Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2007/08/03 12:0 a.m.•27 views

Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow

Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...

9.3CVSS6.9AI score0.1296EPSS
Exploits6
Saint
Saint
•added 2007/07/13 12:0 a.m.•27 views

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

7.5CVSS7.9AI score0.02634EPSS
Exploits4
Saint
Saint
•added 2007/06/22 12:0 a.m.•27 views

Solaris loadable kernel module directory traversal

Added: 06/22/2007 CVE: CVE-2004-1767 BID: 9477 OSVDB: 15128 Background Loadable kernel modules are programs which can be dynamically loaded into the kernel. Problem A directory traversal vulnerability in the vfsgetvfssw function in the Solaris kernel allows unprivileged users to load their own...

7.2CVSS6.2AI score0.00433EPSS
Exploits4
Saint
Saint
•added 2007/06/20 12:0 a.m.•27 views

Internet Explorer Content Advisor memory corruption

Added: 06/20/2007 CVE: CVE-2005-0555 BID: 13117 OSVDB: 15466 Background The Content Advisor is used to control what content is viewable in Internet Explorer. Problem A memory corruption vulnerability in the Content Advisor allows command execution when a user loads a specially crafted page in...

7.5CVSS7.8AI score0.58357EPSS
Exploits4
Saint
Saint
•added 2007/06/13 12:0 a.m.•27 views

Microsoft Speech API memory corruption

Added: 06/13/2007 CVE: CVE-2007-2222 BID: 24426 OSVDB: 35353 Background Microsoft Speech API allows development of Windows applications supporting speech-based interaction. Problem A memory corruption vulnerability in Microsoft Speech API 4 allows command execution when a user loads a specially...

9.3CVSS6.5AI score0.57521EPSS
Exploits5
Saint
Saint
•added 2007/05/25 12:0 a.m.•27 views

CA Console Server username buffer overflow

Added: 05/25/2007 CVE: CVE-2007-2522 BID: 23906 OSVDB: 34585 Background Multiple CA products include the inoweb Console Server which listens for connections on port 12168/TCP. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, speciall...

10CVSS7.7AI score0.26589EPSS
Exploits4
Saint
Saint
•added 2007/05/17 12:0 a.m.•27 views

Adobe Photoshop PNG file handling buffer overflow

Added: 05/17/2007 CVE: CVE-2007-2365 BID: 23698 OSVDB: 35465 Background Adobe Photoshop is an application for editing digital images. Problem A buffer overflow vulnerability in Adobe Photoshop allows command execution when a user opens a specially crafted PNG image file. Resolution Do not open PN...

9.3CVSS6.8AI score0.51052EPSS
Exploits4
Saint
Saint
•added 2007/04/25 12:0 a.m.•27 views

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

10CVSS7.9AI score0.24332EPSS
Exploits5
Saint
Saint
•added 2007/04/23 12:0 a.m.•27 views

LANDesk Management Suite Alert Service buffer overflow

Added: 04/23/2007 CVE: CVE-2007-1674 BID: 23483 OSVDB: 34964 Background LANDesk Management Suite automates systems and security management tasks across a network. It runs an Alert Service which listens for communication on port 65535/UDP. Problem A buffer overflow vulnerability in the Alert Servi...

10CVSS7.6AI score0.72864EPSS
Exploits10
Saint
Saint
•added 2007/03/22 12:0 a.m.•27 views

Mercury IMAP data continuation buffer overflow

Added: 03/22/2007 CVE: CVE-2007-1373 OSVDB: 33883 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the Mercury IMAP service when processing data continuation specifiers allows remote attackers to execute...

10CVSS7.8AI score0.58687EPSS
Exploits8
Saint
Saint
•added 2007/03/22 12:0 a.m.•27 views

McAfee ePolicy Orchestrator SiteManager ActiveX buffer overflow

Added: 03/22/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...

