4305 matches found
HP Operations Manager hidden Tomcat account
Added: 06/18/2010 CVE: CVE-2009-3843 BID: 37086 OSVDB: 60317 Background HP Operations Manager is a consolidated event and performance management console that correlates infrastructure, network and end-user experience events across an IT infrastructure. Problem A hidden Apache Tomcat account allow...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
VLC media player TY file parse_master buffer overflow
Added: 12/04/2008 CVE: CVE-2008-4654 BID: 31813 OSVDB: 49181 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability in the parsemaster function in the Ty demux plugin allows command execution when a...
CoolPlayer m3u playlist processing filename buffer overflow
Added: 08/13/2008 CVE: CVE-2008-3408 BID: 30418 OSVDB: 47194 Background CoolPlayer is a free audio player for Windows platforms. Problem A buffer overflow vulnerability in CoolPlayer allows command execution when a user opens an m3u playlist file containing a specially crafted filename. Resolutio...
telnetd argument injection vulnerability
Added: 01/26/2026 Background The Telnet service allows remote users to authenticate to a system and use an interactive command shell. The Telnet service is implemented by the Telnet daemon, telnetd. Problem The telnetd program included in GNU Inetutils allows authentication to be bypassed with a ...
BentoML runner server deserialization vulnerability
Added: 10/24/2025 CVE: CVE-2024-9070 Background BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Problem A deserialization vulnerability in the BentoML runner server allows remote attackers to execute arbitrary commands by sending a...
HP Power Manager Remote Code Execution
Added: 11/06/2009 CVE: CVE-2009-2685 BID: 36933 OSVDB: 59684 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A stack-based buffer overflow in the HP Power Manager management web server allows...
IMail IMAP LOGIN special character vulnerability
Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...
Oracle HTTP Server and Weblogic Proxy Plug-in vulnerability
Added: 01/23/2026 Background Oracle HTTP Server is the web server component for Oracle Fusion Middleware. Problem A vulnerability in Oracle HTTP Server and Weblogic Proxy Plug-in could allow a remote attacker to execute arbitrary commands by requesting a specially crafted path which allows...
React Server Components deserialization vulnerability
Added: 12/11/2025 Background React is a Javascript library for building user interfaces. React Server Components are React components designed for running on web servers. Problem A deserialization vulnerability in React Server Components allows a remote attacker to execute arbitrary commands by...
VMware VCenter Server file upload
Added: 02/25/2021 Background VMware VCenter Server is server management software for controlling VMware VSphere environments. Problem A vulnerability in VMware VCenter Server allows remote, unauthenticated attackers to upload files to arbitrary locations on the server, leading to command executio...
netkit telnetd nextitem vulnerability
Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...
Webmin password_change.cgi backdoor
Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
SugarCRM EmailTemplates PNG file upload
Added: 03/22/2023 Background SugarCRM is customer relationship management software written in PHP. Problem A vulnerability in the EmailTemplates module allows remote, unauthenticated attackers to execute arbitrary commands on the server by uploading a PNG image file containing embedded PHP code...
Sophos UTM Webadmin remote command execution
Added: 08/27/2021 Background Sophos UTM is a network security appliance. Problem A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request. Resolution Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 ...
Microsoft Office PNG File Handling Buffer Overflow
Added: 06/18/2013 CVE: CVE-2013-1331 BID: 60408 OSVDB: 94127 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem An error in Microsoft Office 2003 SP3 for Windows when...
Internet Explorer VML Dashstyle Attributes Integer Overflow
Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
Windows SMB2 buffer overflow
Added: 09/20/2010 CVE: CVE-2009-3103 BID: 36299 OSVDB: 57799 Background SMB2 is the replacement protocol for the SMB Windows filesharing protocol. Problem A buffer overflow vulnerability in the SMB2 Service allows remote attackers to execute arbitrary commands. Resolution Apply the patch referenc...
CraftCMS generate-transform command injection
Added: 03/25/2026 Background CraftCMS is a content management system written in PHP. Problem A vulnerability in CraftCMS allows remote attackers to inject arbitrary PHP code into the session file and then execute it using a specially crafted request to generate-transform. Resolution Upgrade to...
Apache HugeGraph Gremlin command injection
Added: 08/20/2024 Background Apache HugeGraph is a graph database. HugeGraph supports Gremlin, a graph traversal language. Problem A vulnerability in Apache HugeGraph allows remote attackers to bypass sandbox restrictions and execute arbitrary commands through Gremlin. Resolution Upgrade to...
Airspan AirSpot pingDiagnostic command injection
Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...
Bash environment variable code injection over HTTP
Added: 09/26/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Problem The Bash shell executes commands injected after function definitions contained in environment variables. This could be used by a...
