Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2008/05/30 12:0 a.m.•26 views

IBM Lotus Sametime Community Services Multiplexer buffer overflow

Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...

7.5CVSS7.6AI score0.77466EPSS
Exploits9
Saint
Saint
•added 2008/05/07 12:0 a.m.•26 views

CA ARCserve Backup for Laptops and Desktops LGServer service code execution

Added: 05/07/2008 CVE: CVE-2008-1328 BID: 28616 OSVDB: 44320 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...

9.3CVSS7.8AI score0.23634EPSS
Exploits4
Saint
Saint
•added 2008/03/28 12:0 a.m.•26 views

rpc.ypupdated command injection vulnerability

Added: 03/28/2008 CVE: CVE-1999-0208 BID: 1749 OSVDB: 11517 Background Network Information Service NIS is a distributed database that allows you to maintain consistent configuration files throughout your network. rpc.ypupdated is an NIS service which is responsible for duplicating information fro...

10CVSS7.7AI score0.12856EPSS
Exploits5
Saint
Saint
•added 2008/03/21 12:0 a.m.•26 views

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

9.3CVSS7AI score0.50419EPSS
Exploits8
Saint
Saint
•added 2008/03/11 12:0 a.m.•26 views

Novell iPrint Control ActiveX control ExecuteRequest buffer overflow

Added: 03/11/2008 CVE: CVE-2008-0935 BID: 27939 OSVDB: 42063 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in the ExecuteReque...

10CVSS6.9AI score0.6514EPSS
Exploits8
Saint
Saint
•added 2008/02/22 12:0 a.m.•26 views

Microsoft Works File Converter index table vulnerability

Added: 02/22/2008 CVE: CVE-2008-0105 BID: 27658 OSVDB: 41458 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

9.3CVSS6.8AI score0.43757EPSS
Exploits5
Saint
Saint
•added 2007/11/30 12:0 a.m.•26 views

QuickTime RTSP Content-Type header buffer overflow

Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...

9.3CVSS6.8AI score0.41916EPSS
Exploits10
Saint
Saint
•added 2007/11/23 12:0 a.m.•26 views

Microsoft Jet Engine MDB file ColumnName buffer overflow

Added: 11/23/2007 CVE: CVE-2007-6026 BID: 26468 OSVDB: 44880 Background The Microsoft Jet Database Engine provides data access functionality for a number of applications. Problem A buffer overflow vulnerability in the Microsoft Jet Database Engine could lead to command execution when a user opens...

9.3CVSS6.7AI score0.28268EPSS
Exploits6
Saint
Saint
•added 2007/11/21 12:0 a.m.•26 views

Lotus Notes TagAttributeListCopy buffer overflow

Added: 11/21/2007 CVE: CVE-2007-4222 BID: 26200 OSVDB: 40949 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the TagAttributeListCopy function in nnotes.dll could allow command execution when a user receives a specially crafted e-mail message and forwar...

9.3CVSS6.9AI score0.04093EPSS
Exploits5
Saint
Saint
•added 2007/10/15 12:0 a.m.•26 views

Kodak Image Viewer TIFF image handling vulnerability

Added: 10/15/2007 CVE: CVE-2007-2217 BID: 25909 OSVDB: 37627 Background The Windows Kodak Image Viewer is a utility for rendering various image formats. It is included in Windows 2000, and may also be present on newer versions of Windows if a computer was upgraded from Windows 2000. Problem A...

9.3CVSS6.5AI score0.41415EPSS
Exploits7
Saint
Saint
•added 2007/07/13 12:0 a.m.•26 views

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

7.5CVSS7.9AI score0.02634EPSS
Exploits4
Saint
Saint
•added 2007/07/09 12:0 a.m.•26 views

Trend Micro ServerProtect SpntSvc.exe CreateBinding buffer overflow

Added: 07/09/2007 CVE: CVE-2007-2508 BID: 23868 OSVDB: 35790 Background Trend Micro ServerProtect is a virus scanner for servers. It includes the SpntSvc.exe daemon which listens for connections on port 5168/TCP. Problem A buffer overflow vulnerability in the CAgRpcClient::CreateBinding function ...

10CVSS7.8AI score0.77194EPSS
Exploits18
Saint
Saint
•added 2007/06/27 12:0 a.m.•26 views

Linux kernel ptrace privilege elevation vulnerability

Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...

