Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2005/11/30 12:0 a.m.•29 views

RSA SecurID Web Agent for IIS redirect buffer overflow

Added: 11/30/2005 CVE: CVE-2005-4734 BID: 26424 OSVDB: 20151 Background RSA SecurID Web Agent for IIS provides access control for IIS web servers using one-time authentication tokens. Problem A buffer overflow in IISWebAgentIF.dll could allow a remote attacker to execute arbitrary commands using ...

6.4CVSS7.8AI score0.54485EPSS
Exploits8
Saint
Saint
•added 2005/11/30 12:0 a.m.•29 views

NetMail IMAP buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3314 BID: 15491 OSVDB: 20956 Background Novell NetMail is an e-mail and calendaring server application. Problem A buffer overflow in the NetMail IMAP service could allow authenticated users to execute arbitrary commands using a long, specially crafted argument to...

7.5CVSS7.4AI score0.65657EPSS
Exploits7
Saint
Saint
•added 2005/11/29 12:0 a.m.•29 views

MailEnable IMAP STATUS buffer overflow

Added: 11/29/2005 CVE: CVE-2005-2278 BID: 14243 OSVDB: 17844 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...

7.2CVSS7.4AI score0.8464EPSS
Exploits8
Saint
Saint
•added 2005/11/29 12:0 a.m.•29 views

Computer Associates Message Queuing

Added: 11/29/2005 CVE: CVE-2005-2668 BID: 14622 OSVDB: 18916 Background The Computer Associates Message Queuing service is used internally by multiple Computer Associates products. Problem The Computer Associates Message Queuing service is affected by multiple buffer overflows which could result ...

10CVSS6.9AI score0.75244EPSS
Exploits7
Saint
Saint
•added 2005/11/29 12:0 a.m.•29 views

Hummingbird InetD LPD buffer overflow

Added: 11/29/2005 CVE: CVE-2005-1815 BID: 13788 OSVDB: 16957 Background Hummingbird InetD implements common UNIX services on Windows platforms. Problem The Hummingbird InetD LPD service is affected by a buffer overflow which allows remote command execution. Resolution Apply the patch. References...

5CVSS7.2AI score0.47192EPSS
Exploits7
Saint
Saint
•added 2019/03/25 12:0 a.m.•28 views

Tabs Laboratories MailCarrier MAIL FROM buffer overflow

Added: 03/25/2019 Background Tabs Laboratories MailCarrier is an SMTP server. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted MAIL FROM command to the SMTP service. Resolution Upgrade to a fixed version of...

8.8AI score
Exploits0
Saint
Saint
•added 2018/12/21 12:0 a.m.•28 views

MiniShare 1.4.1 HEAD method buffer overflow

Added: 12/21/2018 Background MiniShare is a Windows program that allows sharing of files without additional services or software. Problem MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. Resolution MiniShare is deprecated. References...

8.4AI score
Exploits0
Saint
Saint
•added 2016/02/29 12:0 a.m.•28 views

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

8.7AI score
Exploits0
Saint
Saint
•added 2014/07/14 12:0 a.m.•28 views

GitList blame resource command injection

Added: 07/14/2014 CVE: CVE-2014-4511 BID: 68253 OSVDB: 108504 Background GitList is a web-based git repository viewer. Problem A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the blame resource. Resolution Upgrade to...

7.5CVSS7.3AI score0.8273EPSS
Exploits16
Saint
Saint
•added 2013/09/30 12:0 a.m.•28 views

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

0.3AI score
Exploits0
Saint
Saint
•added 2013/09/05 12:0 a.m.•28 views

Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability

Added: 09/05/2013 CVE: CVE-2013-3184 BID: 61668 OSVDB: 96182 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A user-after-free vulnerability when handling the InsertImage command identifier of CFlatMarkupPointer objects in a web...

9.3CVSS6.5AI score0.58427EPSS
Exploits8
Saint
Saint
•added 2013/09/05 12:0 a.m.•28 views

Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability

Added: 09/05/2013 CVE: CVE-2013-3184 BID: 61668 OSVDB: 96182 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A user-after-free vulnerability when handling the InsertImage command identifier of CFlatMarkupPointer objects in a web...

