Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2008/06/20 12:0 a.m.•32 views

Lotus Expeditor cai URI handler command injection

Added: 06/20/2008 CVE: CVE-2008-1965 BID: 28926 OSVDB: 44868 Background Lotus Expeditor is a desktop integration framework used by Lotus products including Lotus Symphony. Problem Lotus Expeditor registers a handler for cai: URIs which passes arbitrary arguments to rcplauncher.exe. This allows...

9.3CVSS6.6AI score0.10675EPSS
Exploits5
saint
saint
•added 2008/05/08 12:0 a.m.•32 views

Adobe Photoshop Album Starter Edition BMP image header buffer overflow

Added: 05/08/2008 CVE: CVE-2008-1765 BID: 28874 OSVDB: 44579 Background Adobe Photoshop Album Starter Edition is free software for editing and sharing photos. Problem A buffer overflow vulnerability in Adobe Photoshop Album Starter Edition allows command execution when a user opens a BMP image fi...

9.3CVSS7.1AI score0.19962EPSS
Exploits6
saint
saint
•added 2008/03/14 12:0 a.m.•32 views

Microsoft Excel conditional formatting vulnerability

Added: 03/14/2008 CVE: CVE-2008-0117 BID: 28170 OSVDB: 42731 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a file...

9.3CVSS9.5AI score0.33362EPSS
Exploits5
saint
saint
•added 2008/03/03 12:0 a.m.•32 views

Veritas Storage Foundation Administrator service buffer overflow

Added: 03/03/2008 CVE: CVE-2008-0638 BID: 25778 OSVDB: 41978 Background Veritas Storage Foundation is an online storage management solution. An Administrator service, implemented by vxsvc.exe, listens on port 3207 by default. Problem A buffer overflow vulnerability in the Administrator service...

9.3CVSS7.7AI score0.05957EPSS
Exploits5
saint
saint
•added 2008/01/04 12:0 a.m.•32 views

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

9.3CVSS6.9AI score0.05554EPSS
Exploits5
saint
saint
•added 2007/12/14 12:0 a.m.•32 views

ACDSee XPM file section string buffer overflow

Added: 12/14/2007 CVE: CVE-2007-6009 BID: 26554 OSVDB: 45278 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl, IDEACDStd.apl, IDPSP.apl, and AMLHA.apl plug-ins could allow command execution when a user opens an XPM...

9.3CVSS7AI score0.03927EPSS
Exploits5
saint
saint
•added 2007/12/07 12:0 a.m.•32 views

Lotus Notes Lotus 1-2-3 file viewer buffer overflow

Added: 12/07/2007 CVE: CVE-2007-6593 BID: 26604 OSVDB: 40796 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format WKS used by Lotus 1-2-3. Problem A buffer overflow vulnerability in the...

8.8CVSS6.8AI score0.06301EPSS
Exploits4
saint
saint
•added 2007/10/25 12:0 a.m.•32 views

RealPlayer ActiveX control playlist name buffer overflow

Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...

9.3CVSS6.8AI score0.42365EPSS
Exploits9
saint
saint
•added 2007/10/15 12:0 a.m.•32 views

Kodak Image Viewer TIFF image handling vulnerability

Added: 10/15/2007 CVE: CVE-2007-2217 BID: 25909 OSVDB: 37627 Background The Windows Kodak Image Viewer is a utility for rendering various image formats. It is included in Windows 2000, and may also be present on newer versions of Windows if a computer was upgraded from Windows 2000. Problem A...

9.3CVSS6.6AI score0.41415EPSS
Exploits7
saint
saint
•added 2007/10/05 12:0 a.m.•32 views

Microsoft Visual Basic VBP file buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4776 BID: 25629 OSVDB: 36936 Background Microsoft Visual Basic is a development tool for building Windows applications. Problem A buffer overflow vulnerability in Microsoft Visual Basic allows command execution when a user opens a specially crafted Visual Basic...