7.2CVSS6AI score0.01584EPSS
Exploits5
Saint
Saint
•added 2007/06/18 12:0 a.m.•26 views

Trend Micro ServerProtect CMON_ActiveUpdate buffer overflow

Added: 06/18/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the CMONActiveUpdate and CMONActiveRollback functions allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
•added 2007/06/08 12:0 a.m.•26 views

Yahoo Messenger Webcam Viewer ActiveX control buffer overflow

Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...

9.3CVSS6.7AI score0.12339EPSS
Exploits5
Saint
Saint
•added 2007/05/24 12:0 a.m.•26 views

Microsoft Excel Named Graph record buffer overflow

Added: 05/24/2007 CVE: CVE-2007-0215 BID: 23760 OSVDB: 34393 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...

7.6CVSS6.7AI score0.31546EPSS
Exploits4
Saint
Saint
•added 2007/03/15 12:0 a.m.•26 views

SupportSoft tgctlsi.dll ActiveX control buffer overflow

Added: 03/15/2007 CVE: CVE-2006-6490 BID: 22564 OSVDB: 33481 Background SupportSoft ActiveX controls are used by third-party products to provide remote technical support. Problem SupportSoft ActiveX controls are affected by multiple buffer overflow vulnerabilities which can lead to command...

10CVSS7.2AI score0.1034EPSS
Exploits4
Saint
Saint
•added 2007/03/02 12:0 a.m.•26 views

Trend Micro ServerProtect ENG_SendEMail buffer overflow

Added: 03/02/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSendEMail function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
•added 2007/02/16 12:0 a.m.•26 views

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

10CVSS7.8AI score0.44457EPSS
Exploits5
Saint
Saint
•added 2006/06/09 12:0 a.m.•26 views

7-Zip ARJ archive handling buffer overflow

Added: 06/09/2006 CVE: CVE-2005-3051 BID: 14925 OSVDB: 19639 Background 7-Zip is a free file archiver for Windows platforms. Problem A buffer overflow vulnerability in 7-Zip could allow code execution when a specially crafted ARJ file is opened. Resolution Upgrade to 7-Zip 4.27 beta or higher...

9.3CVSS7.2AI score0.06053EPSS
Exploits4
Saint
Saint
•added 2006/05/17 12:0 a.m.•26 views

FreeSSHd key exchange buffer overflow

Added: 05/17/2006 CVE: CVE-2006-2407 BID: 17958 OSVDB: 25463 Background freeSSHd is a free SSH server based on WeOnlyDo wodSSHServer. Problem wodSSHServer and its derivatives, including freeSSHd, are affected by a buffer overflow vulnerability in the key exchange algorithm. A remote attacker can...

7.5CVSS7.6AI score0.71375EPSS
Exploits11
Saint
Saint
•added 2006/03/31 12:0 a.m.•26 views

RealPlayer invalid chunk header heap overflow

Added: 03/31/2006 CVE: CVE-2005-2922 BID: 17202 OSVDB: 24062 Background RealPlayer, RealOne Player, and Helix Player include an embedded player which plays media embedded in a web page. Problem A chunked HTTP response containing an invalid or missing chunk header results in a heap overflow, leadi...

9.3CVSS6.5AI score0.05783EPSS
Exploits5
Saint
Saint
•added 2006/03/10 12:0 a.m.•26 views

WS_FTP MKD command buffer overflow

Added: 03/10/2006 CVE: CVE-2004-1135 BID: 11772 OSVDB: 12509 Background WSFTP Server is an FTP server for Windows platforms. Problem A buffer overflow vulnerability in the MKD command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker...

5CVSS7.2AI score0.49642EPSS
Exploits7
Saint
Saint
•added 2006/03/07 12:0 a.m.•26 views

Microsoft Visual Studio .dbp and .sln buffer overflow

Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...

5.1CVSS7AI score0.22396EPSS
Exploits5
Saint
Saint
•added 2006/02/24 12:0 a.m.•26 views

Windows NetDDE buffer overflow

Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...

7.5CVSS7.5AI score0.77002EPSS
Exploits8
Saint
Saint
•added 2006/02/24 12:0 a.m.•26 views

Windows NetDDE buffer overflow

Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...

7.5CVSS7.4AI score0.77002EPSS
Exploits8
Saint
Saint
•added 2006/01/30 12:0 a.m.•26 views

FrontPage fp30reg.dll remote debug buffer overflow

Added: 01/30/2006 CVE: CVE-2003-0822 BID: 9007 OSVDB: 2952 Background Microsoft FrontPage Server Extensions includes a remote debugging function. Problem A buffer overflow in fp30reg.dll leads to a vulnerability in the remote debug function in FrontPage Server Extensions. A remote attacker could...

