Lucene search
K
Vulncheck KevRecent

4985 matches found

VulnCheck KEV
VulnCheck KEV
added 2008/06/25 12:0 a.m.3 views

VulnCheck KEV: CVE-2008-2641

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."...

10CVSS6.2AI score0.2219EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2008/05/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-0071

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer...

9.3CVSS7.8AI score0.92501EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2008/05/13 12:0 a.m.6 views

VulnCheck KEV: CVE-2007-6026

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 aka Microsoft Jet Engine, as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column...

9.3CVSS6.4AI score0.28268EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
added 2008/04/16 12:0 a.m.3 views

VulnCheck KEV: CVE-2008-1840

SQL injection vulnerability in upload.php in Coppermine Photo Gallery CPG 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload...

6.5CVSS6.2AI score0.01773EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2008/04/16 12:0 a.m.4 views

VulnCheck KEV: CVE-2008-1841

SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery CPG 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the sessionid variable, as exploited in the wild in...

6.8CVSS6.2AI score0.01858EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2008/03/25 12:0 a.m.3 views

VulnCheck KEV: CVE-2008-1092

Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026...

9.3CVSS6.2AI score0.28268EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
added 2008/03/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2007-5779

Buffer overflow in the GomManager GomWeb Control ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player GOM Player 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method...

7.5CVSS6.2AI score0.71512EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
added 2008/03/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2006-5820

The LinkSBIcons method in the SuperBuddy ActiveX control Sb.SuperBuddy.1 in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value...

9.3CVSS6.2AI score0.08434EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
added 2008/03/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2007-0018

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control NCTAudioFile2.dll, as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include 1 NCTsoft NCTAudioStudio,...

9.3CVSS6.5AI score0.35162EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
added 2008/02/09 12:0 a.m.6 views

VulnCheck KEV: CVE-2008-0655

Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times...

9.8CVSS5.9AI score0.36844EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2008/02/07 12:0 a.m.5 views

VulnCheck KEV: CVE-2008-0647

Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 aka Lianzong Game Platform allow remote attackers to execute arbitrary code via long arguments to the 1 hgsstartGame and 2 hgsstartNotify...

10CVSS6.5AI score0.073EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/12/20 12:0 a.m.6 views

VulnCheck KEV: CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."...

6.8CVSS6.2AI score0.28032EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/12/18 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-6436

Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in December 2007 by the Tarodrop.F trojan. NOTE: some of these details are obtained from third party...

9.3CVSS6.5AI score0.04093EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/12/11 12:0 a.m.2 views

VulnCheck KEV: CVE-2007-5587

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted...

6.9CVSS5.9AI score0.02903EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2007/11/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-3896

The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox,...

9.3CVSS6.1AI score0.53831EPSS
Exploits7References1
VulnCheck KEV
VulnCheck KEV
added 2007/11/05 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-5807

Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

6.8CVSS6.2AI score0.0284EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/10/30 12:0 a.m.6 views

VulnCheck KEV: CVE-2007-5722

Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.8, as used in Ourgame GLWorld and possibly other products, allows remote attackers to execute arbitrary code via a long first argument to the ConnectAndEnterRoom method, possibly involving the...

7.5CVSS6.5AI score0.11695EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2007/10/26 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-5020

Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher...

9.3CVSS6.2AI score0.20971EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2007/10/09 12:0 a.m.3 views

VulnCheck KEV: CVE-2007-3899

Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."...

9.3CVSS6.2AI score0.29167EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2007/09/07 12:0 a.m.5 views

VulnCheck KEV: CVE-2003-0352

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms...

7.5CVSS6.3AI score0.98626EPSS
Exploits9References1
VulnCheck KEV
VulnCheck KEV
added 2007/08/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-1070

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the 1 CMONNetTestConnection,...

10CVSS6.5AI score0.73767EPSS
Exploits27References1
VulnCheck KEV
VulnCheck KEV
added 2007/08/20 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-4428

Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip file, a different issue than CVE-2006-4116...

6.8CVSS6.2AI score0.03409EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2007/08/17 12:0 a.m.3 views

VulnCheck KEV: CVE-2007-4246

Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D Tarodrop.Q, a different vulnerability than...

6.8CVSS6.4AI score0.03082EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/07/06 12:0 a.m.5 views

VulnCheck KEV: CVE-2007-3375

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper...

6.8CVSS6.5AI score0.04698EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/05/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-0870

Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service crash via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027...

9.3CVSS5.8AI score0.40196EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2007/05/08 12:0 a.m.6 views

VulnCheck KEV: CVE-2007-1748

Stack-based buffer overflow in the RPC interface in the Domain Name System DNS Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape...