9.3CVSS6.8AI score0.48964EPSS
Exploits7
saint
saint
•added 2007/09/27 12:0 a.m.•32 views

Trend Micro ServerProtect TMregChange buffer overflow

Added: 09/27/2007 CVE: CVE-2007-4731 OSVDB: 45878 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the TMregChange function in the TMreg.dll library allows remote attackers to execute arbitrary commands by sending specially crafted da...

10CVSS7.7AI score0.09561EPSS
Exploits5
saint
saint
•added 2007/09/20 12:0 a.m.•32 views

Symantec Norton NavComUI ActiveX control vulnerability

Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...

6.8CVSS6.7AI score0.0405EPSS
Exploits4
saint
saint
•added 2007/08/23 12:0 a.m.•32 views

Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow

Added: 08/23/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39754 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in the NTFSetPagerNotifyConfig function within the Notification.dll library allows remote attackers to execute arbitrary commands by sending a specially...

10CVSS7.7AI score0.13021EPSS
Exploits12
saint
saint
•added 2007/06/27 12:0 a.m.•32 views

Linux kernel ptrace privilege elevation vulnerability

Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...

7.2CVSS6AI score0.01584EPSS
Exploits5
saint
saint
•added 2007/06/12 12:0 a.m.•32 views

Windows Telephony API buffer overflow

Added: 06/12/2007 CVE: CVE-2005-0058 BID: 14518 OSVDB: 18606 Background The Windows Telephony API TAPI provides telecommunications support for Windows applications. Problem A buffer overflow in the Windows Telephony API allows local attackers to execute commands with administrative privileges...

7.5CVSS7AI score0.50047EPSS
Exploits5
saint
saint
•added 2007/06/08 12:0 a.m.•32 views

Yahoo Messenger Webcam Viewer ActiveX control buffer overflow

Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...

9.3CVSS6.8AI score0.12339EPSS
Exploits5
saint
saint
•added 2007/05/25 12:0 a.m.•32 views

CA Console Server username buffer overflow

Added: 05/25/2007 CVE: CVE-2007-2522 BID: 23906 OSVDB: 34585 Background Multiple CA products include the inoweb Console Server which listens for connections on port 12168/TCP. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, speciall...

10CVSS7.7AI score0.26589EPSS
Exploits4
saint
saint
•added 2007/05/17 12:0 a.m.•32 views

Adobe Photoshop PNG file handling buffer overflow

Added: 05/17/2007 CVE: CVE-2007-2365 BID: 23698 OSVDB: 35465 Background Adobe Photoshop is an application for editing digital images. Problem A buffer overflow vulnerability in Adobe Photoshop allows command execution when a user opens a specially crafted PNG image file. Resolution Do not open PN...

9.3CVSS6.8AI score0.51052EPSS
Exploits4
saint
saint
•added 2007/05/04 12:0 a.m.•32 views

Microsoft Step-by-Step Interactive Training bookmark buffer overflow

Added: 05/04/2007 CVE: CVE-2006-3448 BID: 22484 OSVDB: 31883 Background Microsoft Step-by-Step Interactive Training is the engine used by various training programs. Problem A buffer overflow vulnerability in Microsoft Step-by-Step Interactive Training allows command execution when a specially...

9.3CVSS6.8AI score0.36671EPSS
Exploits4
saint
saint
•added 2007/04/12 12:0 a.m.•32 views

Yahoo Messenger AudioConf ActiveX control buffer overflow

Added: 04/12/2007 CVE: CVE-2007-1680 BID: 23291 OSVDB: 34319 Background Yahoo! Messenger is an instant messaging application. It includes the AudioConf ActiveX control which is provided by yacscom.dll. Problem A buffer overflow vulnerability in the AudioConf ActiveX control allows command executi...

9.3CVSS6.9AI score0.08375EPSS
Exploits4
saint
saint
•added 2007/02/23 12:0 a.m.•32 views

Trend Micro ServerProtect CMON_NetTestConnection buffer overflow

Added: 02/23/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the CMONNetTestConnection function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC...

