Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2008/01/22 12:0 a.m.•30 views

Microsoft DirectX SAMI parser buffer overflow

Added: 01/22/2008 CVE: CVE-2007-3901 BID: 26789 OSVDB: 39126 Background DirectX is a feature of the Windows operating system used for streaming media. Problem A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Playe...

8.5CVSS6.8AI score0.45873EPSS
Exploits13
Saint
Saint
•added 2008/01/17 12:0 a.m.•30 views

Microsoft Excel rtAFDesc record invalid pointer access

Added: 01/17/2008 CVE: CVE-2008-0081 BID: 27305 OSVDB: 40344 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem Microsoft Excel references an uninitialized pointer if a spreadsheet contains an improperly placed...

9.3CVSS9.5AI score0.57908EPSS
Exploits6
Saint
Saint
•added 2008/01/03 12:0 a.m.•30 views

Lotus Notes WPD attachment viewer buffer overflow

Added: 01/03/2008 CVE: CVE-2007-5910 BID: 26175 OSVDB: 40783 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted WordPerfect WPD attachment. Resolution...

9.3CVSS6.9AI score0.06619EPSS
Exploits4
Saint
Saint
•added 2007/12/31 12:0 a.m.•30 views

Lotus Domino Web Access ActiveX control dwa7w.dll buffer overflow

Added: 12/31/2007 CVE: CVE-2007-4474 BID: 26972 OSVDB: 40954 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. Problem A buffer overflow vulnerability in the Lotus Domino Web Access ActiveX control in the dwa7w.dl...

9.3CVSS6.8AI score0.44184EPSS
Exploits25
Saint
Saint
•added 2007/12/12 12:0 a.m.•30 views

Microsoft Message Queuing queue name buffer overflow

Added: 12/12/2007 CVE: CVE-2007-3039 BID: 26797 OSVDB: 39123 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow vulnerability in the Microsoft Message Queuing service allows remote attackers t...

9CVSS7.5AI score0.69055EPSS
Exploits13
Saint
Saint
•added 2007/11/09 12:0 a.m.•30 views

EMC NetWorker Remote Exec service subcmd buffer overflow

Added: 11/09/2007 CVE: CVE-2007-3618 BID: 25375 OSVDB: 39744 Background EMC NetWorker is a centralized data backup solution. Problem A buffer overflow vulnerability in the Remote Exec service nsrexecd.exe allows remote attackers to execute arbitrary commands by sending a long, invalid subcmd to a...

9.3CVSS7.8AI score0.07103EPSS
Exploits5
Saint
Saint
•added 2007/07/26 12:0 a.m.•30 views

Borland Interbase ibserver.exe create buffer overflow

Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe , allows remote attackers to execute arbitrary commands by sending a speciall...

7.5CVSS7.8AI score0.66081EPSS
Exploits9
Saint
Saint
•added 2007/07/26 12:0 a.m.•30 views

Borland Interbase ibserver.exe create buffer overflow

Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe, allows remote attackers to execute arbitrary commands by sending a specially...

7.5CVSS7.8AI score0.66081EPSS
Exploits9
Saint
Saint
•added 2007/06/27 12:0 a.m.•30 views

Linux kernel ptrace privilege elevation vulnerability

Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...

7.2CVSS6AI score0.01584EPSS
Exploits5
Saint
Saint
•added 2007/06/22 12:0 a.m.•30 views

Solaris loadable kernel module directory traversal

Added: 06/22/2007 CVE: CVE-2004-1767 BID: 9477 OSVDB: 15128 Background Loadable kernel modules are programs which can be dynamically loaded into the kernel. Problem A directory traversal vulnerability in the vfsgetvfssw function in the Solaris kernel allows unprivileged users to load their own...

7.2CVSS6.2AI score0.00433EPSS
Exploits4
Saint
Saint
•added 2007/06/08 12:0 a.m.•30 views

Yahoo Messenger Webcam Viewer ActiveX control buffer overflow

Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...

9.3CVSS6.8AI score0.12339EPSS
Exploits5
Saint
Saint
•added 2007/05/24 12:0 a.m.•30 views

Microsoft Excel Named Graph record buffer overflow

Added: 05/24/2007 CVE: CVE-2007-0215 BID: 23760 OSVDB: 34393 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...

