Displaying 38101 - 38120 of 38219

CVSS: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

This strike exploits an arbitrary command execution vulnerability in SAPs NetWeaver via their SOAP interface.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike identifies a vulnerability in Cisco CNS Network Registrar. If the recovery failed command is sent to the lock manager on a pre-determined TCP port a denial of service condition can occur.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability in Opera 10.10 through 10.50. This vulnerability is due to improper checking content-length value. The attacker can send malicious http response packet with large content-length value lead to buffer overflow.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a stack based buffer overflow vulnerability in Media Jukebox player when handling m3u and pls files.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a remote code-execution vulnerability in HP Application Lifecycle Management. The vulnerability is due to the insecure exposure of the SetShapNodeType method in the XGO.ocx ActiveX control. By enticing a user to open a crafted web page an attacker could remotely execute arbitrary code.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a vulnerability in the routing engine of multiple network equipment manufacturers. The vulnerability is caused by a failure to filter non-local Network Discovery packets. By sending a large number of packets, the targeted device can run out of available CPU cycles.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in Rhino Ser-Us Web Server. The Session parameter of the Cookie header is not properly validated, and when the value is read in it first gets converted to unicode then converts two bytes of the Session string into a long int and writes that resulting value to a fixed stack buffer.

CVSS: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)

This strike exploits a buffer overflow vulnerability in Multimedia Builder 4.9.8 when handling maliciously crafted .mef files. If a crafted file with an overly large amount of data is opened a buffer will overflow resulting in a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Schneider Electrics Accutech Manager. An HTTP request URI value is not properly validated, and if a size over more than 128 bytes is received, a buffer is overflown causing a denial of serice condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a buffer overflow vulnerability in PointDev IDEAL Migration and Adminisration. A crafted ipj file can overflow a buffer allowing for remote code execution.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a Use-After-Free in TextField thickness setter. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits an indexing vulnerability in Cyme ChartFX activeX control Cfx62ClientServer.Chart. The page number parameter of the ShowPropertiesDialog method is not properly validated, and it gets used in a pointer calculation which is then later used in a memory write operation.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Samba Domain Controller service. When handling SAM LOGON requests. The formula Len*2+51 is used with Len as the length of Mailslot Name in the SAM LOGON request. If this length is greater than 262 bytes, the data will overwrite critical memory in the buffer.

Pages