10CVSS7.7AI score0.73767EPSS
Exploits27
saint
saint
•added 2007/01/24 12:0 a.m.•32 views

BrightStor ARCserve Message Engine opnum 0x75 buffer overflow

Added: 01/24/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
saint
saint
•added 2007/01/19 12:0 a.m.•32 views

BrightStor ARCserve Message Engine opnum 0x2f buffer overflow

Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
saint
saint
•added 2006/12/22 12:0 a.m.•32 views

BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow

Added: 12/22/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC GetGroupStatus function allows remote attackers to...

10CVSS7.8AI score0.70215EPSS
Exploits11
saint
saint
•added 2006/11/09 12:0 a.m.•32 views

BrightStor ARCserve Message Engine RPC server buffer overflow

Added: 11/09/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29535 Background The BrightStor ARCserve Backup family of products includes a Message Engine which listens for connections on port 6503/TCP. Problem A buffer overflow in the ASCORE.dll library allows remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.78513EPSS
Exploits12
saint
saint
•added 2006/10/19 12:0 a.m.•32 views

BrightStor ARCserve discovery service ASBRDCST.DLL buffer overflow

Added: 10/19/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29534 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...

7.5CVSS7.7AI score0.78513EPSS
Exploits12
saint
saint
•added 2006/10/13 12:0 a.m.•32 views

Microsoft SSL library PCT buffer overflow

Added: 10/13/2006 CVE: CVE-2003-0719 BID: 10116 OSVDB: 5250 Background The Microsoft Secure Sockets Layer SSL library provides support for a number of secure communication protocols, including the Private Communication Technology PCT protocol. Since PCT has been superceded by SSL 3.0, the Microso...

7.5CVSS8AI score0.83412EPSS
Exploits8
saint
saint
•added 2006/07/10 12:0 a.m.•32 views

MERCUR Messaging IMAP LOGIN command buffer overflow

Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...

10CVSS7.7AI score0.68147EPSS
Exploits12
saint
saint
•added 2006/07/10 12:0 a.m.•32 views

MERCUR Messaging IMAP LOGIN command buffer overflow

Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...

10CVSS7.7AI score0.68147EPSS
Exploits12
saint
saint
•added 2006/06/21 12:0 a.m.•32 views

Microsoft Excel URL unicode buffer overflow

Added: 06/21/2006 CVE: CVE-2006-3086 BID: 18500 OSVDB: 26666 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow in Excel when processing long URL strings allows command execution when a user clicks ...

9.3CVSS6.8AI score0.56461EPSS
Exploits6
saint
saint
•added 2006/06/13 12:0 a.m.•32 views

Symantec real-time scan service buffer overflow

Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...

10CVSS7.6AI score0.73558EPSS
Exploits7
saint
saint
•added 2006/06/09 12:0 a.m.•32 views

Mozilla Firefox GIF processing buffer overflow

Added: 06/09/2006 CVE: CVE-2005-0399 BID: 12881 OSVDB: 14937 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A heap overflow in Mozilla Firefox when processing GIF images with the obsolete Netscape extension 2 allows command execution when a use...

5.1CVSS6.8AI score0.15116EPSS
Exploits4
saint
saint
•added 2006/06/06 12:0 a.m.•32 views

HP OpenView OmniBack directory traversal

Added: 06/06/2006 CVE: CVE-2001-0311 BID: 11032 OSVDB: 6018 Background HP OpenView is a suite of tools for managing networks. The OmniBack component provides backup and restoration capabilities. Problem A directory traversal vulnerability in the OmniBack service allows a remote attacker to run a...

4.6CVSS7.5AI score0.11643EPSS
Exploits9
saint
saint
•added 2006/05/30 12:0 a.m.•32 views

Novell eDirectory iMonitor NDS buffer overflow

Added: 05/30/2006 CVE: CVE-2006-2496 BID: 18026 OSVDB: 25781 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow in iMonitor allows remote attackers to execute arbitrary commands by sending a long, specially crafted URL request in the NDS...

