a.m.•43 views

Mozilla Firefox QueryInterface method memory corruption

Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...

5.1CVSS6.7AI score0.70741EPSS
Exploits16
Saint
Saint
•added 2006/01/24 12:0 a.m.•43 views

Arkeia Type 77 Request buffer overflow

Added: 01/24/2006 CVE: CVE-2005-0491 BID: 12594 OSVDB: 14011 Background The Arkeia network backup software includes a daemon program called arkeiad which listens for connections on TCP port 617. Problem A buffer overflow in the processing of type 77 requests sent to the arkeiad listener allows...

10CVSS7.3AI score0.64901EPSS
Exploits13
Saint
Saint
•added 2018/11/20 12:0 a.m.•42 views

Dell OpenManage Network Manager MySQL vulnerability

Added: 11/20/2018 BID: 105912 Background Dell OpenManage Network Manager is a product for monitoring and managing network devices. Problem Dell OpenManage Network Manager runs the MySQL database service with root privileges and enables default database accounts, allowing a remote attacker to writ...

7.9AI score
Exploits0
Saint
Saint
•added 2016/09/23 12:0 a.m.•42 views

SugarCRM REST deserialization vulnerability

Added: 09/23/2016 BID: 91413 Background SugarCRM is customer relationship management software written in PHP. Problem Improper use of the unserialize function inside the SugarRestSerialize.php script allows remote attackers to inject PHP objects, leading to arbitrary command execution. Resolution...

0.6AI score
Exploits0
Saint
Saint
•added 2016/03/31 12:0 a.m.•42 views

Wago Shell

Added: 03/31/2016 Background Wago PLCs are used in Factory and building automation. Wago ethernet PLCs are connected by IP and can be administered remotely. Problem Wago PLC devices use CoDeSyS protocols to program the device. If the programming ports are left open an attacker is able to upload,...

0.5AI score
Exploits0
Saint
Saint
•added 2015/12/28 12:0 a.m.•42 views

FireEye MPS JAR analyzer command execution

Added: 12/28/2015 BID: 78809 Background The FireEye Malware Protection System MPS detects and eliminates malware found on file shares, web downloads, and e-mail. Problem A vulnerability in the Java Archive analysis tool could allow command execution when the tool analyzes a specially crafted JAR...

7.6AI score
Exploits0
Saint
Saint
•added 2015/08/26 12:0 a.m.•42 views

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

7.5CVSS7.1AI score0.64487EPSS
Exploits9
Saint
Saint
•added 2013/10/17 12:0 a.m.•42 views

Mozilla Firefox XMLSerializer serializeToStream Use-after-free Vulnerability

Added: 10/17/2013 CVE: CVE-2013-0753 BID: 57209 OSVDB: 89021 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem Mozilla Firefox prior to 18.0 contains a use-after-free error in the XMLSerializer when the serializeToStream meth...

9.3CVSS9.3AI score0.51324EPSS
Exploits8
Saint
Saint
•added 2013/10/09 12:0 a.m.•42 views

Internet Explorer Use-After-Free Memory Corruption (MS13-055)

Added: 10/09/2013 CVE: CVE-2013-3163 BID: 60975 OSVDB: 94981 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error which can lead to memory corruption in such a way as to allow...

9.3CVSS9AI score0.70676EPSS
Exploits6
Saint
Saint
•added 2013/09/09 12:0 a.m.•42 views

HP System Management Homepage iprange Parameter Stack Buffer Overflow

Added: 09/09/2013 CVE: CVE-2013-2362 BID: 61337 OSVDB: 95489 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A stack buffer overflow vulnerability in HP SMH allows command execution when an attacker...

2.1CVSS9.8AI score0.00527EPSS
Exploits4
Saint
Saint
•added 2013/08/19 12:0 a.m.•42 views

Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Control Vulnerability

Added: 08/19/2013 CVE: CVE-2013-1559 BID: 59122 OSVDB: 92386 Background Oracle WebCenter Content is an open platform that allows users to create a vast range of content management applications. It consolidates unstructured content from across diverse systems so it can be centrally managed and the...

4CVSS6.7AI score0.58817EPSS
Exploits9
Saint
Saint
•added 2013/07/11 12:0 a.m.•42 views

Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability

Added: 07/11/2013 CVE: CVE-2013-2460 BID: 60635 OSVDB: 94346 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

9.3CVSS9.7AI score0.70248EPSS
Exploits9
Saint
Saint
•added 2013/06/17 12:0 a.m.•42 views

Internet Explorer textNode Style Computation Use After Free Vulnerability

Added: 06/17/2013 CVE: CVE-2013-1311 BID: 59752 OSVDB: 93296 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer 8 is vulnerable to remote code execution as a result of memory corruption when computations on the...

9.3CVSS8.8AI score0.20699EPSS
Exploits8
Saint
Saint
•added 2013/05/08 12:0 a.m.•42 views

Internet Explorer CGenericElement Object Use-after-free Vulnerability

Added: 05/08/2013 CVE: CVE-2013-1347 BID: 59641 OSVDB: 92993 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem When Internet Explorer attempts to access an object in memory that has been deleted, it may corrupt memory in such a way...

9.3CVSS8.8AI score0.77889EPSS
Exploits11
Saint
Saint
•added 2013/05/06 12:0 a.m.•42 views

3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal

Added: 05/06/2013 CVE: CVE-2012-4705 BID: 59446 OSVDB: 90368 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The Gateway Server listens on TCP port 1211. Problem 3S CoDeSys Gatew...

10CVSS7.3AI score0.65668EPSS
Exploits9
Saint
Saint
•added 2013/05/06 12:0 a.m.•42 views

3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal

Added: 05/06/2013 CVE: CVE-2012-4705 BID: 59446 OSVDB: 90368 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The Gateway Server listens on TCP port 1211. Problem 3S CoDeSys Gatew...

10CVSS7.3AI score0.65668EPSS
Exploits9
Saint
Saint
•added 2013/04/05 12:0 a.m.•42 views

HP Intelligent Management Center mibFileUpload Servlet Unrestricted File Creation

Added: 04/05/2013 CVE: CVE-2012-5201 BID: 58385 OSVDB: 91026 Background HP Intelligent Management Center IMC, also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities. Problem HP IMC 5.1 E0202 and earlier i...

10CVSS7.7AI score0.63744EPSS
Exploits8
Saint
Saint
•added 2013/02/07 12:0 a.m.•42 views

Java JAX-WS statistics.impl package sandbox breach

Added: 02/07/2013 CVE: CVE-2012-5076 BID: 56054 OSVDB: 86350 Background Java API for XML Web Services JAX-WS is a technology for developing web services in Java. It is included in the Java EE 5 platform. Problem A vulnerability in JAX-WS when handling the...

10CVSS9.7AI score0.91013EPSS
Exploits18
Saint
Saint
•added 2012/10/26 12:0 a.m.•42 views

HP Operations Agent for NonStop Server ELinkService HEALTH packet buffer overflow

Added: 10/26/2012 BID: 55161 OSVDB: 84854 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in HP Operations Agent for NonStop server allows an attacker to execute arbitrary commands by sending a specially crafted...

1AI score
Exploits0
Total number of security vulnerabilities4305