Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2012/01/16 12:0 a.m.•39 views

Microsoft Office ClickOnce Unsafe Execution

Added: 01/16/2012 CVE: CVE-2012-0013 BID: 51284 OSVDB: 78207 Background ClickOnce is a deployment technology that allows developers to create self-updating Windows-based applications that can be installed and run with minimal user interaction. A ClickOnce application is any Windows Presentation...

9.3CVSS6.1AI score0.73753EPSS
Exploits14
saint
saint
•added 2012/01/05 12:0 a.m.•39 views

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

8.5AI score
Exploits0
saint
saint
•added 2011/12/28 12:0 a.m.•39 views

Hastymail rs parameter command injection

Added: 12/28/2011 CVE: CVE-2011-4542 BID: 50791 OSVDB: 77331 Background Hastymail is a fast, secure, rfc-compliant, cross-platform IMAP/SMTP client application written in PHP providing a clean web interface for sending and reading E-mail. Problem Hastymail2 fails to properly sanitize user-supplie...

7.5CVSS7.1AI score0.24119EPSS
Exploits9
saint
saint
•added 2011/12/23 12:0 a.m.•39 views

Microsys Promotic PmTrendViewer ActiveX Control SaveCfg Stack Buffer Overflow

Added: 12/23/2011 OSVDB: 76396 Background Microsys Promotic is a SCADA object software tool for creating applications that monitor, control and display technological processes in various industrial areas. Promotic includes support for a web interface designed for Microsoft Windows. Problem Micros...

8.1AI score
Exploits0
saint
saint
•added 2011/12/21 12:0 a.m.•39 views

Adobe Reader U3D Heap Overflow

Added: 12/21/2011 CVE: CVE-2011-2462 BID: 50922 OSVDB: 77529 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...

10CVSS9.9AI score0.86238EPSS
Exploits11
saint
saint
•added 2011/10/24 12:0 a.m.•39 views

ACD Systems Fotoslate PLP File ID Parameter Buffer Overflow

Added: 10/24/2011 CVE: CVE-2011-2595 BID: 49558 OSVDB: 75425 Background ACD Systems FotoSlate 4 Photo Print Studio allows users to create contact sheets or wallet sized prints, choose themed frames, and create custom calendars. Problem Fotoslate 4.0 Build 146 is vulnerable to remote code executio...

10CVSS6.9AI score0.6128EPSS
Exploits8
saint
saint
•added 2011/08/29 12:0 a.m.•39 views

QuickTime PICT PnSize Stack Overflow

Added: 08/29/2011 CVE: CVE-2011-0257 BID: 49144 OSVDB: 74687 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime versions prior to 7.7 are vulnerable to a stack overflow cause by improper validation of very large values in the the PnSize field of PICT...

9.3CVSS6.5AI score0.60106EPSS
Exploits14
saint
saint
•added 2011/08/22 12:0 a.m.•39 views

Adobe Flash Player ActionScript Function Arguments Code Execution

Added: 08/22/2011 CVE: CVE-2011-2110 BID: 48268 OSVDB: 73007 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute...

10CVSS8.9AI score0.86421EPSS
Exploits11
saint
saint
•added 2011/08/22 12:0 a.m.•39 views

Mozilla Firefox OBJECT mChannel Use-After-Free

Added: 08/22/2011 CVE: CVE-2011-0065 BID: 47659 OSVDB: 72085 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A use-after-free vulnerability allows command execution when a user loads a specially crafted web page that causes...

10CVSS9.7AI score0.73655EPSS
Exploits10
saint
saint
•added 2011/08/16 12:0 a.m.•39 views

Internet Explorer Telnet URI Insecure Loading

Added: 08/16/2011 CVE: CVE-2011-1961 BID: 49027 OSVDB: 74494 Background A Uniform Resource Identifier URI allows a user to identify a name or a resource on the Internet while specifying the delivery protocol. Problem Unpatched versions of Internet Explorer versions 6 through 9 do not specify the...

9.3CVSS6.1AI score0.3434EPSS
Exploits5
saint
saint
•added 2011/08/15 12:0 a.m.•39 views

Microsoft Excel SLK File Parsing Buffer Overflow

Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...

9.3CVSS9.7AI score0.28222EPSS
Exploits10
saint
saint
•added 2011/06/19 12:0 a.m.•39 views

Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption

Added: 06/19/2011 CVE: CVE-2011-2217 BID: 48099 Background Tom Sawyer Software produces a variety of data visualization, layout, and analysis tools. Problem Certain ActiveX controls in tsgetxu71ex552.dll and tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client...

9.3CVSS7.1AI score0.41956EPSS
Exploits9
saint
saint
•added 2011/06/13 12:0 a.m.•39 views

Cisco AnyConnect Secure Mobility Client VPNWeb ActiveX Code Execution

Added: 06/13/2011 CVE: CVE-2011-2039 BID: 48081 OSVDB: 72714 Background Cisco AnyConnect Secure Mobility Client provides remote mobile users with secure IPsec IKEv2 or SSL Virtual Private Network VPN connections to Cisco 5500 Series Adaptive Security Appliances ASA and devices that are running...

7.6CVSS6.9AI score0.69959EPSS
Exploits9
saint
saint
•added 2011/05/23 12:0 a.m.•39 views

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil.dll stringToSeconds Buffer Overflow

Added: 05/23/2011 CVE: CVE-2011-0262 BID: 45762 OSVDB: 70470 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability affecting ovwebsnmpsrv.exe , in the stringToSeconds function in ovutil.dll , allows remote...

10CVSS7.7AI score0.17101EPSS
Exploits4
saint
saint
•added 2011/03/14 12:0 a.m.•39 views

Microsoft Windows Media Player DVR-MS File Code Execution

Added: 03/14/2011 CVE: CVE-2011-0042 BID: 46680 OSVDB: 71016 Background Windows Media Player is an audio and video media player for Windows platforms. Problem A file parsing error in Windows Media Player allows command execution when a user opens a specially crafted Digital Video Recording DVR-MS...

9.3CVSS7.6AI score0.33276EPSS
Exploits4
saint
saint
•added 2011/02/03 12:0 a.m.•39 views

Symantec Alert Management System PIN number buffer overflow

Added: 02/03/2011 CVE: CVE-2010-0110 BID: 45936 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on po...

7.9CVSS7.7AI score0.0513EPSS
Exploits12
saint
saint
•added 2011/01/14 12:0 a.m.•39 views

Windows Thumbnail View CreateSizedDIBSECTION buffer overflow

Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...

9.3CVSS6.3AI score0.67687EPSS
Exploits10
saint
saint
•added 2010/10/20 12:0 a.m.•39 views

Microsoft Office Excel RTD Topic String Buffer Overflow

Added: 10/20/2010 CVE: CVE-2010-1246 BID: 40524 OSVDB: 65238 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem Microsoft Office Excel 2002 is vulnerable to a buffer overflow when parsing Real Time Data RTD Future...

9.3CVSS6.6AI score0.24669EPSS
Exploits9
saint
saint
•added 2010/10/18 12:0 a.m.•39 views

IBM Tivoli Storage Manager FastBack Mount Service Code Execution

Added: 10/18/2010 CVE: CVE-2010-3058 BID: 42549 OSVDB: 67292 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. TSM includes FastBack, which provides a client/server backup solution for the MS Windows environment. FastBack...

7.5CVSS6.4AI score0.02462EPSS
Exploits4
saint
saint
•added 2010/10/18 12:0 a.m.•39 views

IBM Tivoli Storage Manager FastBack Mount Service Code Execution

Added: 10/18/2010 CVE: CVE-2010-3058 BID: 42549 OSVDB: 67292 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. TSM includes FastBack, which provides a client/server backup solution for the MS Windows environment. FastBack...

7.5CVSS6.4AI score0.02462EPSS
Exploits4
saint
saint
•added 2010/10/07 12:0 a.m.•39 views

HP Data Protector Express DtbClsLogin function buffer overflow

Added: 10/07/2010 CVE: CVE-2010-3007 BID: 43105 OSVDB: 67973 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A buffer overflow vulnerability in dpwindtb.dll in the DtbClsLogin function allows remote attackers to execute...

7.2CVSS7.6AI score0.05518EPSS
Exploits8
saint
saint
•added 2010/09/29 12:0 a.m.•39 views

Oracle Secure Backup Administration property_box.php Other Variable Command Injection

Added: 09/29/2010 CVE: CVE-2010-0899 BID: 41616 OSVDB: 66333 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

9CVSS7.8AI score0.02243EPSS
Exploits4
saint
saint
•added 2010/08/27 12:0 a.m.•39 views

Microsoft Windows Movie Maker MediaClipString Buffer Overflow

Added: 08/27/2010 CVE: CVE-2010-2564 BID: 42268 OSVDB: 66986 Background Windows Movie Maker is software for creating and editing home movies. Problem A buffer overflow vulnerability when parsing MediaClipString data allows command execution when a user opens a specially crafted .MSWMM file...

9.3CVSS6.7AI score0.22588EPSS
Exploits4
saint
saint
•added 2010/08/27 12:0 a.m.•39 views

Microsoft Windows Movie Maker MediaClipString Buffer Overflow

Added: 08/27/2010 CVE: CVE-2010-2564 BID: 42268 OSVDB: 66986 Background Windows Movie Maker is software for creating and editing home movies. Problem A buffer overflow vulnerability when parsing MediaClipString data allows command execution when a user opens a specially crafted .MSWMM file...

9.3CVSS6.7AI score0.22588EPSS
Exploits4
saint
saint
•added 2010/08/19 12:0 a.m.•39 views

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

9.3CVSS6.5AI score0.17612EPSS
Exploits4
saint
saint
•added 2010/05/21 12:0 a.m.•39 views

HP OpenView Network Node Manager getnnmdata.exe CGI MaxAge buffer overflow

Added: 05/21/2010 CVE: CVE-2010-1553 BID: 40070 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.72168EPSS
Exploits14
saint
saint
•added 2010/05/21 12:0 a.m.•39 views

HP OpenView Network Node Manager getnnmdata.exe CGI MaxAge buffer overflow

Added: 05/21/2010 CVE: CVE-2010-1553 BID: 40070 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.72168EPSS
Exploits14
saint
saint
•added 2010/04/13 12:0 a.m.•39 views

Nagios statuswml.cgi Command Injection

Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...

7.5CVSS7.8AI score0.83453EPSS
Exploits14
saint
saint
•added 2010/01/22 12:0 a.m.•39 views

HP Power Manager formExportDataLogs buffer overflow

Added: 01/22/2010 CVE: CVE-2009-3999 BID: 37867 OSVDB: 61848 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability HP Power Manager allows remote attackers to execute...

10CVSS6.9AI score0.71807EPSS
Exploits11
saint
saint
•added 2010/01/22 12:0 a.m.•39 views

HP Power Manager formExportDataLogs buffer overflow

Added: 01/22/2010 CVE: CVE-2009-3999 BID: 37867 OSVDB: 61848 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability HP Power Manager allows remote attackers to execute...

10CVSS6.9AI score0.71807EPSS
Exploits11
saint
saint
•added 2010/01/09 12:0 a.m.•39 views

HP OpenView Network Node Manager nnmRptConfig.exe CGI Template Buffer Overflow

Added: 01/09/2010 CVE: CVE-2009-3848 BID: 37296 OSVDB: 60926 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

10CVSS7.6AI score0.11794EPSS
Exploits5
saint
saint
•added 2009/09/23 12:0 a.m.•39 views

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

6.7AI score
Exploits0
saint
saint
•added 2009/09/11 12:0 a.m.•39 views

VideoLAN VLC Media Player SMB Module Win32AddConnection Buffer Overflow

Added: 09/11/2009 CVE: CVE-2009-2484 BID: 35500 OSVDB: 55509 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A stack-based buffer overflow vulnerability in the Win32AddConnection function may allow a remote attacker to execu...

9.3CVSS7.7AI score0.3511EPSS
Exploits7
saint
saint
•added 2009/09/03 12:0 a.m.•39 views

Microsoft IIS FTP Server NLST Command Remote Overflow

Added: 09/03/2009 CVE: CVE-2009-3023 BID: 36189 OSVDB: 57589 Background Microsoft Internet Information Server IIS includes a web server and an FTP server. Problem A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users t...

9CVSS7.4AI score0.90913EPSS
Exploits11
saint
saint
•added 2009/07/06 12:0 a.m.•39 views

Apple iTunes itms: URL buffer overflow

Added: 07/06/2009 CVE: CVE-2009-0950 BID: 35157 OSVDB: 54833 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted itms:// URL. Resolution Upgrade to iTunes 8.2 or higher. References...

9.3CVSS6.8AI score0.28815EPSS
Exploits21
saint
saint
•added 2009/04/10 12:0 a.m.•39 views

Oracle WebLogic Server IIS Connector JSESSIONID buffer overflow

Added: 04/10/2009 CVE: CVE-2008-5457 BID: 33177 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability in the WebLogic IIS connector allows remote attackers to execute arbitrary commands by sending a long, special...

10CVSS7.5AI score0.61309EPSS
Exploits12
saint
saint
•added 2008/12/31 12:0 a.m.•39 views

Mozilla Firefox UTF-8 URL buffer overflow

Added: 12/31/2008 CVE: CVE-2008-0016 BID: 31397 OSVDB: 48780 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL...

10CVSS9.9AI score0.43921EPSS
Exploits12
saint
saint
•added 2008/11/10 12:0 a.m.•39 views

Adobe Acrobat util.printf JavaScript function buffer overflow

Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...

9.3CVSS8.1AI score0.98482EPSS
Exploits19
saint
saint
•added 2008/05/30 12:0 a.m.•39 views

CA ARCserve Backup caloggerd opcode 79 buffer overflow

Added: 05/30/2008 CVE: CVE-2008-2242 BID: 29283 OSVDB: 45368 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. The logger daemon caloggerd is an RPC service which handles event logs. Problem A buffer overflow vulnerability in caloggerd allows...

7.5CVSS7.7AI score0.14716EPSS
Exploits9
saint
saint
•added 2008/04/25 12:0 a.m.•39 views

Computer Associates Alert Notification Server opcode 23 buffer overflow

Added: 04/25/2008 CVE: CVE-2007-4620 BID: 28605 OSVDB: 44040 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...

9CVSS7.8AI score0.52274EPSS
Exploits8
saint
saint
•added 2008/02/22 12:0 a.m.•39 views

Novell Client nwspool.dll EnumPrinters buffer overflow

Added: 02/22/2008 CVE: CVE-2008-0639 BID: 27741 OSVDB: 41510 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by a buffer overflow in the EnumPrinters function, allowing remote attackers to execute...

10CVSS8AI score0.23186EPSS
Exploits6
saint
saint
•added 2008/02/11 12:0 a.m.•39 views

Yahoo Music Jukebox MediaGrid ActiveX buffer overflow

Added: 02/11/2008 CVE: CVE-2008-0625 BID: 27578 OSVDB: 41051 Background Yahoo! Music Jukebox is a music player capable of playing, ripping, and burning MP3s and CDs, creating and sharing playlists, streaming radio stations, and purchasing music. Problem A buffer overflow vulnerability in the...

4.3CVSS7AI score0.08104EPSS
Exploits5
saint
saint
•added 2008/01/30 12:0 a.m.•39 views

Lotus Notes MIF attachment viewer buffer overflow

Added: 01/30/2008 CVE: CVE-2007-5909 BID: 26175 OSVDB: 40791 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted Frame Maker Interchange File MIF...

9.3CVSS6.9AI score0.20906EPSS
Exploits5
saint
saint
•added 2008/01/16 12:0 a.m.•39 views

MySQL MaxDB cons.exe command injection

Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...

10CVSS6.8AI score0.80311EPSS
Exploits8
saint
saint
•added 2007/12/07 12:0 a.m.•39 views

Lotus Notes Lotus 1-2-3 file viewer buffer overflow

Added: 12/07/2007 CVE: CVE-2007-6593 BID: 26604 OSVDB: 40796 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format WKS used by Lotus 1-2-3. Problem A buffer overflow vulnerability in the...

8.8CVSS6.8AI score0.06301EPSS
Exploits4
saint
saint
•added 2007/12/03 12:0 a.m.•39 views

MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow

Added: 12/03/2007 CVE: CVE-2007-3999 BID: 25534 OSVDB: 37324 Background Kerberos is a network authentication protocol which provides strong authentication for client/server applications. MIT Kerberos 5 is a free implementation of this protocol. Problem A buffer overflow in the svcauthgssvalidate...

10CVSS9.5AI score0.10997EPSS
Exploits4
saint
saint
•added 2007/11/30 12:0 a.m.•39 views

Microsoft Color Management Module profile tag buffer overflow

Added: 11/30/2007 CVE: CVE-2005-1219 BID: 14214 OSVDB: 17830 Background The Microsoft Color Management Module helps programs achieve consistent display of colors. International Color Consortium ICC profiles are used to ensure that colors are represented accurately to users. Problem A buffer...

7.5CVSS6.8AI score0.49922EPSS
Exploits4
saint
saint
•added 2007/11/02 12:0 a.m.•39 views

Lotus Domino IMAP mailbox name buffer overflow

Added: 11/02/2007 CVE: CVE-2007-3510 BID: 26176 OSVDB: 40953 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in Lotus Domino could allow a remote, authenticated attacker to execute arbitrary commands by sending ...

9CVSS7.7AI score0.05033EPSS
Exploits5
saint
saint
•added 2007/09/30 12:0 a.m.•39 views

Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...

6.8CVSS6.6AI score0.31003EPSS
Exploits6
saint
saint
•added 2007/07/16 12:0 a.m.•39 views

Windows MDAC RDS.Dataspace ActiveX control vulnerability

Added: 07/16/2007 CVE: CVE-2006-0003 BID: 17462 OSVDB: 24517 Background Microsoft Data Access Components MDAC enable Universal Data Access in Windows applications deployed over a network. Problem A cross-zone scripting vulnerability in the RDS.Dataspace ActiveX control in MDAC allows command...

5.1CVSS9.3AI score0.825EPSS
Exploits6
Total number of security vulnerabilities4305