10CVSS7.8AI score0.09219EPSS
Exploits4
saint
saint
•added 2006/05/24 12:0 a.m.•32 views

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

5.1CVSS6.9AI score0.05586EPSS
Exploits4
saint
saint
•added 2006/05/04 12:0 a.m.•32 views

Windows Metafile rendering buffer overflow

Added: 05/04/2006 CVE: CVE-2004-0209 BID: 11375 OSVDB: 10692 Background A Windows Metafile image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A buffer overflow in the Windows Graphics Rendering Engine allows command execution when a malforme...

10CVSS6.6AI score0.62054EPSS
Exploits8
saint
saint
•added 2006/01/24 12:0 a.m.•32 views

MailEnable IMAP command buffer overflow

Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...

7.5CVSS7.4AI score0.14061EPSS
Exploits5
saint
saint
•added 2006/01/24 12:0 a.m.•32 views

MailEnable IMAP command buffer overflow

Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...

7.5CVSS7.4AI score0.14061EPSS
Exploits5
saint
saint
•added 2005/12/14 12:0 a.m.•32 views

Computer Associates License Service GETCONFIG buffer overflow

Added: 12/14/2005 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability exists in the processing of GETCONFIG messages...

4.6CVSS6.5AI score0.46344EPSS
Exploits24
saint
saint
•added 2005/12/04 12:0 a.m.•32 views

VERITAS NetBackup Volume Manager Daemon buffer overflow

Added: 12/04/2005 CVE: CVE-2005-3116 BID: 15353 OSVDB: 20674 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The Volume Manager Daemon VMD has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port...

10CVSS6.7AI score0.27617EPSS
Exploits5
saint
saint
•added 2020/09/02 12:0 a.m.•31 views

vBulletin subWidgets command execution

Added: 09/02/2020 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem An incomplete fix for a previously reported vulnerability allows a remote attacker to execute arbitrary commands by sending a POST request for the widgettabbedcontainertabpane...

8.3AI score
Exploits0
saint
saint
•added 2015/06/09 12:0 a.m.•31 views

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

1.3AI score
Exploits0
saint
saint
•added 2014/08/21 12:0 a.m.•31 views

Firefox crypto.generateCRMFRequest command execution

Added: 08/21/2014 CVE: CVE-2013-1710 BID: 61900 OSVDB: 96019 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution...

10CVSS9AI score0.40118EPSS
Exploits13
saint
saint
•added 2014/07/14 12:0 a.m.•31 views

GitList blame resource command injection

Added: 07/14/2014 CVE: CVE-2014-4511 BID: 68253 OSVDB: 108504 Background GitList is a web-based git repository viewer. Problem A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the blame resource. Resolution Upgrade to...

7.5CVSS7.3AI score0.8273EPSS
Exploits16
saint
saint
•added 2013/10/09 12:0 a.m.•31 views

Internet Explorer Use-After-Free Memory Corruption (MS13-055)

Added: 10/09/2013 CVE: CVE-2013-3163 BID: 60975 OSVDB: 94981 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error which can lead to memory corruption in such a way as to allow...

9.3CVSS9AI score0.70676EPSS
Exploits6
saint
saint
•added 2013/09/30 12:0 a.m.•31 views

HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability

Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...

5CVSS7.4AI score0.09637EPSS
Exploits5
saint
saint
•added 2013/09/30 12:0 a.m.•31 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
saint
saint
•added 2013/08/20 12:0 a.m.•31 views

HP LeftHand Virtual SAN Appliance Hydra Service Login Buffer Overflow

Added: 08/20/2013 CVE: CVE-2013-2343 BID: 60884 OSVDB: 94701 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...

10CVSS7.9AI score0.61813EPSS
Exploits8
saint
saint
•added 2013/08/08 12:0 a.m.•31 views

PineApp Mail-SeCure test_li_connection.php Command Injection

Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...

0.8AI score
Exploits0
saint
saint
•added 2013/07/05 12:0 a.m.•31 views

Novell iPrint Client IPP Response URI handling buffer overflow

Added: 07/05/2013 CVE: CVE-2013-1091 BID: 59612 OSVDB: 92938 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability within the handling...

10CVSS7AI score0.06227EPSS
Exploits4
Total number of security vulnerabilities4305