Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2014/04/28 12:0 a.m.•29 views

WinRAR ZIP File Handling Filename Spoofing Vulnerability

Added: 04/28/2014 BID: 66383 OSVDB: 62610 Background WinRAR is a shareware file archiver and data compression utility which runs on Microsoft Windows. It can create archives in ZIP format, as well as its own proprietary RAR format, and unpack a variety of other archive types. Problem WinRAR 4.x i...

0.2AI score
Exploits0
Saint
Saint
•added 2014/02/11 12:0 a.m.•29 views

Android WebView addJavascriptInterface Arbitrary Java Method Access

Added: 02/11/2014 CVE: CVE-2013-4710 OSVDB: 97520 Background Android is a Linux-based operating system used primarily on touchscreen mobile devices such as smartphones and tablet computers. It was originally developed by Android Inc., but is now owned by Google. WebView is a sub-class of the...

9.3CVSS6.7AI score0.42623EPSS
Exploits6
Saint
Saint
•added 2013/12/18 12:0 a.m.•29 views

HP LoadRunner Virtual User Generator EmulationAdmin service directory traversal

Added: 12/18/2013 CVE: CVE-2013-4837 BID: 63475 OSVDB: 99231 Background HP LoadRunner is a software performance testing solution. Problem A directory traversal vulnerability in the Virtual User Generator EmulationAdmin service allows remote attackers to upload files to arbitrary locations using t...

10CVSS6.6AI score0.62617EPSS
Exploits8
Saint
Saint
•added 2013/08/19 12:0 a.m.•29 views

Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Control Vulnerability

Added: 08/19/2013 CVE: CVE-2013-1559 BID: 59122 OSVDB: 92386 Background Oracle WebCenter Content is an open platform that allows users to create a vast range of content management applications. It consolidates unstructured content from across diverse systems so it can be centrally managed and the...

4CVSS6.6AI score0.58817EPSS
Exploits9
Saint
Saint
•added 2013/08/08 12:0 a.m.•29 views

PineApp Mail-SeCure test_li_connection.php Command Injection

Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...

0.8AI score
Exploits0
Saint
Saint
•added 2013/07/03 12:0 a.m.•29 views

SAP NetWeaver SOAP RFC SXPG_COMMAND_EXECUTE Command Execution

Added: 07/03/2013 BID: 55084 OSVDB: 93536 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Remote Function Call RFC is the standard SAP interface for communication between SAP systems. Transaction SM69 is used to create and maintain externa...

8.2AI score
Exploits0
Saint
Saint
•added 2013/04/22 12:0 a.m.•29 views

BigAnt IM Server DDNF username Field Remote Overflow

Added: 04/22/2013 BID: 58998 OSVDB: 92239 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt IM Server is vulnerable to buffer overflow in the expsrv.dll library as a result of improper validation of...

1AI score
Exploits0
Saint
Saint
•added 2013/02/22 12:0 a.m.•29 views

BigAnt Server SCH and DUPF Stack Overflow

Added: 02/22/2013 CVE: CVE-2012-6275 BID: 57214 OSVDB: 89344 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server versions 2.97 SP7 and prior are vulnerable to a stack overflow condition due to improp...

10CVSS6.8AI score0.46498EPSS
Exploits8
Saint
Saint
•added 2013/01/12 12:0 a.m.•29 views

Foxit Reader Plugin for Firefox URL Filename Stack Buffer Overflow

Added: 01/12/2013 BID: 57174 OSVDB: 89030 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader plugin for Firefox npFoxitReaderPlugin.dll is vulnerable to remote code execution as a result of failure to check boundary conditions when processing a URL...

8.1AI score
Exploits0
Saint
Saint
•added 2012/12/27 12:0 a.m.•29 views

WibuKey Runtime WkWin32.dll module DisplayMessageDialog overflow

Added: 12/27/2012 BID: 56678 OSVDB: 87881 Background WibuKey is a software protection and licensing solution. Problem A vulnerability in the WkWin32.dll ActiveX control in WibuKey Runtime allows command execution when a web page calls the DisplayMessageDialog method with a long, specially crafted...

0.6AI score
Exploits0
Saint
Saint
•added 2012/12/27 12:0 a.m.•29 views

IBM Cognos TM1 and Express Admin Server Buffer Overflow

Added: 12/27/2012 CVE: CVE-2012-0202 BID: 52847 OSVDB: 80876 Background IBM Cognos TM1 is enterprise planning software for planning, budgeting, forecasting and analysis. IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting,...

