Displaying 61 - 80 of 38219

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

A denial-of-service flaw exists in Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4. An authenticated attacker may crash the service by sending a crafted X-Reason HTTP header containing an Erlang format string which causes the server to allocate a massive memory region....

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

An integer overflow vulnerability exists in parse mqtt mongoose.c in Cesanta Mongoose 6.16. By sending a crafted packet, a remote unauthenticated attacker may lead the server into a infinite loop, causing DoS conditions.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Apple Webkit. Specifically, an attacker can cause an integer overflow in NodeRareData::m connectedFrameCount by inserting a large number of iframe elements into a DOM node that already has cached subframes. Doing this can cause type confusion to occur leading to a denial of service in the browser, and it can also lead to a UXSS attack.

CVSS: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

An insecure deserialization vulnerability was found in Oracle WebLogic Server. The vulnerability is due to insufficient validation of serialized data within T3 requests. The vulnerability can be exploited by sending a specially crafted serialized object. Successful exploitation can result in arbitrary code execution within the context of the user running WebLogic.

CVSS: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

A SQL injection vulnerability exists in the General Ledger component of Oracle E-Business Suite. A SQL query may be sent via the Thin Client Framework protocol over HTTP, which is later processed in the DataManagerServer.readSynch method located in oracle/apps/gl/jahe/tcf/server/DataManagerServer.java. The string is then used as a base string for a database query. By exploiting this flaw, a remote...

CVSS: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

A SQL injection vulnerability exists in the Work in Progress component of Oracle E-Business Suite. A SQL query may be bundled in a FndMessageRequest object sent via the Thin Client Framework protocol over HTTP, which is later processed in the public Vector fetchMessages method located in oracle/apps/wip/gantt/components/server/database/MessageFetcher.class. By exploiting this flaw, a remote...

CVSS: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

This strike exploits a heap buffer overflow vulnerability in MF3216 component of Microsoft Windows. The vulnerability is due to improper handling of EMF records. An attacker could gain arbitrary code execution by enticing the user to open and save a malicious EMF or RTF file.

CVSS: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

A command injection vulnerability exists in OpenEMR 5.0.1 and earlier, within scanned notes/new.php form file, as a result of weak user input sanitization. By sending a crafted id parameter in a HTTP request, a remote authenticated attacker might execute arbitrary system commands.

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Internet Explorer scripting engine. Specifically, an attacker can craft an HTML page containing a Javascript script in such a way that a call to jscript!JSONStringifyObject frees an object that is later going to be referred by jscript!PrepareInvoke, resulting in a Use-After-Free condition. A remote attacker could exploit this vulnerability by...

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits an Out of Bounds Write vulnerability in Microsoft Jet Database Engine. The vulnerability is due to improper handling of objects in memory. The user would be enticed to visit a site or open a web page, causing arbitrary code to be executed.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

This strike identifies a vulnerability in Samsung DVR Firmware v1.10. An authentication bypass is possible because of improper validation of CGI page requests. If an HTTP request is made to one of many URI paths with a malicious cookie value set, then access will be given to the attacker with the ability to perform many functions such as read usernames and passwords, create users, and read and modify...

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a Use-After-Free vulnerability on Adobe Flash Player. The vulnerability can be triggered due to inadequate memory management when using a SharedObject entities. A user could be manipulated into accessing a web page that downloads and executes a malicious file that can lead to arbitrary code execution with local user privileges. All versions of flash player below 12.0.0.44 and 11....

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code-execution vulnerability in SIEMENS Solid Edge. The vulnerability is due to the use of OpenInEditor method within the WebPartHelper ActiveX Control. By enticing a user to open a crafted web page an attacker could remotely execute arbitrary code.

CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)

This strike emulates a large number of requests for pingback calls through the xmlrpc service available by default on wordpress servers. This kind of requests are used as part of a distributed denial of service scenario. The requests generated by this strike are identical to what an attacker would send to reflector and amplificator wordpress servers in order to disrupt service on other servers....

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits buffer overflow vulnerability within Mitsubishi EZPcAut220.dll ActiveX Control. This vulnerability is due to lack of boundary checking in the attribute HostAddress in Mitsubishi EZPcAut220.dll ActiveX Control. Remote unauthenticated attackers could exploit this vulnerability to execute arbitrary code on the target system.

CVSS: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

This strike exploits a stack buffer overflow vulnerability in PostgreSQL. If IntervalStyle is set to postgres verbose, a fixed buffer is used when processing the output string. A specially crafted SQL INTERVAL command can be used to overflow this buffer. Successful exploitation may result in execution of arbitrary code or abnormal termination of PostgreSQL, leading to a denial of service condition...

CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)

This strike exploits a vulnerability in the Linux kernel. The target network interface card must support UDP Fragmentation offload to be vulnerable to this attack. By issuing a TFTP request over IPv6 with a blocksize larger than the MTU, the TFTP daemon on the vulnerable server will send a large packet resulting in a kernel panic, causing a denial of service condition.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike identifies a vulnerability in an Indusoft ThinClient ActiveX control. The Initialize2 method does not properly validate its arguments. If a malicious or overly large string size is used and exceeds the limit of the buffer, an overflow will occur allowing for remote code to be executed.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits buffer overflow vulnerability within Mitsubishi EZPcAut260.dll ActiveX Control. This vulnerability is due to lack of boundary checking in the function ESOpen in Mitsubishi EZPcAut260.dll ActiveX Control. Remote unauthenticated attackers could exploit this vulnerability to execute arbitrary code on the target system.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsoft Internet Explorer. If a DOMNodeRemoved event is triggered and all the objects that belong to the current HTMLSelection object are removed inside the event handler for DOMNodeRemoved, a Use-After-Free condition can occur.

Pages