7.6CVSS6.7AI score0.31546EPSS
Exploits4
Saint
Saint
•added 2007/05/11 12:0 a.m.•30 views

McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow

Added: 05/11/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...

9.3CVSS6.9AI score0.07729EPSS
Exploits8
Saint
Saint
•added 2007/03/22 12:0 a.m.•30 views

Mercury IMAP data continuation buffer overflow

Added: 03/22/2007 CVE: CVE-2007-1373 OSVDB: 33883 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the Mercury IMAP service when processing data continuation specifiers allows remote attackers to execute...

10CVSS7.8AI score0.58687EPSS
Exploits8
Saint
Saint
•added 2007/03/07 12:0 a.m.•30 views

Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow

Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
•added 2006/12/26 12:0 a.m.•30 views

BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow

Added: 12/26/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC ReserveGroup function allows remote attackers to...

10CVSS7.8AI score0.70215EPSS
Exploits11
Saint
Saint
•added 2006/12/08 12:0 a.m.•30 views

3Com TFTP server Transporting Mode buffer overflow

Added: 12/08/2006 CVE: CVE-2006-6183 BID: 21301 OSVDB: 30758 Background 3CTftpSvc by 3Com is a freeware implementation of the TFTP protocol for Windows. Problem A buffer overflow vulnerability in the 3Com TFTP server allows remote attackers to execute arbitrary commands by sending a long, special...

10CVSS7.7AI score0.7057EPSS
Exploits12
Saint
Saint
•added 2006/10/26 12:0 a.m.•30 views

Novell eDirectory iMonitor HTTP redirection buffer overflow

Added: 10/26/2006 CVE: CVE-2006-5478 BID: 20655 OSVDB: 29993 Background iMonitor is a web service which is a component of Novell eDirectory. Problem iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer...

7.5CVSS7.2AI score0.83891EPSS
Exploits11
Saint
Saint
•added 2006/10/26 12:0 a.m.•30 views

Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow

Added: 10/26/2006 CVE: CVE-2006-5344 BID: 20588 OSVDB: 31462 Background The Oracle Spatial formerly SDO component of Oracle Database provides a set of functions which process multi-dimensional data. Problem A buffer overflow in the Oracle Spatial component allows an attacker with EXECUTE privileg...

9CVSS7.2AI score0.03598EPSS
Exploits4
Saint
Saint
•added 2006/10/06 12:0 a.m.•30 views

McAfee HTTP header processing buffer overflow

Added: 10/06/2006 CVE: CVE-2006-5156 BID: 20288 OSVDB: 29421 Background McAfee ePolicy Orchestrator and Protection Pilot are centralized security management products. These products include an HTTP server implemented by the NAISERV.exe program. Problem A buffer overflow vulnerability in the McAfe...

10CVSS7.9AI score0.72228EPSS
Exploits8
Saint
Saint
•added 2006/09/06 12:0 a.m.•30 views

MySQL MaxDB WebDBM database name buffer overflow

Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...

10CVSS7.8AI score0.70468EPSS
Exploits7
Saint
Saint
•added 2006/08/14 12:0 a.m.•30 views

Mozilla Firefox JavaScript Navigator object vulnerability

Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...

7.5CVSS6.5AI score0.78359EPSS
Exploits11
Saint
Saint
•added 2006/08/07 12:0 a.m.•30 views

BrightStor ARCserve Universal Agent buffer overflow

Added: 08/07/2006 CVE: CVE-2005-1018 BID: 13102 OSVDB: 15471 Background The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP. Problem A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary comman...

7.5CVSS7.8AI score0.58983EPSS
Exploits7
Saint
Saint
•added 2006/07/28 12:0 a.m.•30 views

ViRobot Server web interface addschup buffer overflow

Added: 07/28/2006 CVE: CVE-2005-2041 BID: 13964 OSVDB: 17320 Background ViRobot Linux Server includes a web-based control interface. Problem A buffer overflow in the addschup CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab...