Java Runtime Environment java.awt.image.IntegerComponentRaster buffer overflow
Added: 09/04/2013 CVE: CVE-2013-2471 BID: 60659 OSVDB: 94357 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
IBM Rational ClearQuest CQOle ActiveX
Added: 05/30/2012 CVE: CVE-2012-0708 BID: 53170 OSVDB: 81443 Background Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker. Problem The ClearQuest web client installs ActiveX modules on the client system. Thes...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
ntdll.dll buffer overflow via IIS 5.0 WebDAV
Added: 07/18/2006 CVE: CVE-2003-0109 BID: 7116 OSVDB: 4467 Background The dynamic link library ntdll.dll is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS. Problem A buffer overflow in ntdll.dll allo...
Windows SMBv1 Remote Command Execution
Added: 04/26/2017 CVE: CVE-2017-0143 BID: 96703 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A vulnerability in the...
Adobe Flash Player Object Confusion Code Execution
Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...
Sun Java Web Start JNLP file j2se element heap-size buffer overflow
Added: 07/23/2008 CVE: CVE-2008-3111 BID: 30148 OSVDB: 46959 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A buffer overflow vulnerability in Sun Java Web Start allows command execution when the us...
Rejetto HTTP File Server template injection
Added: 07/10/2024 Background Rejetto HTTP File Server is a web-based file system application. Problem A template injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted GET request. Resolution Upgrade to a version higher than HTTP File Server H...
Windows SMB PsImpersonateClient null token vulnerability
Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...
FortiOS Fortimanager_Access SSH account backdoor
Added: 01/25/2016 CVE: CVE-2016-1909 Background FortiOS is the operating system used by FortiGate network security appliances. Problem An undocumented account can be used to gain unauthorized access to the appliance. Resolution Upgrade to FortiOS 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0, or...
ABRT/sosreport privilege elevation
Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...
Java MBeanInstantiator findClass and Introspector Sandbox Escape
Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Novell GroupWise Client IMG SRC buffer overflow
Added: 01/15/2008 CVE: CVE-2007-6435 BID: 26875 OSVDB: 40870 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability in the GroupWise client allows command execution when a user replies to or forwards a message containing an IMG tag with a...
WingFTP username null byte command execution
Added: 07/02/2025 Background Wing FTP Server is free FTP server software for Windows, Linux, and Mac OS. Problem A command injection vulnerability allows a remote unauthenticated attacker to execute arbitrary commands by sending a username with a null byte in a login request. Resolution Upgrade t...
GeoServer JAI-EXT extension command injection
Added: 06/27/2024 Background GeoServer is an open source server for sharing geospatial data. Java Advanced Imaging JAI is an API which provides a set of high level objects for the image processing. JAI-EXT is an open source project which extends the JAI API. Jiffle is a map algebra language...
WebSVN search command execution
Added: 06/23/2021 Background WebSVN is a web interface for Subversion repositories. Problem A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request. Resolution Upgrade to WebSVN 2.6.1 or higher. Referenc...
Solaris SunSSH libpam buffer overflow
Added: 01/08/2021 Background SunSSH is a fork of OpenSSH for Solaris. It provides remote login capability on Solaris platforms. Problem A buffer overflow vulnerability in libpam could allow a remote attacker to execute arbitrary commands by sending a specially crafted authentication request to...
vBulletin remote command execution via the widgetConfig[code] parameter
Added: 09/27/2019 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem vBulletin allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request. Resolution Upgrade vBulletin to version higher th...
Ubuntu overlayfs privilege elevation
Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...
Bash Environment Variable Handling Shell Command Injection Via CUPS
Added: 11/05/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. CUPS is printing software for UNIX-like systems that allows a computer to act as a print server. Problem The Bash shell executes command...
Adobe Reader CoolType.dll buffer overflow
Added: 09/17/2010 CVE: CVE-2010-2883 BID: 43057 OSVDB: 67849 Background Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING tabl...
Apache chunked encoding buffer overflow
Added: 05/08/2006 CVE: CVE-2002-0392 BID: 5033 OSVDB: 838 Background Apache web servers support chunked encoding, which is used by a web client to send data to the server in parts, or chunks. Problem A flaw in the calculation of the size of chunked encoding leads to a buffer overflow, allowing...
Microsoft Exchange X-LINK2STATE buffer overflow
Added: 01/13/2006 CVE: CVE-2005-0560 BID: 13118 OSVDB: 15467 Background Microsoft Exchange is an e-mail server for Microsoft Windows operating systems. Problem A buffer overflow condition in the handling of the X-LINK2STATE extended verb could allow a remote attacker to execute arbitrary commands...
Ruby on Rails XML Processor YAML Deserialization
Added: 02/15/2013 CVE: CVE-2013-0156 BID: 57187 OSVDB: 89026 Background Ruby on Rails is a full stack, Web application framework optimized for sustainable programming productivity, allowing writing sound code by favoring convention over configuration. Problem Ruby on Rails versions prior to 2.3.1...
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...