10CVSS7.9AI score0.79128EPSS
Exploits17References1
VulnCheck KEV
VulnCheck KEV
added 2007/04/29 12:0 a.m.3 views

VulnCheck KEV: CVE-2007-2426

PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter...

7.5CVSS6.1AI score0.62871EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2007/04/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2007-2024

Unrestricted file upload vulnerability in the UpLoad feature lib/plugin/UpLoad.php in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a 1 php3, 2 php4, or 3 php5 extension...

6.8CVSS5.9AI score0.03279EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/04/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-1938

Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting XSS...

4.3CVSS6.1AI score0.01451EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/04/03 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-0038

Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service persistent reboot via a large length value in the second or later anih block of a RIFF .ANI, cur, or .ico file,...

9.3CVSS6.5AI score0.7288EPSS
Exploits12References1
VulnCheck KEV
VulnCheck KEV
added 2007/03/30 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-1765

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service persistent reboot via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar...

9.3CVSS6.2AI score0.54326EPSS
Exploits15References1
VulnCheck KEV
VulnCheck KEV
added 2007/02/13 12:0 a.m.3 views

VulnCheck KEV: CVE-2006-5994

Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different...

9.3CVSS6.2AI score0.31301EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/02/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2006-6561

Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and...

9.3CVSS6.2AI score0.40196EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2007/02/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2006-6456

Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994...

9.3CVSS6AI score0.31301EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/02/13 12:0 a.m.6 views

VulnCheck KEV: CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a...

9.3CVSS6.2AI score0.3816EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2007/01/09 12:0 a.m.3 views

VulnCheck KEV: CVE-2006-4704

Cross-zone scripting vulnerability in the WMI Object Broker WMIScriptUtils.WMIObjectBroker2 ActiveX control WmiScriptUtils.dll in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI...

6.8CVSS6.2AI score0.42846EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
added 2007/01/09 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-0024

Integer overflow in the Vector Markup Language VML implementation vgx.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer...

9.3CVSS6.2AI score0.46488EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
added 2006/11/14 12:0 a.m.5 views

VulnCheck KEV: CVE-2006-4777

Heap-based buffer overflow in the DirectAnimation Path Control DirectAnimation.PathControl COM object daxctle.ocx for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the...

7.6CVSS6.4AI score0.78755EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
added 2006/11/14 12:0 a.m.3 views

VulnCheck KEV: CVE-2006-4446

Heap-based buffer overflow in DirectAnimation.PathControl COM object daxctle.ocx in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points...

5CVSS6.4AI score0.6033EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2006/11/14 12:0 a.m.5 views

VulnCheck KEV: CVE-2006-5745

Unspecified vulnerability in the setRequestHeader method in the XMLHTTP XML HTTP ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a...

7.6CVSS6.2AI score0.75946EPSS
Exploits7References1
VulnCheck KEV
VulnCheck KEV
added 2006/10/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2006-3730

Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service crash and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy...

9.3CVSS6.4AI score0.63817EPSS
Exploits9References1
VulnCheck KEV
VulnCheck KEV
added 2006/10/10 12:0 a.m.5 views

VulnCheck KEV: CVE-2006-4694

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and...

9.3CVSS6.2AI score0.12458EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
added 2006/10/10 12:0 a.m.5 views

VulnCheck KEV: CVE-2006-4534

Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with names including Trojan.Mdropper.Q, Mofei, and Femo...

9.3CVSS6.2AI score0.32762EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2006/09/26 12:0 a.m.5 views

VulnCheck KEV: CVE-2006-4868

Stack-based buffer overflow in the Vector Graphics Rendering engine vgx.dll, as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language VML file with a long fill...

9.3CVSS6.5AI score0.62149EPSS
Exploits7References1
VulnCheck KEV
VulnCheck KEV
added 2006/08/29 12:0 a.m.8 views

VulnCheck KEV: CVE-2006-4434

Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service crash via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of...

7.5CVSS5.8AI score0.04328EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2006/08/27 12:0 a.m.4 views

VulnCheck KEV: CVE-2004-1464

Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell RSH, Secure Shell SSH, and in some cases, Hypertext Transport Protocol HTTP access to the Cisco device...

5.9CVSS6AI score0.05133EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2006/08/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2006-4326

Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...

7.5CVSS6.5AI score0.04467EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2006/08/08 12:0 a.m.3 views

VulnCheck KEV: CVE-2006-3590

mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493...

9.3CVSS6.1AI score0.43664EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2006/08/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2006-3649

Buffer overflow in Microsoft Visual Basic for Applications VBA SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute...

5.1CVSS5.8AI score0.1017EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2006/07/11 12:0 a.m.6 views

VulnCheck KEV: CVE-2006-1301

Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302...

9.3CVSS6.2AI score0.13681EPSS
Exploits0References1
Total number of security vulnerabilities4985