OSCA-550, OSCA-550A, OSCA-550AX, OSCA-550X Security Vulnerabilities

Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability

A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication...

JioFi 4G M2S 1.0.2 Cross Site Scripting

...

JioFi 4G M2S 1.0.2 - 'mask' Cross-Site Scripting

...

JioFi 4G M2S 1.0.2 - mask Cross-Site Scripting

JioFi 4G M2S 1.0.2 - mask Cross-Site...

JioFi 4G M2S 1.0.2 - mask Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web...

‘Land Lordz’ Service Powers Airbnb Scams

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called "Land Lordz," which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings....

Description of the security update for SharePoint Server 2010: April 9, 2019

Description of the security update for SharePoint Server 2010: April 9, 2019 Summary This security update resolves a cross-site–scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request that's made to an affected SharePoint....

openSUSE Security Update : openssl-1_1 (openSUSE-2019-550)

This update for openssl-1_1 fixes the following issues : CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period ...

Sparkasse - Multiple Persistent Cross Site Vulnerabilities

...

Sparkasse - Multiple Persistent Cross Site Vulnerabilities

...

Sparkasse Cross Site Scripting

...

Navicat for Oracle 12.1.15 - Password Denial of Service Exploit

...

Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)

Navicat for Oracle 12.1.15 - Password Denial of Service...

Navicat For Oracle 12.1.15 Denial Of Service

...

Navicat for Oracle 12.1.15 - "Password" Denial of Service (PoC)

...

Description of the security update for SharePoint Server 2010: March 12, 2019

Description of the security update for SharePoint Server 2010: March 12, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about the...

devolo dLAN 550 duo+ 3.1.0-1 Starter Kit Cross-Site Request Forgery

...

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution

devolo dLAN 550 duo+ Starter Kit - Remote Code...

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery

...

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request...

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution

...

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web...

devolo dLAN 550 duo+ 3.1.0-1 Starter Kit Remote Code Execution

...

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution Vulnerability

Exploit for hardware platform in category web...

devolo dLAN 550 duo+ Starter Kit Cross-Site Request Forgery

Title: devolo dLAN 550 duo+ Starter Kit Cross-Site Request Forgery Advisory ID: ZSL-2019-5507 Type: Remote/Local Impact: Cross-Site Scripting Risk: (3/5) Release Date: 03.02.2019 Summary Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a cost-effective and helpful networking...

devolo dLAN 550 duo+ Starter Kit Remote Code Execution

Title: devolo dLAN 550 duo+ Starter Kit Remote Code Execution Advisory ID: ZSL-2019-5508 Type: Remote/Local Impact: System Access, DoS Risk: (4/5) Release Date: 03.02.2019 Summary Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a cost-effective and helpful networking alternative...

Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open

A critical and unpatched vulnerability in the widely deployed Cisco Small Business Switch software leaves the door open to remote, unauthenticated attackers gaining full administrative control over the device – and therefore the network. Cisco Small Business Switches were developed for small...

Description of the security update for Outlook 2013: January 8, 2019

Description of the security update for Outlook 2013: January 8, 2019 Summary This security update resolves an information disclosure vulnerability that exists when Microsoft Outlook improperly handles certain types of messages. To learn more about the information disclosure vulnerability, see...

Description of the security update for SharePoint Server 2010: January 8, 2019

Description of the security update for SharePoint Server 2010: January 8, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft.....

Fedora 28 : knot-resolver (2018-389bc4e911)

Knot Resolver 2.3.0 (2018-04-23) ================================ Security fix CVE-2018-1110: denial of service triggered by malformed DNS messages (!550, !558, security!2, security!4) increase resilience against slow lorris attack (security!5) Bugfixes validation: fix...

Description of the security update for SharePoint Server 2010: December 11, 2018

Description of the security update for SharePoint Server 2010: December 11, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see ...

Description of the security update for Outlook 2013: December 11, 2018

Description of the security update for Outlook 2013: December 11, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Description of the security update for Outlook 2013: November 13, 2018

Description of the security update for Outlook 2013: November 13, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

OpenSLP 2.0.0 - Multiple Vulnerabilities

Exploit for linux platform in category local...

OpenSLP 2.0.0 Out-Of-Bounds

...

Cisco Accidentally Released Dirty CoW Exploit Code in Software

Cisco Systems revealed in a security bulletin Wednesday that it “inadvertently” shipped in-house exploit code that was used in security tests of scripts as part of its TelePresence Video Communication Server and Expressway Series software. The code exploits the Dirty Cow vulnerability...

Cisco Small Business Switches Privileged Access Vulnerability

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account...

OpenSLP 2.0.0 - Multiple Vulnerabilities

OpenSLP 2.0.0 - Multiple...

OpenSLP 2.0.0 - Multiple Vulnerabilities

...

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution

ProjeQtOr Project Management Tool 7.2.5 - Remote Code...

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution

...

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit

Exploit for php platform in category web...

Teltonika RUT9XX Missing Access Control To UART Root Terminal

...

Teltonika RUT9XX Missing Access Control To UART Root Terminal Vulnerability

Exploit for cgi platform in category web...

Description of the security update for Outlook 2013: October 9, 2018

Description of the security update for Outlook 2013: October 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Security Advisory...

Description of the security update for SharePoint Server 2010: September 11, 2018

Description of the security update for SharePoint Server 2010: September 11, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

CVE-2018-3646

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel...

Information disclosure

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel...

Information disclosure

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel...

CVE-2018-3620

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel...