Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2006/09/18 12:0 a.m.•33 views

MDaemon WorldClient form2raw.cgi From buffer overflow

Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...

7.5CVSS7.2AI score0.65097EPSS
Exploits8
saint
saint
•added 2006/08/11 12:0 a.m.•33 views

Windows Server Service buffer overflow

Added: 08/11/2006 CVE: CVE-2006-3439 BID: 19409 OSVDB: 27845 Background The Windows Server Service supports file, print, and named-pipe sharing over the network. Problem A buffer overflow vulnerability in the Windows Server Service allows remote attackers to execute arbitrary commands. Resolution...

10CVSS7.5AI score0.85461EPSS
Exploits16
saint
saint
•added 2006/07/28 12:0 a.m.•33 views

Windows RASMAN registry corruption vulnerability

Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...

7.5CVSS7.5AI score0.21943EPSS
Exploits6
saint
saint
•added 2006/07/28 12:0 a.m.•33 views

Computer Associates License Service GCR buffer overflow

Added: 07/28/2006 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability in the processing of GCR messages allows remote...

4.6CVSS7.3AI score0.46344EPSS
Exploits24
saint
saint
•added 2006/07/18 12:0 a.m.•33 views

ntdll.dll buffer overflow via IIS 5.0 WebDAV

Added: 07/18/2006 CVE: CVE-2003-0109 BID: 7116 OSVDB: 4467 Background The dynamic link library ntdll.dll is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS. Problem A buffer overflow in ntdll.dll allo...

7.5CVSS7.7AI score0.86396EPSS
Exploits13
saint
saint
•added 2006/07/17 12:0 a.m.•33 views

sipXtapi Cseq header buffer overflow

Added: 07/17/2006 CVE: CVE-2006-3524 BID: 18906 OSVDB: 27122 Background The Session Initiation Protocol SIP is a signaling protocol for a variety of uses, including instant messanging and Voice over Internet Protocol. sipXtapi is a client library for SIP-based user agents. It is included in Pingt...

7.5CVSS7.5AI score0.66993EPSS
Exploits14
saint
saint
•added 2006/07/14 12:0 a.m.•33 views

eSignal WinSig.exe buffer overflow

Added: 07/14/2006 CVE: CVE-2004-1868 BID: 9978 OSVDB: 4583 Background eSignal is a tool which provides real-time financial and market information. Its main application, WinSig.exe, services requests on port 80/TCP. Problem A buffer overflow vulnerability in eSignal allows remote attackers to...

7.5CVSS8AI score0.06708EPSS
Exploits5
saint
saint
•added 2006/06/16 12:0 a.m.•33 views

Windows Media Player PNG buffer overflow

Added: 06/16/2006 CVE: CVE-2006-0025 BID: 18385 OSVDB: 26430 Background Windows Media Player is an audio and video media player for Windows platforms. Problem A buffer overflow in Windows Media Player allows command execution when a user opens a specially crafted PNG image file. Resolution Apply...

9.3CVSS6.7AI score0.48723EPSS
Exploits5
saint
saint
•added 2006/06/16 12:0 a.m.•33 views

Windows Media Player PNG buffer overflow

Added: 06/16/2006 CVE: CVE-2006-0025 BID: 18385 OSVDB: 26430 Background Windows Media Player is an audio and video media player for Windows platforms. Problem A buffer overflow in Windows Media Player allows command execution when a user opens a specially crafted PNG image file. Resolution Apply...

9.3CVSS6.8AI score0.48723EPSS
Exploits5
saint
saint
•added 2006/05/24 12:0 a.m.•33 views

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

5.1CVSS6.9AI score0.05586EPSS
Exploits4
saint
saint
•added 2006/05/04 12:0 a.m.•33 views

Windows Metafile rendering buffer overflow

Added: 05/04/2006 CVE: CVE-2004-0209 BID: 11375 OSVDB: 10692 Background A Windows Metafile image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A buffer overflow in the Windows Graphics Rendering Engine allows command execution when a malforme...

10CVSS6.6AI score0.62054EPSS
Exploits8
saint
saint
•added 2006/05/03 12:0 a.m.•33 views

Internet Explorer IFRAME buffer overflow

Added: 05/03/2006 CVE: CVE-2004-1050 BID: 11515 OSVDB: 11337 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A buffer overflow when processing the name attribute in an IFRAME tag allows command execution when a malformed web page ...