5CVSS7.4AI score0.05547EPSS
Exploits5
Saint
Saint
•added 2006/06/30 12:0 a.m.•30 views

Windows RRAS memory corruption vulnerability

Added: 06/30/2006 CVE: CVE-2006-2370 BID: 18325 OSVDB: 26437 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. Problem A buffer overflow in RRAS allows remote attackers to execute...

7.5CVSS9.9AI score0.72969EPSS
Exploits18
Saint
Saint
•added 2006/06/13 12:0 a.m.•30 views

Symantec real-time scan service buffer overflow

Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...

10CVSS7.6AI score0.73558EPSS
Exploits7
Saint
Saint
•added 2006/06/05 12:0 a.m.•30 views

Internet Explorer Javaprxy.dll heap overflow

Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...

5CVSS6.6AI score0.61372EPSS
Exploits4
Saint
Saint
•added 2006/05/17 12:0 a.m.•30 views

SHOUTcast filename format string vulnerability

Added: 05/17/2006 CVE: CVE-2004-1373 BID: 12096 OSVDB: 12585 Background SHOUTcast is a streaming audio server based on Winamp. Problem A format string vulnerability in SHOUTcast allows remote attackers to execute commands by requesting a MP3 filename containing format string characters such as %n...

7.5CVSS6.9AI score0.70066EPSS
Exploits8
Saint
Saint
•added 2006/05/15 12:0 a.m.•30 views

Windows compressed folders buffer overflow

Added: 05/15/2006 CVE: CVE-2004-0575 BID: 11382 OSVDB: 10695 Background Microsoft Windows XP and Windows Server 2003 include the ability to natively handle ZIP files. Problem A buffer overflow when handling compressed folders allows command execution when a specially crafted ZIP file is opened by...

10CVSS6.9AI score0.603EPSS
Exploits4
Saint
Saint
•added 2006/05/04 12:0 a.m.•30 views

Outlook Express NNTP LIST buffer overflow

Added: 05/04/2006 CVE: CVE-2005-1213 BID: 13951 OSVDB: 17306 Background Outlook Express is a free e-mail client which is included in Windows operating systems. Problem A buffer overflow in Outlook Express allows command execution when processing responses from NNTP servers to LIST commands...

7.5CVSS6.9AI score0.73961EPSS
Exploits8
Saint
Saint
•added 2006/04/20 12:0 a.m.•30 views

Novell GroupWise Messenger Accept-Language buffer overflow

Added: 04/20/2006 CVE: CVE-2006-0992 BID: 17503 OSVDB: 24617 Background Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP. Problem A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted...

10CVSS7.3AI score0.72833EPSS
Exploits12
Saint
Saint
•added 2006/04/20 12:0 a.m.•30 views

Novell GroupWise Messenger Accept-Language buffer overflow

Added: 04/20/2006 CVE: CVE-2006-0992 BID: 17503 OSVDB: 24617 Background Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP. Problem A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted...

10CVSS7.3AI score0.72833EPSS
Exploits12
Saint
Saint
•added 2006/04/06 12:0 a.m.•30 views

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

10CVSS6.9AI score0.61668EPSS
Exploits8
Saint
Saint
•added 2006/03/16 12:0 a.m.•30 views

Internet Explorer isComponentInstalled buffer overflow

Added: 03/16/2006 CVE: CVE-2006-1016 BID: 16870 OSVDB: 31647 Background The isComponentInstalled method allows scripts to determine which components are installed. Problem Internet Explorer is affected by a buffer overflow in the isComponentInstalled method which can lead to remote command...

7.5CVSS7.1AI score0.66674EPSS
Exploits8
Saint
Saint
•added 2006/03/10 12:0 a.m.•30 views

WS_FTP MKD command buffer overflow

Added: 03/10/2006 CVE: CVE-2004-1135 BID: 11772 OSVDB: 12509 Background WSFTP Server is an FTP server for Windows platforms. Problem A buffer overflow vulnerability in the MKD command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker...

5CVSS7.3AI score0.49642EPSS
Exploits7
Saint
Saint
•added 2006/02/24 12:0 a.m.•30 views

Safari archive metadata command execution

Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...

5.1CVSS6.3AI score0.58105EPSS
Exploits8
Saint
Saint
•added 2006/02/24 12:0 a.m.•30 views

Windows NetDDE buffer overflow

Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...

7.5CVSS7.4AI score0.77002EPSS
Exploits8
Saint
Saint
•added 2006/01/30 12:0 a.m.•30 views

FrontPage fp30reg.dll remote debug buffer overflow

Added: 01/30/2006 CVE: CVE-2003-0822 BID: 9007 OSVDB: 2952 Background Microsoft FrontPage Server Extensions includes a remote debugging function. Problem A buffer overflow in fp30reg.dll leads to a vulnerability in the remote debug function in FrontPage Server Extensions. A remote attacker could...

7.5CVSS7.5AI score0.83075EPSS
Exploits10
Saint
Saint
•added 2006/01/24 12:0 a.m.•30 views

MailEnable IMAP command buffer overflow

Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...

7.5CVSS7.4AI score0.14061EPSS
Exploits5
Saint
Saint
•added 2005/12/22 12:0 a.m.•30 views

MySQL MaxDB WebTools special character buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0684 BID: 13368 OSVDB: 15816 Background MaxDB is a SAP-certified open-source database developed by MySQL. The WebTools component offers a set of database tools which are accessible from a web browser. The wahttp program listens on port 9999 and processes HTTP...

10CVSS7AI score0.68504EPSS
Exploits7
Saint
Saint
•added 2005/12/19 12:0 a.m.•30 views

Windows password weakness

Added: 12/19/2005 CVE: CVE-1999-0503 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...

7.2CVSS6.6AI score0.01835EPSS
Exploits4
Saint
Saint
•added 2005/12/10 12:0 a.m.•30 views

JRun mod_jrun WriteToLog buffer overflow

Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...

10CVSS7.7AI score0.07104EPSS
Exploits4
Saint
Saint
•added 2005/12/03 12:0 a.m.•30 views

MailEnable IMAP W3C Logging Buffer Overflow

Added: 12/03/2005 CVE: CVE-2005-3155 BID: 15006 OSVDB: 19842 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's IMAP service...

7.5CVSS7.5AI score0.63694EPSS
Exploits7
Saint
Saint
•added 2005/11/30 12:0 a.m.•30 views

VERITAS NetBackup Java Administration Console format string vulnerability

Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...

10CVSS6.5AI score0.60356EPSS
Exploits6
Saint
Saint
•added 2005/11/30 12:0 a.m.•30 views

Oracle Enterprise Manager Agent buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...

10CVSS7.5AI score0.04145EPSS
Exploits4
Saint
Saint
•added 2021/02/03 12:0 a.m.•29 views

Apache Struts forced OGNL evaluation

Added: 02/03/2021 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Struts uses Object-Graph Navigation Language OGNL to...

8.3AI score
Exploits0
Saint
Saint
•added 2019/08/26 12:0 a.m.•29 views

Webmin password_change.cgi backdoor

Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...

8.3AI score
Exploits0
Saint
Saint
•added 2019/06/28 12:0 a.m.•29 views

SAPIDO RB-1732 command injection

Added: 06/28/2019 Background SAPIDO RB-1732 is a wireless router. Problem A vulnerability in the web interface allows remote attackers to execute arbitrary commands by sending a specially crafted request to the formSysCmd resource. Resolution Apply a firmware update which fixes this vulnerability...

8.3AI score
Exploits0
Saint
Saint
•added 2016/12/23 12:0 a.m.•29 views

McAfee VirusScan Enterprise for Linux authentication token brute force

Added: 12/23/2016 CVE: CVE-2016-8023 BID: 94823 Background McAfee VirusScan Enterprise for Linux is real-time, anti-malware software for Linux. Problem McAfee VirusScan Enterprise for Linux allows remote attackers to execute arbitrary commands by exploiting multiple vulnerabilities, including the...

8.1CVSS8.5AI score0.09211EPSS
Exploits7
Saint
Saint
•added 2016/06/15 12:0 a.m.•29 views

Apache Continuum saveInstallation.action command execution

Added: 06/15/2016 Background Apache Continuum is a continuous integration server for Java projects. Problem A remote attacker could execute arbitrary commands by sending a POST request to saveInstallation.action with a specially crafted installation.varValue parameter. Resolution Upgrade to a...

2AI score
Exploits0
Total number of security vulnerabilities4305