9.3CVSS7AI score0.07729EPSS
Exploits8
Saint
Saint
•added 2007/03/16 12:0 a.m.•27 views

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

6.8CVSS7.8AI score0.19398EPSS
Exploits5
Saint
Saint
•added 2007/02/09 12:0 a.m.•27 views

BrightStor ARCserve Backup Tape Engine opnum 0xCF buffer overflow

Added: 02/09/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31327 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
Saint
Saint
•added 2007/02/09 12:0 a.m.•27 views

BrightStor ARCserve Backup Tape Engine opnum 0xCF buffer overflow

Added: 02/09/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31327 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
Saint
Saint
•added 2007/02/07 12:0 a.m.•27 views

Internet Explorer VML integer overflow

Added: 02/07/2007 CVE: CVE-2007-0024 BID: 21930 OSVDB: 31250 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vgx.dll when processing VML elements in a web page allows arbitrary command execution. Resolution Apply the...

9.3CVSS6.8AI score0.46488EPSS
Exploits5
Saint
Saint
•added 2007/01/31 12:0 a.m.•27 views

Microsoft Help Workshop .CNT file buffer overflow

Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

9.3CVSS6.8AI score0.36385EPSS
Exploits5
Saint
Saint
•added 2007/01/19 12:0 a.m.•27 views

BrightStor ARCserve Message Engine opnum 0x2f buffer overflow

Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
Saint
Saint
•added 2007/01/05 12:0 a.m.•27 views

Novell NetMail NMAP STOR command buffer overflow

Added: 01/05/2007 CVE: CVE-2006-6424 BID: 21725 OSVDB: 31363 Background Novell NetMail servers include the Network Messaging Application Protocol NMAP service, which listens on port 689/TCP. Problem A buffer overflow in Novell NetMail allows remote attackers to execute arbitrary commands by sendi...

9CVSS7.8AI score0.57909EPSS
Exploits7
Saint
Saint
•added 2006/12/01 12:0 a.m.•27 views

MailEnable IMAP SELECT buffer overflow

Added: 12/01/2006 CVE: CVE-2006-6290 BID: 21362 OSVDB: 31698 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow vulnerability in the IMAP servic...

6.5CVSS7.5AI score0.03171EPSS
Exploits4
Saint
Saint
•added 2006/11/27 12:0 a.m.•27 views

WinZip FileView ActiveX control unsafe method

Added: 11/27/2006 CVE: CVE-2006-5198 BID: 21060 OSVDB: 30433 Background WinZip includes the FileView ActiveX control which provides a user interface similar to the file view pane in Windows Explorer. Problem The FileView ActiveX control is marked "safe for scripting" and exposes several unsafe...

4CVSS7AI score0.602EPSS
Exploits5
Saint
Saint
•added 2006/11/17 12:0 a.m.•27 views

Microsoft XMLHTTP ActiveX control setRequestHeader vulnerability

Added: 11/17/2006 CVE: CVE-2006-5745 BID: 20915 OSVDB: 30208 Background Microsoft XML Core Services includes the XMLHTTP ActiveX control, which allows web pages to send and receive XML data. Problem A memory corruption vulnerability in the XMLHTTP ActiveX control allows command execution when a...

7.6CVSS6.7AI score0.75946EPSS
Exploits7
Saint
Saint
•added 2006/11/03 12:0 a.m.•27 views

Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow

Added: 11/03/2006 CVE: CVE-2006-0272 BID: 16287 OSVDB: 22567 Background Oracle Database Server includes the DBMSXMLSCHEMA component, which contains procedures for managing XML schemas. Problem A buffer overflow vulnerability in the DBMSXMLSCHEMA.GENERATESCHEMA procedure allows database users to...

9CVSS7.5AI score0.05819EPSS
Exploits4
Saint
Saint
•added 2006/10/27 12:0 a.m.•27 views

Serv-U FTP Server MDTM timezone buffer overflow

Added: 10/27/2006 CVE: CVE-2004-0330 BID: 9751 OSVDB: 4073 Background Serv-U FTP Server supports the MDTM command which allows users to modify the time stamp on files. Problem A buffer overflow in Serv-U FTP Server allows remote authenticated attackers to execute arbitrary commands by sending the...

10CVSS7.6AI score0.8547EPSS
Exploits8
Saint
Saint
•added 2006/10/06 12:0 a.m.•27 views

Microsoft Message Queuing buffer overflow

Added: 10/06/2006 CVE: CVE-2005-0059 BID: 13112 OSVDB: 15458 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow in Microsoft Message Queuing allows remote attackers to execute arbitrary...