10CVSS7.2AI score0.5485EPSS
Exploits8
Saint
Saint
•added 2012/11/09 12:0 a.m.•29 views

CA ARCserve Backup Authentication service invalid virtual function call

Added: 11/09/2012 CVE: CVE-2012-2971 BID: 56116 OSVDB: 86416 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. Problem An invalid virtual function call in the authentication service allows remote attackers to execute arbitrary commands. Resolutio...

7.5CVSS7.3AI score0.04053EPSS
Exploits4
Saint
Saint
•added 2012/10/26 12:0 a.m.•29 views

HP Operations Agent for NonStop Server ELinkService HEALTH packet buffer overflow

Added: 10/26/2012 BID: 55161 OSVDB: 84854 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in HP Operations Agent for NonStop server allows an attacker to execute arbitrary commands by sending a specially crafted...

8.1AI score
Exploits0
Saint
Saint
•added 2012/09/26 12:0 a.m.•29 views

HP Intelligent Management Center uam.exe Stack Buffer Overflow

Added: 09/26/2012 BID: 55271 OSVDB: 85060 Background HP Intelligent Management Center, also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities. The User Access Manager UAM module uam.exe manages the...

0.4AI score
Exploits0
Saint
Saint
•added 2012/09/13 12:0 a.m.•29 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType Method Vulnerability

Added: 09/13/2012 BID: 55272 OSVDB: 85152 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Saint
Saint
•added 2012/09/07 12:0 a.m.•29 views

IBM Lotus Notes URL Handler Command Execution

Added: 09/07/2012 CVE: CVE-2012-2174 BID: 54070 OSVDB: 83063 Background Lotus Notes is the client for Lotus Domino servers. Problem Lotus Notes 8.5.3 and earlier is vulnerable to remote code execution when handling a specially crafted URL. A remote attacker can pass the -RPARAMS command line...

9.3CVSS7.4AI score0.38291EPSS
Exploits11
Saint
Saint
•added 2012/08/20 12:0 a.m.•29 views

HP Operations Agent Opcode 0x8c vulnerability

Added: 08/20/2012 CVE: CVE-2012-2020 BID: 54362 OSVDB: 83674 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...

10CVSS7.8AI score0.64685EPSS
Exploits8
Saint
Saint
•added 2012/05/17 12:0 a.m.•30 views

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

0.7AI score
Exploits0
Saint
Saint
•added 2012/05/02 12:0 a.m.•29 views

FreePBX callmenum Remote Code Execution

Added: 05/02/2012 BID: 52630 OSVDB: 80544 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem FreePBX fails to properly sanitize user-supplied input passed to 'callmenum' parameter in...

7.8AI score
Exploits0
Saint
Saint
•added 2012/04/06 12:0 a.m.•29 views

Novell ZENworks Configuration Management Preboot Service Opcode 6c Vulnerability

Added: 04/06/2012 CVE: CVE-2011-3176 BID: 52659 OSVDB: 80231 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

10CVSS6.6AI score0.69667EPSS
Exploits13
Saint
Saint
•added 2012/03/06 12:0 a.m.•29 views

Sysax SSH Username Remote Code Execution

Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...

7.8AI score
Exploits0
Saint
Saint
•added 2012/01/13 12:0 a.m.•29 views

Splunk Search Jobs Remote Code Execution

Added: 01/13/2012 CVE: CVE-2011-4642 BID: 51061 OSVDB: 77695 Background Splunk collects, indexes and harnesses the massive volumes of valuable machine data generated by your complex IT infrastructure, whether physical, virtual or in the cloud. Problem Splunk allows users to perform search actions...

4.6CVSS6.9AI score0.28928EPSS
Exploits7
Saint
Saint
•added 2012/01/05 12:0 a.m.•29 views

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

1AI score
Exploits0
Saint
Saint
•added 2011/12/30 12:0 a.m.•29 views

Avaya WinPDM Unite Host Router service buffer overflow

Added: 12/30/2011 BID: 47947 OSVDB: 73269 Background Avaya Windows Portable Device Manager WinPDM is used for local administration and software download of various devices. Problem A buffer overflow vulnerability in Avaya WinPDM allows an attacker to execute arbitrary commands by sending a...

1.5AI score
Exploits0
Saint
Saint
•added 2011/12/28 12:0 a.m.•29 views

Hastymail rs parameter command injection

Added: 12/28/2011 CVE: CVE-2011-4542 BID: 50791 OSVDB: 77331 Background Hastymail is a fast, secure, rfc-compliant, cross-platform IMAP/SMTP client application written in PHP providing a clean web interface for sending and reading E-mail. Problem Hastymail2 fails to properly sanitize user-supplie...

