4300 matches found
Apache Struts REST plugin XStream deserialization vulnerability
Added: 09/08/2017 CVE: CVE-2017-9805 BID: 100609 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The REST plugi...
Apache Struts REST plugin XStream deserialization vulnerability
Added: 09/08/2017 CVE: CVE-2017-9805 BID: 100609 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The REST plugi...
Apache Struts REST plugin XStream deserialization vulnerability
Added: 09/08/2017 CVE: CVE-2017-9805 BID: 100609 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The REST plugi...
Jenkins groovy.util.Expando Java deserialization vulnerability
Added: 08/15/2017 CVE: CVE-2016-0792 BID: 83720 Background Jenkins is a standalone, open-source automation server written in Java. Problem A deserialization vulnerability in the groovy.util.Expando class allows a remote attacker to execute arbitrary commands by requesting createItem with speciall...
Jenkins groovy.util.Expando Java deserialization vulnerability
Added: 08/15/2017 CVE: CVE-2016-0792 BID: 83720 Background Jenkins is a standalone, open-source automation server written in Java. Problem A deserialization vulnerability in the groovy.util.Expando class allows a remote attacker to execute arbitrary commands by requesting createItem with speciall...
Jenkins groovy.util.Expando Java deserialization vulnerability
Added: 08/15/2017 CVE: CVE-2016-0792 BID: 83720 Background Jenkins is a standalone, open-source automation server written in Java. Problem A deserialization vulnerability in the groovy.util.Expando class allows a remote attacker to execute arbitrary commands by requesting createItem with speciall...
Internet Explorer mshtml.dll Memory Corruption Vulnerability
Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...
Internet Explorer mshtml.dll Memory Corruption Vulnerability
Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...
Internet Explorer mshtml.dll Memory Corruption Vulnerability
Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...
Windows SMB PsImpersonateClient null token vulnerability
Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...
Windows SMB PsImpersonateClient null token vulnerability
Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...
Windows SMB PsImpersonateClient null token vulnerability
Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...
Samba shared library upload and execution
Added: 06/08/2017 CVE: CVE-2017-7494 BID: 98636 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in Samba allows a remote attacker to upload a shared object library to a writab...
Samba shared library upload and execution
Added: 06/08/2017 CVE: CVE-2017-7494 BID: 98636 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in Samba allows a remote attacker to upload a shared object library to a writab...
Samba shared library upload and execution
Added: 06/08/2017 CVE: CVE-2017-7494 BID: 98636 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in Samba allows a remote attacker to upload a shared object library to a writab...
PHPMailer Command Injection in WordPress Core via Exim
Added: 05/17/2017 BID: 95108 Background Wordpress is a free and open-source content management system CMS based on PHP and MySQL. WordPress uses PHPMailer, which is a PHP class used for sending email from PHP. PHPMailer provides an interface to the system's mail transfer agent MTA, such as...
PHPMailer Command Injection in WordPress Core via Exim
Added: 05/17/2017 BID: 95108 Background Wordpress is a free and open-source content management system CMS based on PHP and MySQL. WordPress uses PHPMailer, which is a PHP class used for sending email from PHP. PHPMailer provides an interface to the system's mail transfer agent MTA, such as...
PHPMailer Command Injection in WordPress Core via Exim
Added: 05/17/2017 BID: 95108 Background Wordpress is a free and open-source content management system CMS based on PHP and MySQL. WordPress uses PHPMailer, which is a PHP class used for sending email from PHP. PHPMailer provides an interface to the system's mail transfer agent MTA, such as...
Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)
Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...
Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)
Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...
Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)
Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...
Windows SMBv1 Remote Command Execution
Added: 04/26/2017 CVE: CVE-2017-0143 BID: 96703 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A vulnerability in the...
Windows SMBv1 Remote Command Execution
Added: 04/26/2017 CVE: CVE-2017-0143 BID: 96703 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A vulnerability in the...
Windows SMBv1 Remote Command Execution
Added: 04/26/2017 CVE: CVE-2017-0143 BID: 96703 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A vulnerability in the...
Microsoft Word and WordPad RTF HTA handler command execution
Added: 04/20/2017 CVE: CVE-2017-0199 BID: 97498 Background Rich Text Format RTF is a text file format supported by various Microsoft products and word processors. RTF supports text styling, images, and embedded objects. Problem A vulnerability in Microsoft Word and WordPad could allow command...
Microsoft Word and WordPad RTF HTA handler command execution
Added: 04/20/2017 CVE: CVE-2017-0199 BID: 97498 Background Rich Text Format RTF is a text file format supported by various Microsoft products and word processors. RTF supports text styling, images, and embedded objects. Problem A vulnerability in Microsoft Word and WordPad could allow command...
Microsoft Word and WordPad RTF HTA handler command execution
Added: 04/20/2017 CVE: CVE-2017-0199 BID: 97498 Background Rich Text Format RTF is a text file format supported by various Microsoft products and word processors. RTF supports text styling, images, and embedded objects. Problem A vulnerability in Microsoft Word and WordPad could allow command...
Disk Savvy Enterprise long URI in GET request buffer overflow
Added: 03/16/2017 CVE: CVE-2017-6187 BID: 96401 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in the built-in web server in Disk Savvy Enterprise could allow remote code execution when handling a long URI in a GET request. Resolution Contact the vendor...
Disk Savvy Enterprise long URI in GET request buffer overflow
Added: 03/16/2017 CVE: CVE-2017-6187 BID: 96401 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in the built-in web server in Disk Savvy Enterprise could allow remote code execution when handling a long URI in a GET request. Resolution Contact the vendor...