10CVSS6.6AI score0.67061EPSS
Exploits4
saint
saint
•added 2006/04/19 12:0 a.m.•33 views

BrightStor ARCserve Backup discovery service buffer overflow

Added: 04/19/2006 CVE: CVE-2005-2535 BID: 12536 OSVDB: 13814 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow in the discovery service allows remote attackers to execute arbitrary commands...

7.5CVSS7.7AI score0.80866EPSS
Exploits8
saint
saint
•added 2006/03/02 12:0 a.m.•33 views

Novell ZENworks Remote Management authentication buffer overflow

Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...

7.5CVSS7.9AI score0.66876EPSS
Exploits7
saint
saint
•added 2006/02/16 12:0 a.m.•33 views

Windows Media Player plugin EMBED buffer overflow

Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...

9.3CVSS7AI score0.43861EPSS
Exploits8
saint
saint
•added 2006/02/16 12:0 a.m.•33 views

Windows Media Player plugin EMBED buffer overflow

Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...

9.3CVSS7AI score0.43861EPSS
Exploits8
saint
saint
•added 2006/02/10 12:0 a.m.•33 views

Microsoft WINS replication service pointer corruption

Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...

10CVSS6.3AI score0.81699EPSS
Exploits8
saint
saint
•added 2006/02/08 12:0 a.m.•33 views

Microsoft IIS 5.0 printer ISAPI extension buffer overflow

Added: 02/08/2006 CVE: CVE-2001-0241 BID: 2674 OSVDB: 3323 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem The ISAPI extension which handles requests for file names ending in .printer is affected by ...

10CVSS7.5AI score0.87032EPSS
Exploits10
saint
saint
•added 2006/01/24 12:0 a.m.•33 views

Trend Micro ServerProtect Management Console isaNVWRequest.dll chunked POST buffer overflow

Added: 01/24/2006 CVE: CVE-2005-1929 BID: 15865 OSVDB: 21771 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in ServerProtect Management Console could allow a remote attacker to execute commands using a chunked POST request to isaNVWRequest.dll. Resolution Use t...

7.5CVSS7.4AI score0.04944EPSS
Exploits4
saint
saint
•added 2005/12/22 12:0 a.m.•33 views

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

7.5CVSS7.3AI score0.86365EPSS
Exploits9
saint
saint
•added 2005/12/19 12:0 a.m.•33 views

Windows password weakness

Added: 12/19/2005 CVE: CVE-1999-0503 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...

7.2CVSS6.6AI score0.01835EPSS
Exploits4
saint
saint
•added 2005/12/10 12:0 a.m.•33 views

JRun mod_jrun WriteToLog buffer overflow

Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...

10CVSS7.7AI score0.07104EPSS
Exploits4
saint
saint
•added 2005/12/03 12:0 a.m.•33 views

MailEnable IMAP W3C Logging Buffer Overflow

Added: 12/03/2005 CVE: CVE-2005-3155 BID: 15006 OSVDB: 19842 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's IMAP service...

7.5CVSS7.5AI score0.63694EPSS
Exploits7
saint
saint
•added 2005/11/30 12:0 a.m.•33 views

NetMail IMAP buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3314 BID: 15491 OSVDB: 20956 Background Novell NetMail is an e-mail and calendaring server application. Problem A buffer overflow in the NetMail IMAP service could allow authenticated users to execute arbitrary commands using a long, specially crafted argument to...

7.5CVSS7.5AI score0.65657EPSS
Exploits7
saint
saint
•added 2005/11/29 12:0 a.m.•33 views

MailEnable IMAP STATUS buffer overflow

Added: 11/29/2005 CVE: CVE-2005-2278 BID: 14243 OSVDB: 17844 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...

7.2CVSS7.5AI score0.8464EPSS
Exploits8
saint
saint
•added 2015/12/14 12:0 a.m.•32 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03268EPSS
Exploits17
saint
saint
•added 2015/11/02 12:0 a.m.•32 views

Safari Script Editor AppleScript execution

Added: 11/02/2015 CVE: CVE-2015-7007 BID: 77266 Background Safari is a web browser for Mac OS X and Windows. Problem A vulnerability in the OS X Script Editor allows a malicious web page to execute arbitrary AppleScript code without user confirmation by enticing a user to type Control-R in Safari...

7.5CVSS9.7AI score0.53338EPSS
Exploits8
saint
saint
•added 2015/03/30 12:0 a.m.•32 views

TWiki View Script debugenableplugins Request Parameter Vulnerability

Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...

