Displaying 38041 - 38060 of 38219

CVSS: 5.4 (AV:N/AC:H/Au:N/C:N/I:N/A:C)

This strike exploits a vulnerability in PDFViewers activeX control PDFViewerLib.PDFViewer. If an overfly long string is passed to the TitleBarText argument a buffer will overflow causing a denial of service condition to occur.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

This strike exploits a cross site scripting vulberability in Microsoft Windows. The mhtml handler does not perform sufficient validation, allowing scripting code to be executed. Successful exploitation may result in execution of arbitrary script code.

CVSS: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)

This strike exploits an information disclosure vulnerability in Zend Technologies Zend Framework. A user can POST a crafted XML file and receive content of arbitrary files.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a dos vulnerability presents in the HP data protector omnilnet service. This vulnerability is due to improper handle the argument 6 in the command packet which can lead to dereferenciation error.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Oracle Java. The vulnerability is due to insufficient validation of serialized ConcurrentHashMap objects. Successful exploitation of this vulnerability could result in the execution of arbitrary Java code on the target system.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a command execution vulnerability in Apache struts2. This vulnerability is due to no input check the cookie names. Remote attackers may do arbitrary code execution on the target system.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits an arbitrary code execution vulnerability in PineApp Mail-SeCure. A specially crafted HTTP request can be sent to ldapsyncnow.php to execute arbitrary commands with root privileges.

CVSS: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)

This strike exploits a DOS vulnerability in HP Data Protector Raima Database Server. The vulnerability presents when a specially crafted packet contains malicious buffer size is sent.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a vulnerability in Persits XUpload ActiveX control MakeHttpRequest method. When a string with ../ is processed files can be written to specified locations.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in VLC Media Player. The SMB server name and share name are copied into a fixed stack buffer without proper validation. When handling HTTP requests where the SMB URI is greater than 250 bytes the stack buffer will overflow.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits an authentication bypass vulnerability in Adobe ColdFusion. The flaw is due to a lack of authentication validation by the ColdFusion administration web console when creating a scheduled task. A remote unauthenticated attacker could exploit this vulnerability by enticing an authenticated user to view a malicious web page. Exploitation of this vulnerability could allow an attacker...

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability in ProFTP client 2.9. The vulnerability is due to failure to sanitize input when view an FTP server welcome message. By enticing a user to view a crafted FTP welcome message, an attacker could remotely execute arbitrary code.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a stack buffer overflow vulnerability in Digium Asterisk. The content of the sprop-parameter-sets parameter in an SDP header is copied to a fixed length buffer without validation. Successful exploitation could result in execution of arbitrary code or abnormal termination of the Digium Asterisk, leading to a denial of service condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a code execution vulnerability in Microsoft Word. The vulnerability is due to an error parsing certain ActiveX objects embedded within document files. This vulnerability can lead to arbitrary code execution in the context of the current user.