9.3CVSS6.5AI score0.58427EPSS
Exploits8
Saint
Saint
•added 2013/08/01 12:0 a.m.•28 views

QuickTime Movie File dref Atom Handling Buffer Overflow

Added: 08/01/2013 CVE: CVE-2013-1017 BID: 60097 OSVDB: 93625 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime before 7.7.4 is vulnerable to remote code execution due to a failure to perform appropriate validation of user supplied input. A remote...

9.3CVSS7.5AI score0.32553EPSS
Exploits11
Saint
Saint
•added 2013/04/12 12:0 a.m.•28 views

HP System Management Homepage iprange parameter command execution

Added: 04/12/2013 BID: 58817 OSVDB: 91812 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A vulnerability in HP SMH allows command execution when an attacker requests /proxy/DataValidation with a...

0.8AI score
Exploits0
Saint
Saint
•added 2013/03/11 12:0 a.m.•28 views

Cool PDF Reader Image Stream Stack Overflow

Added: 03/11/2013 CVE: CVE-2012-4914 BID: 57461 OSVDB: 89349 Background Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS. Problem Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on ima...

9.3CVSS7.3AI score0.28391EPSS
Exploits11
Saint
Saint
•added 2012/12/27 12:0 a.m.•28 views

IBM Cognos TM1 and Express Admin Server Buffer Overflow

Added: 12/27/2012 CVE: CVE-2012-0202 BID: 52847 OSVDB: 80876 Background IBM Cognos TM1 is enterprise planning software for planning, budgeting, forecasting and analysis. IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting,...

10CVSS7.2AI score0.5485EPSS
Exploits8
Saint
Saint
•added 2012/08/06 12:0 a.m.•28 views

HP Operations Agent Opcode 0x34 vulnerability

Added: 08/06/2012 CVE: CVE-2012-2019 BID: 54362 OSVDB: 83673 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...

10CVSS7.8AI score0.64685EPSS
Exploits8
Saint
Saint
•added 2012/07/03 12:0 a.m.•28 views

F5 BIG-IP SSH private key

Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...

7.8CVSS8.8AI score0.63078EPSS
Exploits15
Saint
Saint
•added 2012/05/30 12:0 a.m.•28 views

Adobe Photoshop U3D.8BI Library Collada Asset Elements Handling

Added: 05/30/2012 BID: 53464 OSVDB: 81832 Background Adobe Photoshop is an application for editing digital images. Problem Adobe Photoshop 12.1 in Creative Suite CS 5.1 20110328.r.145 is vulnerable to a stack-based buffer overflow that could be exploited to perform arbitrary remote code execution...

0.3AI score
Exploits0
Saint
Saint
•added 2012/05/21 12:0 a.m.•28 views

Firefox DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access

Added: 05/21/2012 CVE: CVE-2011-3658 BID: 51138 OSVDB: 77953 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access and possible remote code...

7.5CVSS9.8AI score0.69882EPSS
Exploits10
Saint
Saint
•added 2012/04/25 12:0 a.m.•28 views

Microsoft Expression Design wintab32.dll Library Loading

Added: 04/25/2012 CVE: CVE-2012-0016 BID: 52375 OSVDB: 80001 Background Microsoft Expression Design is a commercial professional illustration vector and raster graphic design tool for web images. Problem Microsoft Expression Design contains a flaw in the way it loads dynamic-link libraries DLL. T...

9.3CVSS6.5AI score0.21892EPSS
Exploits5
Saint
Saint
•added 2012/04/18 12:0 a.m.•28 views

Screen Capture

Added: 04/18/2012 Background This tool captures the screen of a remote target. Limitations An existing connection to the remote target is required. For Unix and Linux systems, the xwd utility must be present on the remote target. Platforms Windows Linux Unix...

1.8AI score
Exploits0
Saint
Saint
•added 2011/11/04 12:0 a.m.•28 views

Netzip Classic ZIP file parsing buffer overflow

Added: 11/04/2011 BID: 46059 Background Netzip Classic is a Windows utility for downloading and decompressing files. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted ZIP file and double-clicks on the file contained in it. Resolution Do not use...