9.1AI score0.55637EPSS
Exploits12
saint
saint
•added 2015/03/11 12:0 a.m.•32 views

PCMan FTP Server MKD buffer overflow

Added: 03/11/2015 CVE: CVE-2013-4730 BID: 60837 OSVDB: 94624 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability...

10CVSS7.7AI score0.67228EPSS
Exploits7
saint
saint
•added 2013/12/27 12:0 a.m.•32 views

RealPlayer RMP File Version Attribute Buffer Overflow

Added: 12/27/2013 CVE: CVE-2013-6877 BID: 64398 OSVDB: 101356 Background RealNetworks RealPlayer includes an embedded player which plays media embedded in a web page. Problem RealNetworks Windows RealPlayer 17.0.2.206 and earlier versions are vulnerable to remote code execution due to improper...

9.3CVSS7.4AI score0.11345EPSS
Exploits11
saint
saint
•added 2013/10/09 12:0 a.m.•32 views

Internet Explorer Use-After-Free Memory Corruption (MS13-055)

Added: 10/09/2013 CVE: CVE-2013-3163 BID: 60975 OSVDB: 94981 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error which can lead to memory corruption in such a way as to allow...

9.3CVSS9AI score0.70676EPSS
Exploits6
saint
saint
•added 2013/09/12 12:0 a.m.•32 views

Windows Crafted Theme File Handling Vulnerability

Added: 09/12/2013 CVE: CVE-2013-0810 BID: 62176 OSVDB: 97136 Background Microsoft Windows themes are a combination of personalization settings that change how the user's desktop looks and sounds. A theme could specify user settings such as the desktop background, window border color, sounds, and...

9.3CVSS7.7AI score0.59885EPSS
Exploits10
saint
saint
•added 2013/08/19 12:0 a.m.•32 views

Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Control Vulnerability

Added: 08/19/2013 CVE: CVE-2013-1559 BID: 59122 OSVDB: 92386 Background Oracle WebCenter Content is an open platform that allows users to create a vast range of content management applications. It consolidates unstructured content from across diverse systems so it can be centrally managed and the...

4CVSS6.7AI score0.58817EPSS
Exploits9
saint
saint
•added 2013/06/09 12:0 a.m.•32 views

IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability

Added: 06/09/2013 CVE: CVE-2012-5946 BID: 59559 OSVDB: 92845 Background SPSS Statistical Package for the Social Sciences is a computer application that provides statistical analysis of data. It allows for in-depth data access and preparation, analytical reporting, graphics and modelling...

9.3CVSS7.4AI score0.33782EPSS
Exploits9
saint
saint
•added 2013/05/03 12:0 a.m.•32 views

Novell ZENworks Control Center file upload vulnerability

Added: 05/03/2013 CVE: CVE-2013-1080 BID: 58668 OSVDB: 91627 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

10CVSS7.4AI score0.77049EPSS
Exploits10
saint
saint
•added 2013/03/15 12:0 a.m.•32 views

VMware OVF Tool Format String

Added: 03/15/2013 CVE: CVE-2012-3569 BID: 56468 OSVDB: 87117 Background VMware is a suite of products supporting the creation and operation of virtual machines, which are self-contained, independent guest operating systems running within a host operating system. Problem The Windows variants of...

9.3CVSS6.2AI score0.47719EPSS
Exploits12
saint
saint
•added 2013/02/07 12:0 a.m.•32 views

Novell eDirectory NCP KeyedObjectLogin Function Vulnerability

Added: 02/07/2013 CVE: CVE-2012-0432 BID: 57038 OSVDB: 88718 Background Novell eDirectory is a directory server which implements the NetWare Core Protocol NCP to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock...

10CVSS7.9AI score0.58702EPSS
Exploits14
saint
saint
•added 2012/12/24 12:0 a.m.•32 views

Apple QuickTime TeXML Style Element Buffer Overflow

Added: 12/24/2012 CVE: CVE-2012-3752 BID: 56557 OSVDB: 87087 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.2 and earlier is vulnerable to remote code execution due to a failure to perform appropriate boundary checking. A remote attacker who...

9.3CVSS7.5AI score0.36014EPSS
Exploits9
saint
saint
•added 2012/12/17 12:0 a.m.•32 views

CYME ChartFX ActiveX ShowPropertiesDialog pageNumber indexing error

Added: 12/17/2012 BID: 55765 OSVDB: 85894 Background The CYME Power Engineering Software is a suite of applications for power engineers. It includes the ChartFX ActiveX control. Problem An indexing error in ChartFX.ClientServer.Core.dll of the ChartFX ActiveX Control allows command execution when...