7.5CVSS7.1AI score0.24119EPSS
Exploits9
Saint
Saint
•added 2011/12/27 12:0 a.m.•29 views

Traq authenticate function remote code execution

Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...

7.8AI score
Exploits0
Saint
Saint
•added 2011/12/09 12:0 a.m.•29 views

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

1.5AI score
Exploits0
Saint
Saint
•added 2011/11/28 12:0 a.m.•29 views

Viscom Software Image Viewer ActiveX TIFMergeMultiFiles Vulnerability

Added: 11/28/2011 BID: 50712 Background Viscom Image Viewer CP is an image viewer ActiveX control that supports many popular image file formats, zoom in, zoom out, panning, auto zoom and auto scrolling when drawing the selection rectangle. Problem The ImageViewer2.OCX ActiveX control in Image...

0.8AI score
Exploits0
Saint
Saint
•added 2011/10/31 12:0 a.m.•29 views

Symantec IM Manager IMAdminLDAPConfig.asp SQL injection

Added: 10/31/2011 CVE: CVE-2011-0553 BID: 49738 OSVDB: 75984 Background Symantec IM Manager is a solution for managing and securing instant-messaging traffic in an enterprise. Problem An SQL injection vulnerability in IMAdminLDAPConfig.asp allows remote, authenticated attackers to execute arbitra...

7.5CVSS7.8AI score0.01854EPSS
Exploits4
Saint
Saint
•added 2011/09/26 12:0 a.m.•29 views

Computech Wordlist Builder DIC File Buffer Overflow

Added: 09/26/2011 BID: 47113 Background Computech Wordlist Builder is a simple utility that generates sorted wordlists based on contents of documents. Problem A stack overflow condition exists in Wordlist Builder 1.0 due the use of a fixed-length buffer used to read words from the .DIC file...

0.2AI score
Exploits0
Saint
Saint
•added 2011/09/06 12:0 a.m.•29 views

Microsoft Internet Explorer Time Element Memory Corruption

Added: 09/06/2011 CVE: CVE-2011-1255 BID: 48206 OSVDB: 72947 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. The HTML+Time Timed Interactive Multimedia Extensions helps to add timed, animated, multimedia content to HTML documents. Problem...

9.3CVSS6.8AI score0.42103EPSS
Exploits5
Saint
Saint
•added 2011/03/14 12:0 a.m.•29 views

Microsoft Remote Desktop Connection Insecure Library Injection

Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...

9.3CVSS7.6AI score0.0716EPSS
Exploits4
Saint
Saint
•added 2011/01/20 12:0 a.m.•29 views

HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow

Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

10CVSS7.7AI score0.15629EPSS
Exploits4
Saint
Saint
•added 2011/01/10 12:0 a.m.•29 views

HP Photo Creations audio.Record ActiveX Stack Buffer Overflow

Added: 01/10/2011 BID: 45631 Background HP Photo Creations is free software that lets the user create photo books, calendars, collages, greeting cards and other keepsakes that can be printed or shipped to the user. HP Photo Creations installs and registers the audio.Record ActiveX control which...

7.8AI score
Exploits0
Saint
Saint
•added 2010/12/23 12:0 a.m.•29 views

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

10CVSS7.5AI score0.72575EPSS
Exploits6
Saint
Saint
•added 2010/12/23 12:0 a.m.•29 views

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

10CVSS7.5AI score0.72575EPSS
Exploits6
Saint
Saint
•added 2010/12/22 12:0 a.m.•29 views

SAP Crystal Reports PrintControl.dll ServerResourceVersion buffer overflow

Added: 12/22/2010 CVE: CVE-2010-2590 BID: 45387 OSVDB: 69917 Background SAP Crystal Reports allows developers to design interactive reports from virtually any data source. Problem A buffer overflow vulnerability in the PrintControl.dll ActiveX control allows command execution when a user loads a...

9.3CVSS6.9AI score0.46776EPSS
Exploits9
Saint
Saint
•added 2010/12/16 12:0 a.m.•29 views

Internet Explorer HTML+TIME element OuterText memory corruption

Added: 12/16/2010 CVE: CVE-2010-3346 BID: 45261 OSVDB: 69829 Background The HTML+TIME.aspx component of Internet Explorer adds timing and media synchronization support to HTML pages. Problem A memory corruption vulnerability in the HTML+TIME component allows command execution when a user loads a...

