Displaying 38081 - 38100 of 38219

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a vulnerability in the routing engine of multiple network equipment manufacturers. The vulnerability is caused by a failure to filter non-local Network Discovery packets. By sending a large number of packets, the targeted device can run out of available CPU cycles.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in Rhino Ser-Us Web Server. The Session parameter of the Cookie header is not properly validated, and when the value is read in it first gets converted to unicode then converts two bytes of the Session string into a long int and writes that resulting value to a fixed stack buffer.

CVSS: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)

This strike exploits a buffer overflow vulnerability in Multimedia Builder 4.9.8 when handling maliciously crafted .mef files. If a crafted file with an overly large amount of data is opened a buffer will overflow resulting in a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Schneider Electrics Accutech Manager. An HTTP request URI value is not properly validated, and if a size over more than 128 bytes is received, a buffer is overflown causing a denial of serice condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a buffer overflow vulnerability in PointDev IDEAL Migration and Adminisration. A crafted ipj file can overflow a buffer allowing for remote code execution.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a Use-After-Free in TextField thickness setter. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits an indexing vulnerability in Cyme ChartFX activeX control Cfx62ClientServer.Chart. The page number parameter of the ShowPropertiesDialog method is not properly validated, and it gets used in a pointer calculation which is then later used in a memory write operation.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Samba Domain Controller service. When handling SAM LOGON requests. The formula Len*2+51 is used with Len as the length of Mailslot Name in the SAM LOGON request. If this length is greater than 262 bytes, the data will overwrite critical memory in the buffer.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability on the Oracle Java applet image rendering library. The vulnerability can be triggered due to inadequate memory management when calling the lookupByteBi function contained in the ImagingLib library. A user could be manipulated into accessing a web page that downloads and executes a malicious applet that can lead to arbitrary code execution with...

CVSS: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in HP DataProtector Express. The vulnerability exists in how the DtbClsLogin method hanles the username parameter. A 240 byte stack buffer is allocated for this parameter, and because it is not validated properly a large value will overflow the stack buffer.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Apple Safari. The flaw occurs when handling reference to objects in DOM.

Pages