Apache Struts 2 Jakarta Multipart Parser file upload command execution
Added: 03/16/2017 CVE: CVE-2017-5638 BID: 96729 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The Jakarta...
Apache Struts 2 Jakarta Multipart Parser file upload command execution
Added: 03/16/2017 CVE: CVE-2017-5638 BID: 96729 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The Jakarta...
Apache Struts 2 Jakarta Multipart Parser file upload command execution
Added: 03/16/2017 CVE: CVE-2017-5638 BID: 96729 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem The Jakarta...
Disk Savvy Enterprise long URI in GET request buffer overflow
Added: 03/16/2017 CVE: CVE-2017-6187 BID: 96401 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in the built-in web server in Disk Savvy Enterprise could allow remote code execution when handling a long URI in a GET request. Resolution Contact the vendor...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
WebEx browser extension command execution
Added: 01/26/2017 CVE: CVE-2017-3823 BID: 95737 Background Cisco WebEx is an online meeting solution. Extensions are available for all major web browsers, which enable users to join meetings from their browser. Problem A vulnerability in the WebEx browser extensions allows command execution when ...
WebEx browser extension command execution
Added: 01/26/2017 CVE: CVE-2017-3823 BID: 95737 Background Cisco WebEx is an online meeting solution. Extensions are available for all major web browsers, which enable users to join meetings from their browser. Problem A vulnerability in the WebEx browser extensions allows command execution when ...
WebEx browser extension command execution
Added: 01/26/2017 CVE: CVE-2017-3823 BID: 95737 Background Cisco WebEx is an online meeting solution. Extensions are available for all major web browsers, which enable users to join meetings from their browser. Problem A vulnerability in the WebEx browser extensions allows command execution when ...
Swift Mailer PwnScriptum Command Injection
Added: 01/17/2017 BID: 95140 Background Swift Mailer is a component-based library used for sending email from PHP. It is used by many PHP programming frameworks, e.g., Yii2, Laraval, and Symfony. Problem Swift Mailer library mail transport SwiftTransportMailTransport is vulnerable to command...
Swift Mailer PwnScriptum Command Injection
Added: 01/17/2017 BID: 95140 Background Swift Mailer is a component-based library used for sending email from PHP. It is used by many PHP programming frameworks, e.g., Yii2, Laraval, and Symfony. Problem Swift Mailer library mail transport SwiftTransportMailTransport is vulnerable to command...
Swift Mailer PwnScriptum Command Injection
Added: 01/17/2017 BID: 95140 Background Swift Mailer is a component-based library used for sending email from PHP. It is used by many PHP programming frameworks, e.g., Yii2, Laraval, and Symfony. Problem Swift Mailer library mail transport SwiftTransportMailTransport is vulnerable to command...
PHPMailer PwnScriptum Remote Code Execution
Added: 01/05/2017 BID: 95108 Background PHPMailer is a PHP class used for sending email from PHP. It is used by many open-source projects, e.g., WordPress, Drupal, and Joomla. Problem PHPMailer class mailSend function is vulnerable to command injection due to failure to properly sanitize the...
PHPMailer PwnScriptum Remote Code Execution
Added: 01/05/2017 BID: 95108 Background PHPMailer is a PHP class used for sending email from PHP. It is used by many open-source projects, e.g., WordPress, Drupal, and Joomla. Problem PHPMailer class mailSend function is vulnerable to command injection due to failure to properly sanitize the...
PHPMailer PwnScriptum Remote Code Execution
Added: 01/05/2017 BID: 95108 Background PHPMailer is a PHP class used for sending email from PHP. It is used by many open-source projects, e.g., WordPress, Drupal, and Joomla. Problem PHPMailer class mailSend function is vulnerable to command injection due to failure to properly sanitize the...
McAfee VirusScan Enterprise for Linux authentication token brute force
Added: 12/23/2016 CVE: CVE-2016-8023 BID: 94823 Background McAfee VirusScan Enterprise for Linux is real-time, anti-malware software for Linux. Problem McAfee VirusScan Enterprise for Linux allows remote attackers to execute arbitrary commands by exploiting multiple vulnerabilities, including the...
McAfee VirusScan Enterprise for Linux authentication token brute force
Added: 12/23/2016 CVE: CVE-2016-8023 BID: 94823 Background McAfee VirusScan Enterprise for Linux is real-time, anti-malware software for Linux. Problem McAfee VirusScan Enterprise for Linux allows remote attackers to execute arbitrary commands by exploiting multiple vulnerabilities, including the...
McAfee VirusScan Enterprise for Linux authentication token brute force
Added: 12/23/2016 CVE: CVE-2016-8023 BID: 94823 Background McAfee VirusScan Enterprise for Linux is real-time, anti-malware software for Linux. Problem McAfee VirusScan Enterprise for Linux allows remote attackers to execute arbitrary commands by exploiting multiple vulnerabilities, including the...
Disk Savvy Enterprise GET buffer overflow
Added: 12/01/2016 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in Disk Savvy Enterprise when handling GET requests could allow remote code execution. Resolution Upgrade to a version higher than 9.1.14 when available. References Limitations Exploit wor...
Disk Savvy Enterprise GET buffer overflow
Added: 12/01/2016 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in Disk Savvy Enterprise when handling GET requests could allow remote code execution. Resolution Upgrade to a version higher than 9.1.14 when available. References...