Author Archives: CERT

The Vertiv Avocent UMG-4000 contains multiple vulnerabilities that could allow an authenticated attacker with administrative privileges to remotely execute arbitrary code. The web interface does not sanitize input provided from the remote client,making… Continue reading VU#944837: Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities→

Adobe Type Manager,which is provided by atmfd.dll,is a kernel module that is provided by Windows and provides support for OpenType fonts. Two vulnerabilities in the Microsoft Windows Adobe Type Manager library may allow an unauthenticated remote attack… Continue reading VU#354840: Microsoft Windows Type 1 font parsing remote code execution vulnerabilities→

This vulnerability results from using gradient descent to determine classification of inputs via a neural network. As such,it is a vulnerability in the algorithm. In plain terms,this means that the currently-standard usage of this type of machine learn… Continue reading VU#425163: Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack→

Microsoft Server Message Block 3.1.1(SMBv3)contains a vulnerability in the way that it handles connections that use compression. This vulnerability may allow a remote,unauthenticated attacker to execute arbitrary code on a vulnerable system. It has bee… Continue reading VU#872016: Microsoft SMBv3 compression remote code execution vulnerability→

Overview
pppd (Point to Point Protocol Daemon) versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow due to a flaw in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response subroutines.
Description
PPP is … Continue reading VU#782301: pppd vulnerable to buffer overflow due to a flaw in EAP packet processing→

CWE-78:Improper Neutralization of Special Elements used in an OS Command(‘OS Command Injection’) Multiple ZyXEL devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that… Continue reading VU#498544: ZyXEL pre-authentication command injection in weblogin.cgi→

IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java 1.4.2 are no longer supported. ServeRAID Manager uses a Java Remote Method Invocation(RMI)on port 34571/tcp that listens on all interfaces by def… Continue reading VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service→

CVE-2020-3110 Cisco’s Video Surveillance 8000 Series IP cameras with CDP enabled are vulnerable to a heap overflow in the parsing of DeviceID type-length-value(TLV). The CVSS score reflected below is in regards to this vulnerability. CVE-2020-3111 Cisc… Continue reading VU#261385: Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution→

OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol(SMTP)that is part of the OpenBSD Project. OpenSMTPD’s smtp_mailaddr()function is responsible for validating sender and recipient mail addresses. If the local pa… Continue reading VU#390745: OpenSMTPD vulnerable to local privilege escalation and remote code execution→

Microsoft Internet Explorer contains a scripting engine,which handles execution of scripting languages such as VBScript and JScript. The scripting engine JScript component contains an unspecified memory corruption vulnerability. Any application that su… Continue reading VU#338824: Microsoft Internet Explorer Scripting Engine memory corruption vulnerability→