7.5CVSS7.4AI score0.83075EPSS
Exploits10
Saint
Saint
•added 2006/01/24 12:0 a.m.•26 views

QuickTime JPEG buffer overflow

Added: 01/24/2006 CVE: CVE-2005-2340 BID: 16212 OSVDB: 22335 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution when a user opens a specially crafted JPEG file. Resolution Upgrade to QuickTime 7.0.4 or higher...

7.5CVSS6.7AI score0.25506EPSS
Exploits5
Saint
Saint
•added 2005/12/20 12:0 a.m.•26 views

BrightStor ARCserve Backup agent for MS-SQL buffer overflow

Added: 12/20/2005 CVE: CVE-2005-1272 BID: 14453 OSVDB: 18501 Background BrightStor ARCserve Backup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in the backup agent for Microsoft SQL Server allows remote attackers to execute arbitrary commands. Resolution App...

7.5CVSS7.9AI score0.66121EPSS
Exploits8
Saint
Saint
•added 2005/12/14 12:0 a.m.•26 views

Computer Associates License Service GETCONFIG buffer overflow

Added: 12/14/2005 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability exists in the processing of GETCONFIG messages...

4.6CVSS6.5AI score0.46344EPSS
Exploits24
Saint
Saint
•added 2005/11/29 12:0 a.m.•26 views

MailEnable IMAP STATUS buffer overflow

Added: 11/29/2005 CVE: CVE-2005-2278 BID: 14243 OSVDB: 17844 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...

7.2CVSS7.4AI score0.8464EPSS
Exploits8
Saint
Saint
•added 2005/11/29 12:0 a.m.•26 views

Novell eDirectory iMonitor buffer overflow

Added: 11/29/2005 CVE: CVE-2005-2551 BID: 14548 OSVDB: 18703 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow when processing long HTTP or HTTPS requests leads to remote command execution. Resolution Upgrade to eDirectory 8.7.3 IR7 or highe...

7.5CVSS7.1AI score0.55424EPSS
Exploits7
Saint
Saint
•added 2005/11/04 12:0 a.m.•26 views

Sybase EAServer WebConsole buffer overflow

Added: 11/04/2005 CVE: CVE-2005-2297 BID: 14287 OSVDB: 17995 Background Sybase EAServer is a web application server. Problem A buffer overflow in the Sybase EAServer WebConsole allows a remote attcker to execute arbitrary commands by requesting /WebConsole/Login.jsp with a long query string...

4.6CVSS7.8AI score0.74202EPSS
Exploits6
Saint
Saint
•added 2019/04/16 12:0 a.m.•25 views

KACE K1000 Remote Code Execution

Added: 04/16/2019 Background KACE Systems Management Appliance manages, secures, and services network-connected devices. Problem A vulnerability in KACE Systems Management Appliance K1000 could allow unauthenticated command execution. Resolution Upgrade to the latest version of your KACE Systems...

7.7AI score
Exploits0
Saint
Saint
•added 2018/07/20 12:0 a.m.•25 views

Apache Hadoop YARN ResourceManager remote command execution

Added: 07/20/2018 Background Apache Hadoop is a framework that allows for the distributed processing of large data sets across clusters of computers. YARN Yet Another Resource Negotiator is the component of Apache Hadoop which manages resources. Problem A vulnerability in the REST API in the YARN...

8.2AI score
Exploits0
Saint
Saint
•added 2016/04/15 12:0 a.m.•25 views

vBulletin decodeArguments serialized object vulnerability

Added: 04/15/2016 CVE: CVE-2015-7808 Background vBulletin is PHP software for building community websites. Problem A vulnerability in vBulletin 5 Connect allows remote attackers to execute arbitrary PHP code by placing a specially crafted serialized object in the arguments parameter to the...

7.5CVSS7.3AI score0.80635EPSS
Exploits12
Saint
Saint
•added 2015/07/30 12:0 a.m.•25 views

D-Link Cookie command injection

Added: 07/30/2015 Background D-Link produces a variety of routers, switches, and other network equipment for home users and businesses. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted cookie in an HTTP request...

2.4AI score
Exploits0
Saint
Saint
•added 2014/07/14 12:0 a.m.•25 views

GitList blame resource command injection

Added: 07/14/2014 CVE: CVE-2014-4511 BID: 68253 OSVDB: 108504 Background GitList is a web-based git repository viewer. Problem A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the blame resource. Resolution Upgrade to...