10CVSS7.5AI score0.76803EPSS
Exploits10
Saint
Saint
•added 2006/09/08 12:0 a.m.•27 views

WhatsUp Gold _maincfgret.cgi instancename buffer overflow

Added: 09/08/2006 CVE: CVE-2004-0798 BID: 11043 OSVDB: 9177 Background WhatsUp Professional formerly WhatsUp Gold is a network mapping and monitoring tool. Problem A buffer overflow in the WhatsUp Gold web interface allows remote command execution by requesting maincfgret.cgi with a long...

7.5CVSS7.1AI score0.62577EPSS
Exploits7
Saint
Saint
•added 2006/08/25 12:0 a.m.•27 views

McAfee Subscription Manager ActiveX buffer overflow

Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...

6.8CVSS6.9AI score0.33824EPSS
Exploits7
Saint
Saint
•added 2006/08/21 12:0 a.m.•27 views

IBM eGatherer ActiveX RunEgatherer buffer overflow

Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...

9.3CVSS6.8AI score0.08407EPSS
Exploits10
Saint
Saint
•added 2006/08/21 12:0 a.m.•27 views

IBM eGatherer ActiveX RunEgatherer buffer overflow

Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...

9.3CVSS6.8AI score0.08407EPSS
Exploits10
Saint
Saint
•added 2006/06/30 12:0 a.m.•27 views

MailEnable SMTP AUTH LOGIN buffer overflow

Added: 06/30/2006 CVE: CVE-2005-1781 BID: 13772 OSVDB: 16851 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem The SMTP service in MailEnable is affected by a...

5CVSS8AI score0.01768EPSS
Exploits4
Saint
Saint
•added 2006/06/26 12:0 a.m.•27 views

MailEnable HTTPMail Authorization header buffer overflow

Added: 06/26/2006 CVE: CVE-2005-1348 BID: 13350 OSVDB: 15737 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's HTTPMail...

7.5CVSS7.8AI score0.72622EPSS
Exploits6
Saint
Saint
•added 2006/06/09 12:0 a.m.•27 views

SpamAssassin spamd vpopmail user vulnerability

Added: 06/09/2006 CVE: CVE-2006-2447 BID: 18290 OSVDB: 26177 Background SpamAssassin identifies spam e-mail using a variety of local and network based tests. spamd is a component of SpamAssassin which allows it to run as a network daemon. Problem When the vpopmail -v and paranoid -P options are...

5.1CVSS6.5AI score0.74703EPSS
Exploits12
Saint
Saint
•added 2006/04/19 12:0 a.m.•27 views

BrightStor ARCserve Backup discovery service buffer overflow

Added: 04/19/2006 CVE: CVE-2005-2535 BID: 12536 OSVDB: 13814 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow in the discovery service allows remote attackers to execute arbitrary commands...

7.5CVSS7.7AI score0.80866EPSS
Exploits8
Saint
Saint
•added 2006/04/06 12:0 a.m.•27 views

TWiki revision control shell command injection

Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...

7.5CVSS7.4AI score0.71104EPSS
Exploits8
Saint
Saint
•added 2006/03/28 12:0 a.m.•27 views

Internet Explorer createTextRange memory corruption

Added: 03/28/2006 CVE: CVE-2006-1359 BID: 17196 OSVDB: 24050 Background The createTextRange dynamic HTML method creates a text range object for an HTML element. Problem A flaw in the handling of unexpected createTextRange method calls by certain HTML objects could result in command execution...

9.3CVSS6AI score0.68068EPSS
Exploits11
Saint
Saint
•added 2006/01/24 12:0 a.m.•27 views

Arkeia Type 77 Request buffer overflow

Added: 01/24/2006 CVE: CVE-2005-0491 BID: 12594 OSVDB: 14011 Background The Arkeia network backup software includes a daemon program called arkeiad which listens for connections on TCP port 617. Problem A buffer overflow in the processing of type 77 requests sent to the arkeiad listener allows...

10CVSS7.3AI score0.64901EPSS
Exploits13
Saint
Saint
•added 2005/12/30 12:0 a.m.•27 views

Windows WMF handling vulnerability

Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...

7.5CVSS6.3AI score0.86476EPSS
Exploits14
Saint
Saint
•added 2005/12/22 12:0 a.m.•27 views

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

7.5CVSS7.3AI score0.86365EPSS
Exploits9
Saint
Saint
•added 2005/12/20 12:0 a.m.•27 views

BrightStor ARCserve Backup agent for MS-SQL buffer overflow

Added: 12/20/2005 CVE: CVE-2005-1272 BID: 14453 OSVDB: 18501 Background BrightStor ARCserve Backup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in the backup agent for Microsoft SQL Server allows remote attackers to execute arbitrary commands. Resolution App...