7.4AI score
Exploits0
saint
saint
•added 2012/10/12 12:0 a.m.•32 views

Novell File Reporter NFRAgent.exe VOL tag buffer overflow

Added: 10/12/2012 BID: 55268 OSVDB: 85503 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist...

8.1AI score
Exploits0
saint
saint
•added 2012/07/25 12:0 a.m.•32 views

Apple QuickTime SetLanguage Overflow

Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...

9.3CVSS7.2AI score0.04057EPSS
Exploits5
saint
saint
•added 2012/07/25 12:0 a.m.•32 views

Apple QuickTime SetLanguage Overflow

Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...

9.3CVSS7.2AI score0.04057EPSS
Exploits5
saint
saint
•added 2012/06/04 12:0 a.m.•32 views

SAP NetWeaver Dispatcher DiagTraceR3Info Packet Parsing Vulnerability

Added: 06/04/2012 CVE: CVE-2012-2611 OSVDB: 81759 Background SAP Netweaver is a technology platform for building and integrating SAP business applications. Problem SAP Netweaver is vulnerable to a stack buffer overflow when configured with the developer trace level set to 2 or higher. The...

9.3CVSS9.6AI score0.41919EPSS
Exploits13
saint
saint
•added 2012/05/09 12:0 a.m.•32 views

VideoLAN VLC Media Player MMS URI Stack Overflow

Added: 05/09/2012 CVE: CVE-2012-1775 BID: 53391 OSVDB: 80188 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem VLC Player versions 2.0.0 and lower do not properly validate the hostname when accessing MMS URIs. An overly long...

9.3CVSS6.5AI score0.44621EPSS
Exploits9
saint
saint
•added 2012/04/27 12:0 a.m.•32 views

LANDesk ThinkManagement Suite ServerSetup.asmx Directory Traversal

Added: 04/27/2012 CVE: CVE-2012-1195 BID: 52023 OSVDB: 79276 Background LANDesk Lenovo ThinkManagement Console provides hardware discovery, comprehensive inventory, and reporting for Lenovo systems. Problem LANDesk Lenovo ThinkManagement Console runs a web application under the Microsoft IIS web...

7.5CVSS6.2AI score0.68399EPSS
Exploits11
saint
saint
•added 2012/01/10 12:0 a.m.•32 views

CoCSoft Stream Down Stack Overflow

Added: 01/10/2012 CVE: CVE-2011-5052 BID: 51190 OSVDB: 78043 Background CoCSoft Stream Down is a streaming media download tool. Problem The CoCSoft Stream Down HTTP client implementation in version 6.8 and prior does not properly validate HTTP responses. This vulnerability may allow an attacker t...

6.8CVSS6.3AI score0.30074EPSS
Exploits6
saint
saint
•added 2011/12/30 12:0 a.m.•32 views

Avaya WinPDM Unite Host Router service buffer overflow

Added: 12/30/2011 BID: 47947 OSVDB: 73269 Background Avaya Windows Portable Device Manager WinPDM is used for local administration and software download of various devices. Problem A buffer overflow vulnerability in Avaya WinPDM allows an attacker to execute arbitrary commands by sending a...

8.3AI score
Exploits0
saint
saint
•added 2011/12/28 12:0 a.m.•32 views

Hastymail rs parameter command injection

Added: 12/28/2011 CVE: CVE-2011-4542 BID: 50791 OSVDB: 77331 Background Hastymail is a fast, secure, rfc-compliant, cross-platform IMAP/SMTP client application written in PHP providing a clean web interface for sending and reading E-mail. Problem Hastymail2 fails to properly sanitize user-supplie...

7.5CVSS7.1AI score0.24119EPSS
Exploits9
saint
saint
•added 2011/12/09 12:0 a.m.•32 views

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

8.4AI score
Exploits0
saint
saint
•added 2011/12/01 12:0 a.m.•32 views

Symantec Alert Management System AMSSendAlertAck Buffer Overflow

Added: 12/01/2011 CVE: CVE-2010-0110 BID: 45936 OSVDB: 72623 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager...

7.9CVSS7.5AI score0.0513EPSS
Exploits12
Total number of security vulnerabilities4305