7.5CVSS7.3AI score0.8273EPSS
Exploits16
Saint
Saint
•added 2014/07/02 12:0 a.m.•25 views

Easy File Management Web Server UserID Cookie Handling Buffer Overflow

Added: 07/02/2014 BID: 67542 OSVDB: 107241 Background Easy File Management Web Server is a Microsoft Windows based file management application that allows remote users to upload and download files through a web browser. It also supports online editing of Word, Excel, PowerPoint and PDF documents ...

0.7AI score
Exploits0
Saint
Saint
•added 2014/03/21 12:0 a.m.•25 views

HP Data Protector Backup Client Service EXEC_BAR Packet Vulnerability

Added: 03/21/2014 CVE: CVE-2013-2347 BID: 64647 OSVDB: 101626 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. HP Data Protector's Backup Client Service OmniInet.exe listens on TCP port 5555 for communications between managed systems...

10CVSS7.7AI score0.66409EPSS
Exploits14
Saint
Saint
•added 2014/03/06 12:0 a.m.•25 views

Eudora WorldMail IMAPd UID Command Buffer Overflow Vulnerability

Added: 03/06/2014 BID: 65650 OSVDB: 104071 Background Eudora WorldMail is an e-mail server for Windows. Problem Eudora WorldMail version 9.0.333.0 and probably earlier IMAPd service is vulnerable to buffer overflow as a result of improper validation of user-supplied input when handling UID...

7.7AI score
Exploits0
Saint
Saint
•added 2013/07/03 12:0 a.m.•25 views

SAP NetWeaver SOAP RFC SXPG_COMMAND_EXECUTE Command Execution

Added: 07/03/2013 BID: 55084 OSVDB: 93536 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Remote Function Call RFC is the standard SAP interface for communication between SAP systems. Transaction SM69 is used to create and maintain externa...

0.8AI score
Exploits0
Saint
Saint
•added 2013/07/03 12:0 a.m.•25 views

SAP NetWeaver SOAP RFC SXPG_COMMAND_EXECUTE Command Execution

Added: 07/03/2013 BID: 55084 OSVDB: 93536 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Remote Function Call RFC is the standard SAP interface for communication between SAP systems. Transaction SM69 is used to create and maintain externa...

0.8AI score
Exploits0
Saint
Saint
•added 2012/11/05 12:0 a.m.•25 views

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

0.4AI score
Exploits0
Saint
Saint
•added 2012/10/12 12:0 a.m.•25 views

Novell File Reporter NFRAgent.exe VOL tag buffer overflow

Added: 10/12/2012 BID: 55268 OSVDB: 85503 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist...

2.5AI score
Exploits0
Saint
Saint
•added 2012/10/12 12:0 a.m.•25 views

HP Diagnostics magentservice.exe Malformed Packet Parsing Vulnerability

Added: 10/12/2012 BID: 55159 OSVDB: 84855 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem HP Diagnostics Server has a buffer overflow vulnerability in the magentservice.exe process that could allow...

8.3AI score
Exploits0
Saint
Saint
•added 2012/08/24 12:0 a.m.•25 views

Symantec Web Gateway pbcontrol.php Command Injection

Added: 08/24/2012 CVE: CVE-2012-2953 BID: 54426 OSVDB: 84120 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway 5.0.x.x before 5.0.3.18 is vulnerable to command injection due to...

10CVSS7.5AI score0.67389EPSS
Exploits9
Saint
Saint
•added 2012/08/20 12:0 a.m.•25 views

HP Operations Agent Opcode 0x8c vulnerability

Added: 08/20/2012 CVE: CVE-2012-2020 BID: 54362 OSVDB: 83674 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...

10CVSS7.8AI score0.64685EPSS
Exploits8
Saint
Saint
•added 2012/08/06 12:0 a.m.•25 views

HP Operations Agent Opcode 0x34 vulnerability

Added: 08/06/2012 CVE: CVE-2012-2019 BID: 54362 OSVDB: 83673 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...

10CVSS7.8AI score0.64685EPSS
Exploits8
Saint
Saint
•added 2012/05/31 12:0 a.m.•25 views

IBM Lotus Quickr QP2 ActiveX Overflow

Added: 05/31/2012 CVE: CVE-2012-2176 BID: 53678 OSVDB: 82166 Background IBM Lotus Quickr is a team collaboration solution that provides teams with a data repository, and interfaces with Lotus Notes, Sametime, Symphony, and more. Problem The Lotus Quickr client installs several ActiveX controls on...

9.3CVSS6.4AI score0.31173EPSS
Exploits10
Total number of security vulnerabilities4305