7.8AI score
Exploits0
Saint
Saint
•added 2011/10/11 12:0 a.m.•28 views

Wireshark DECT Dissector PCAP File Processing Overflow

Added: 10/11/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector epan/dissectors/packet-dect.c allows command execution via a specially crafted .pcap file. Resolution Upgrade to Wireshark...

9.3CVSS7.8AI score0.41744EPSS
Exploits18
Saint
Saint
•added 2011/07/18 12:0 a.m.•28 views

HP OpenView Storage Data Protector Opcode 27 Stack Buffer Overflow

Added: 07/18/2011 CVE: CVE-2011-1865 BID: 48486 OSVDB: 73571 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The OmniInet process omniinet.exe is...

10CVSS7.7AI score0.88948EPSS
Exploits18
Saint
Saint
•added 2011/06/03 12:0 a.m.•28 views

McAfee Firewall Reporter isValidClient Authentication Bypass

Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...

2.3AI score
Exploits0
Saint
Saint
•added 2011/05/23 12:0 a.m.•28 views

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil.dll stringToSeconds Buffer Overflow

Added: 05/23/2011 CVE: CVE-2011-0262 BID: 45762 OSVDB: 70470 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability affecting ovwebsnmpsrv.exe, in the stringToSeconds function in ovutil.dll, allows remote...

10CVSS7.7AI score0.17101EPSS
Exploits4
Saint
Saint
•added 2011/05/23 12:0 a.m.•28 views

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil.dll stringToSeconds Buffer Overflow

Added: 05/23/2011 CVE: CVE-2011-0262 BID: 45762 OSVDB: 70470 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability affecting ovwebsnmpsrv.exe , in the stringToSeconds function in ovutil.dll , allows remote...

10CVSS7.7AI score0.17101EPSS
Exploits4
Saint
Saint
•added 2011/05/12 12:0 a.m.•28 views

CA Total Defense UNCWS DeleteReports SQL Injection

Added: 05/12/2011 CVE: CVE-2011-1653 BID: 47355 Background CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution. Problem CA Total Defense includes a web service management component, which in version r12 prior to SE2, fails to validate certain parameters...

10CVSS7.2AI score0.88655EPSS
Exploits12
Saint
Saint
•added 2011/05/12 12:0 a.m.•28 views

CA Total Defense UNCWS DeleteReports SQL Injection

Added: 05/12/2011 CVE: CVE-2011-1653 BID: 47355 Background CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution. Problem CA Total Defense includes a web service management component, which in version r12 prior to SE2, fails to validate certain parameters...

10CVSS7.2AI score0.88655EPSS
Exploits12
Saint
Saint
•added 2011/02/03 12:0 a.m.•28 views

Symantec Alert Management System PIN number buffer overflow

Added: 02/03/2011 CVE: CVE-2010-0110 BID: 45936 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on po...

7.9CVSS7.7AI score0.0513EPSS
Exploits12
Saint
Saint
•added 2011/01/20 12:0 a.m.•28 views

HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow

Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

10CVSS7.7AI score0.15629EPSS
Exploits4
Saint
Saint
•added 2011/01/20 12:0 a.m.•28 views

HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow

Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

10CVSS7.7AI score0.15629EPSS
Exploits4
Saint
Saint
•added 2010/12/06 12:0 a.m.•28 views

Oracle Secure Backup Administration preauth variable command injection

Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...

9CVSS6.9AI score0.02243EPSS
Exploits12
Saint
Saint
•added 2010/11/04 12:0 a.m.•28 views

Adobe Shockwave Director rcsL Chunk Remote Code Execution

Added: 11/04/2010 CVE: CVE-2010-3653 BID: 44291 OSVDB: 68803 Background Adobe Shockwave is a multimedia player used to add animation and interactivity to web pages. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on any computer which has the...

9.3CVSS6.9AI score0.74626EPSS
Exploits9
Saint
Saint
•added 2010/09/20 12:0 a.m.•28 views

Apple QuickTime QTPlugin.ocx _Marshaled_pUnk Code Execution

Added: 09/20/2010 CVE: CVE-2010-1818 BID: 42841 OSVDB: 67705 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem An input validation error in Apple QuickTime 7.6.7 and earlier versions allows remote attackers to execute arbitrary code by enticing the user to ope...

9.3CVSS7.3AI score0.42668EPSS
Exploits9
Saint
Saint
•added 2010/08/27 12:0 a.m.•28 views

Microsoft Windows Movie Maker MediaClipString Buffer Overflow

Added: 08/27/2010 CVE: CVE-2010-2564 BID: 42268 OSVDB: 66986 Background Windows Movie Maker is software for creating and editing home movies. Problem A buffer overflow vulnerability when parsing MediaClipString data allows command execution when a user opens a specially crafted .MSWMM file...

9.3CVSS6.7AI score0.22588EPSS
Exploits4
Saint
Saint
•added 2010/08/03 12:0 a.m.•28 views

Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow

Added: 08/03/2010 CVE: CVE-2010-2777 BID: 41704 OSVDB: 66623 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability exists within the IMAP component of the Novell GroupWise Internet Agent service and is due to a boundary error while...

9CVSS6.6AI score0.10388EPSS
Exploits4
Saint
Saint
•added 2010/07/16 12:0 a.m.•28 views

Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability

Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...

9.3CVSS6AI score0.55278EPSS
Exploits11
Saint
Saint
•added 2010/06/23 12:0 a.m.•28 views

HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe

Added: 06/23/2010 CVE: CVE-2009-4181 BID: 37261 OSVDB: 60932 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in ovwebsnmpsrv.exe allows remote attackers to execute arbitrary commands by sending...

10CVSS7.8AI score0.1086EPSS
Exploits5
Saint
Saint
•added 2010/03/24 12:0 a.m.•28 views

Orbital Viewer buffer overflow

Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...

9.3CVSS6.8AI score0.37895EPSS
Exploits13
Saint
Saint
•added 2010/03/05 12:0 a.m.•28 views

Lotus Domino Web Access ActiveX control InstallBrowserHelperDll buffer overflow

Added: 03/05/2010 BID: 38457 OSVDB: 62612 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. It includes an ActiveX control implemented in inotes6w.dll , dwa7w.dll , dwa8w.dll , and dwa85w.dll. Problem A buffer...

7.7AI score
Exploits0
Saint
Saint
•added 2009/12/10 12:0 a.m.•28 views

EasyMail SMTP ActiveX Control AddAttachment buffer overflow

Added: 12/10/2009 BID: 36440 OSVDB: 59939 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A stack buffer overflow vulnerability in the...

7.8AI score
Exploits0
Saint
Saint
•added 2009/09/11 12:0 a.m.•28 views

VideoLAN VLC Media Player SMB Module Win32AddConnection Buffer Overflow

Added: 09/11/2009 CVE: CVE-2009-2484 BID: 35500 OSVDB: 55509 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A stack-based buffer overflow vulnerability in the Win32AddConnection function may allow a remote attacker to execu...

9.3CVSS7.7AI score0.3511EPSS
Exploits7
Saint
Saint
•added 2009/06/03 12:0 a.m.•28 views

Microsoft DirectX DirectShow QuickTime movie parsing vulnerability

Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...

9.3CVSS6.3AI score0.51207EPSS
Exploits7
Saint
Saint
•added 2009/04/23 12:0 a.m.•28 views

Microsoft Excel SST record code execution

Added: 04/23/2009 CVE: CVE-2009-0238 BID: 33870 OSVDB: 52695 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.3AI score0.43063EPSS
Exploits4
Saint
Saint
•added 2009/04/17 12:0 a.m.•28 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
Saint
Saint
•added 2009/03/23 12:0 a.m.•28 views

HP OpenView Network Node Manager OpenView5.exe buffer overflow

Added: 03/23/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in the OpenView5.exe CGI program allows remote attackers to execute arbitrary commands. Resolution Apply...

10CVSS7.5AI score0.63419EPSS
Exploits19
Saint
Saint
•added 2009/02/23 12:0 a.m.•28 views

Internet Explorer deleted object memory corruption

Added: 02/23/2009 CVE: CVE-2009-0075 BID: 33627 OSVDB: 51839 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a...

9.3CVSS6.3AI score0.85277EPSS
Exploits9
Saint
Saint
•added 2009/02/20 12:0 a.m.•28 views

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

10CVSS7AI score0.13334EPSS
Exploits11
Total number of security vulnerabilities4305