Security Advisory-Apache Struts2 vulnerability on Huawei multiple products
Some versions of Apache Struts2 software used in Huawei devices have security vulnerabilities. A patch released for the software to fix vulnerabilities CVE-2014-0050 and CVE-2014-0094 has the risk of being bypassed. (Vulnerability ID: HWPSIRT-2014-0420) This Vulnerability has been assigned Common.....
2.2AI Score
0.971EPSS
Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation
No description provided by...
7.1AI Score
7.1AI Score
Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products
This security advisory (SA) describes the impact of 7 OpenSSL vulnerabilities discovered in third-party software. The vulnerabilities are referenced in this document as follows: 1.SSL/TLS Man-in-the-Middle Vulnerability (CVE-2014-0224). An unauthenticated, remote attacker with the ability to...
7.4CVSS
1.6AI Score
0.974EPSS
Some OpenSSL software versions used in multiple Huawei products have the following OpenSSL vulnerability. Unauthorized remote attackers can dump 64 Kbytes of memory of the connected server or client in each attack. The leaked memory may contain sensitive information, such as passwords and private.....
7.5CVSS
2.6AI Score
0.975EPSS
Huawei eSpace Meeting Service 'eMservice.exe'本地权限提升漏洞
Bugtraq ID:66107 Huawei eSpace Meeting是一款移动视频解决方案。 Huawei eSpace Meeting产品的用户权限设置不合理。获取普通用户权限的攻击者,可以通过特定的操作,提升权限并访问和设置某些关键资源。 0 Huawei eSpace Meeting 1.x 厂商补丁: Huawei Huawei eSpace Meeting V100R001C03SPC202已经修复该漏洞,建议用户下载更新:...
7.1AI Score
Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation
Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege...
0.6AI Score
7.4AI Score
EPSS
Huawei eSpace Meeting Service 1.0.0.23 Privilege Escalation
Huawei Technologies eSpace Meeting Service version 1.0.0.23 suffers from a local privilege escalation...
7.1AI Score
0.8AI Score
Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation
Title: Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation Advisory ID: ZSL-2014-5171 Type: Local Impact: Privilege Escalation Risk: (3/5) Release Date: 10.03.2014 Summary Huawei's eSpace Meeting solution fully meets the needs of enterprise customers for an integrated...
7CVSS
6.9AI Score
0.001EPSS
Security Advisory-Improper User Permission Setting Vulnerability in Huawei eSpace Meeting
User permissions are not properly set on Huawei eSpace Meeting. Attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources. (HWPSIRT-2014-0241). This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID:...
7CVSS
6.5AI Score
0.001EPSS
Threat Outbreak Alert: Fake Online Order Details Email Messages on February 8, 2014
Medium Alert ID: 32785 First Published: 2014 February 10 18:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to French-language spam email messages that claim to contain an online order notification for the recipient. The text in the email message attempts to...
0.2AI Score
libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
Description libjpeg and libjpeg-turbo libraries are prone to a memory-corruption vulnerability. Attackers can exploit this issue to bypass Address Space Layout Randomization (ASLR) protection mechanisms of applications. This may aid in further attacks that may lead to arbitrary code execution....
1.6AI Score
0.003EPSS
-0.1AI Score
0.1AI Score
-0.8AI Score
Unfixed XSS vulnerability at www.edf-bleuciel.fr
Security researcher Mystick, has submitted on 11/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.edf-bleuciel.fr, which at the time of submission ranked 48191 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/10/2008. It is...
AI Score
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of...
0.3AI Score
7.4AI Score
EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
7.6AI Score
0.07EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
7.6AI Score
0.07EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
8AI Score
0.07EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
7.6AI Score
0.07EPSS
FdWeB Espace Membre Admin_Menu.PHP远程文件包含漏洞
FdWeB Espace Membre是一款基于PHP的WEB应用程序。 FdWeB Espace Membre不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Admin_Menu.PHP'脚本对用户提交的'phpbb_root_path'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 FdWeB Espace Membre 2.01 FdWeB Espace Membre 2.0 目前没有解决方案提供:...
7.1AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.556EPSS
FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit
No description provided by...
7.1AI Score
FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit
Exploit for unknown platform in category web...
7.1AI Score
FdWeB Espace Membre 2.01 - path Remote File Inclusion
FdWeB Espace Membre 2.01 - path Remote File...
0.1AI Score
7.4AI Score
EPSS
-0.2AI Score
Membrepass v1.5 Php code execution, Xss, Sql Injection
================================================================= Affected.scr..: Membrepass v1.5 Advisory.ID...: 09290806 Type..........: Cross Site Scripting, SQL Injection Php code execution Risk.level....: Medium Vendor.Status.: Unpatched Src.download..:...
AI Score
7.3AI Score