9.3CVSS6.5AI score0.28886EPSS
Exploits4
Saint
Saint
•added 2010/11/22 12:0 a.m.•29 views

Foxit Reader Crafted PDF Title Handling Stack Buffer Overflow

Added: 11/22/2010 OSVDB: 68648 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader for Windows is vulnerable to a stack buffer overflow which could allow execution of arbitrary code. A remote attacker can exploit this vulnerability by enticing a user t...

0.6AI score
Exploits0
Saint
Saint
•added 2010/11/08 12:0 a.m.•29 views

DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

Added: 11/08/2010 CVE: CVE-2010-4142 BID: 44150 OSVDB: 68812 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.8AI score0.63573EPSS
Exploits12
Saint
Saint
•added 2010/11/04 12:0 a.m.•29 views

Adobe Shockwave Director rcsL Chunk Remote Code Execution

Added: 11/04/2010 CVE: CVE-2010-3653 BID: 44291 OSVDB: 68803 Background Adobe Shockwave is a multimedia player used to add animation and interactivity to web pages. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on any computer which has the...

9.3CVSS6.9AI score0.74626EPSS
Exploits9
Saint
Saint
•added 2010/08/27 12:0 a.m.•29 views

Microsoft Windows Movie Maker MediaClipString Buffer Overflow

Added: 08/27/2010 CVE: CVE-2010-2564 BID: 42268 OSVDB: 66986 Background Windows Movie Maker is software for creating and editing home movies. Problem A buffer overflow vulnerability when parsing MediaClipString data allows command execution when a user opens a specially crafted .MSWMM file...

9.3CVSS6.8AI score0.22588EPSS
Exploits4
Saint
Saint
•added 2010/08/25 12:0 a.m.•29 views

Novell iPrint Client ActiveX control call-back-url buffer overflow

Added: 08/25/2010 CVE: CVE-2010-1527 BID: 42576 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability allows command execution when a...

9.3CVSS6.7AI score0.35987EPSS
Exploits18
Saint
Saint
•added 2010/07/08 12:0 a.m.•29 views

Microsoft Excel DBQueryExt record parsing vulnerability

Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.3AI score0.25692EPSS
Exploits4
Saint
Saint
•added 2010/05/28 12:0 a.m.•29 views

HP OpenView Network Node Manager getnnmdata.exe CGI Hostname buffer overflow

Added: 05/28/2010 CVE: CVE-2010-1555 BID: 40072 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.64447EPSS
Exploits13
Saint
Saint
•added 2010/05/19 12:0 a.m.•29 views

Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow

Added: 05/19/2010 CVE: CVE-2010-0265 BID: 38515 OSVDB: 62811 Background Windows Movie Maker is software for creating and editing home movies. Problem A buffer overflow vulnerability in the IsValidWMToolsStream function allows command execution when a user opens a specially crafted .MSWMM file...

9.3CVSS6.7AI score0.26636EPSS
Exploits9
Saint
Saint
•added 2010/05/07 12:0 a.m.•29 views

Microsoft Visio DXF file insertion buffer overflow

Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...

7.6CVSS6.7AI score0.67309EPSS
Exploits11
Saint
Saint
•added 2010/04/08 12:0 a.m.•29 views

Easy FTP Server MKD command buffer overflow

Added: 04/08/2010 BID: 38102 OSVDB: 62134 Background UplusFTP formerly Easy FTP Server is a free FTP server for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by sending a MKD command with a specially crafted argumen...

1.6AI score
Exploits0
Saint
Saint
•added 2010/03/04 12:0 a.m.•29 views

Microsoft Office PowerPoint Viewer TextBytesAtom Record Buffer Overflow

Added: 03/04/2010 CVE: CVE-2010-0033 BID: 38107 OSVDB: 62241 Background Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself. Problem A stack overflow vulnerability in the handling of TextBytesAtom...

9.3CVSS6.8AI score0.51073EPSS
Exploits8
Saint
Saint
•added 2010/03/04 12:0 a.m.•29 views

Microsoft Office PowerPoint Viewer TextBytesAtom Record Buffer Overflow

Added: 03/04/2010 CVE: CVE-2010-0033 BID: 38107 OSVDB: 62241 Background Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself. Problem A stack overflow vulnerability in the handling of TextBytesAtom...

9.3CVSS6.8AI score0.51073EPSS
Exploits8
Total number of security vulnerabilities4305