7.5CVSS7.9AI score0.66121EPSS
Exploits8
Saint
Saint
•added 2005/12/04 12:0 a.m.•27 views

VERITAS NetBackup Volume Manager Daemon buffer overflow

Added: 12/04/2005 CVE: CVE-2005-3116 BID: 15353 OSVDB: 20674 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The Volume Manager Daemon VMD has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port...

10CVSS6.7AI score0.27617EPSS
Exploits5
Saint
Saint
•added 2026/06/23 12:0 a.m.•26 views

Joomla JCE profile import command execution

Added: 06/23/2026 Background JCE is a content editor for Joomla. Problem A vulnerability in JCE allows an unauthenticated user to execute arbitrary commands by importing a specially crafted editor profile. Resolution Upgrade to JCE 2.9.99.5 or higher. References...

6AI score
Exploits0
Saint
Saint
•added 2016/09/23 12:0 a.m.•26 views

SugarCRM REST deserialization vulnerability

Added: 09/23/2016 BID: 91413 Background SugarCRM is customer relationship management software written in PHP. Problem Improper use of the unserialize function inside the SugarRestSerialize.php script allows remote attackers to inject PHP objects, leading to arbitrary command execution. Resolution...

0.6AI score
Exploits0
Saint
Saint
•added 2016/08/11 12:0 a.m.•26 views

Easy File Sharing Web Server GET HTTP request vulnerability

Added: 08/11/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...

8.4AI score
Exploits0
Saint
Saint
•added 2016/02/29 12:0 a.m.•26 views

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

2.2AI score
Exploits0
Saint
Saint
•added 2015/08/13 12:0 a.m.•26 views

PCMan FTP Server PUT buffer overflow

Added: 08/13/2015 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability. Use a different FTP server, or block acce...

1AI score
Exploits0
Saint
Saint
•added 2015/04/27 12:0 a.m.•26 views

Samsung iPOLiS Device Manager ReadConfigValue vulnerability

Added: 04/27/2015 CVE: CVE-2015-0555 OSVDB: 118668 Background Samsung iPOLiS Device Manager is software for managing network devices. It comes with an ActiveX control called XnsSdkDeviceIpInstaller.ocx. Problem A buffer overflow vulnerability in the ReadConfigValue and WriteConfigValue methods in...

6.8CVSS6.8AI score0.06388EPSS
Exploits10
Saint
Saint
•added 2015/03/11 12:0 a.m.•26 views

PCMan FTP Server MKD buffer overflow

Added: 03/11/2015 CVE: CVE-2013-4730 BID: 60837 OSVDB: 94624 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability...

10CVSS7.7AI score0.67228EPSS
Exploits7
Saint
Saint
•added 2015/01/29 12:0 a.m.•26 views

WP Symposium Plugin for WordPress Arbitrary File Upload

Added: 01/29/2015 BID: 71686 OSVDB: 116046 Background WP Symposium is a social network plugin for WordPress. Problem WP Symposium Plugin for WordPress contains a vulnerability that allows a remote attacker to execute arbitrary PHP code. This vulnerability is due to the...

0.4AI score
Exploits0
Saint
Saint
•added 2013/08/08 12:0 a.m.•26 views

PineApp Mail-SeCure test_li_connection.php Command Injection

Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...

8.3AI score
Exploits0
Saint
Saint
•added 2013/06/03 12:0 a.m.•26 views

SAP NetWeaver SOAP RFC SXPG_CALL_SYSTEM Command Execution

Added: 06/03/2013 OSVDB: 93537 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Remote Function Call RFC is the standard SAP interface for communication between SAP systems. Transaction SM69 is used to create and maintain external operating...

7.6AI score
Exploits0
Saint
Saint
•added 2013/05/03 12:0 a.m.•26 views

Novell ZENworks Control Center file upload vulnerability

Added: 05/03/2013 CVE: CVE-2013-1080 BID: 58668 OSVDB: 91627 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

10CVSS7.5AI score0.77049EPSS
Exploits10
Total number of security vulnerabilities4305