Dp300,te60,tp3106,viewpoint 9030,ecns210 Td,espace 7950,espace Iad,espace U1981 Security Vulnerabilities

CVE-2017-9030

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...

CVE-2018-13086

The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any...

CVE-2018-13086

The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any...

CVE-2018-20372

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP...

CVE-2018-20372

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP...

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

CVE-2007-0342

WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than...

CVE-2007-0342

WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than...

td-sd.ru Cross Site Scripting vulnerability OBB-2937465

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

ghas-to-csv vulnerable to Improper Neutralization of Formula Elements in a CSV File

Impact This GitHub Action creates a CSV file without sanitizing the output of the APIs. If an alert is dismissed or any other custom field contains executable code / formulas, it might be run when an endpoint opens that CSV file in a spreadsheet program. The data flow looks like this 👇🏻 mermaid.....

ghas-to-csv vulnerable to Improper Neutralization of Formula Elements in a CSV File

Impact This GitHub Action creates a CSV file without sanitizing the output of the APIs. If an alert is dismissed or any other custom field contains executable code / formulas, it might be run when an endpoint opens that CSV file in a spreadsheet program. The data flow looks like this 👇🏻 mermaid.....

Integrating Live Patching in SecDevOps Workflows

SecDevOps is, just like DevOps, a transformational change that organizations undergo at some point during their lifetime. Just like many other big changes, SecDevOps is commonly adopted after a reality check of some kind: a big damaging cybersecurity incident, for example. A major security breach.....

Cisco ASA-X With FirePOWER Services Authenticated Command Injection

...

Cisco ASA-X With FirePOWER Services Authenticated Command Injection Exploit

This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual.....

Debian DLA-3099-1 : qemu - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3099 advisory. sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can...

Improper Control of Generation of Code ('Code Injection') in mdx-mermaid

Impact Arbitary javascript injection Modify any mermaid code blocks with the following code and the code inside will execute when the component is loaded by MDXjs + (function () { // Put Javascript code here return '' }()) + The block below shows a valid mermaid code block md ```mermaid.....

Improper Control of Generation of Code ('Code Injection') in mdx-mermaid

Impact Arbitary javascript injection Modify any mermaid code blocks with the following code and the code inside will execute when the component is loaded by MDXjs + (function () { // Put Javascript code here return '' }()) + The block below shows a valid mermaid code block md ```mermaid.....

Vehicle Service Management System 1.0 - Cross Site Scripting

Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login...

ehicle Service Management System 1.0 - Cross-Site Scripting

Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Category List section in login...

Vehicle Service Management System 1.0 - Stored Cross Site Scripting

Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Service List section in login...

Vehicle Service Management System 1.0 - Stored Cross Site Scripting

Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login...

PHPGurukul Hospital Management System - Cross-Site Scripting

PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

Ubuntu: Security Advisory (USN-5436-1)

The remote host is missing an update for...

Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit

XDR-LabSetup.sh Description This program is used in...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Directors and Switches (CVE-2016-0701, CVE-2015-3197)

Summary OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco MDS Directors and Switches. IBM Cisco MDS Directors and Switches has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0701 DESCRIPTION: OpenSSL could allow a.....

Security Bulletin: GNU C library (glibc) vulnerability affects IBM/Cisco Switches and Directors (CVE-2015-0235)

Summary GNU C library (glibc) vulnerability that has been referred to as GHOST affects BM/Cisco Switches and Directors Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library (glibc) are vulnerable to a buffer overflow. By sending a specially...

Security Bulletin: Vulnerability in SSLv3 affects IBM/Cisco switches and directors (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in IBM/Cisco switches and directors. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...

Security Bulletin: Vulnerabilities in Bash affect IBM/Cisco Switches and Directors (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM/Cisco switches and directors. Vulnerability Details CVE-ID:...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Directors and switches (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cisco MDS Directors and switches. IBM Cisco MDS Directors and switches has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a.....

Cisco ASA-X with FirePOWER Services Authenticated Command Injection

This module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine...

espace-formatif-cfa.fr Cross Site Scripting vulnerability OBB-2854788

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Microweber < 1.2.12 - Stored Cross-Site Scripting

Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability via the Type parameter in the body of POST request, which is triggered by Add/Edit...

Cisco Patches High-Severity Vulnerability Affecting ASA and Firepower Solutions

Cisco on Wednesday released patches to contain multiple flaws in its software that could be abused to leak sensitive information on susceptible appliances. The issue, assigned the identifier CVE-2022-20866 (CVSS score: 7.4), has been described as a "logic error" when handling RSA keys on devices...

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Rapid7 discovered vulnerabilities and “non-security” issues affecting Cisco Adaptive Security Software (ASA), Adaptive Security Device Manager (ASDM), and FirePOWER Services Software for ASA. Rapid7 initially reported the issues to Cisco in separate disclosures in February and March 2022. Rapid7...

WordPress EasyCart <2.0.6 - Information Disclosure

WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo...

The Bug Report – July 2022 Edition

The Bug Report – July 2022 Edition By Trellix · August 3, 2022 This story was also written by Kasimir Schulz and Jesse Chick Your Cybersecurity Comic Relief Why am I here? Welcome to the Bug Report, Heat Wave Edition! In the face of chronic irritability and soggy-pants syndrome, we are back at...

The Bug Report – July 2022 Edition

The Bug Report – July 2022 Edition By Trellix · August 3, 2022 This story was also written by Kasimir Schulz and Jesse Chick Your Cybersecurity Comic Relief Why am I here? Welcome to the Bug Report, Heat Wave Edition! In the face of chronic irritability and soggy-pants syndrome, we are back at...

Carel pCOWeb <B1.2.4 - Cross-Site Scripting

Carel pCOWeb prior to B1.2.4 is vulnerable to stored cross-site scripting, as demonstrated by the config/pw_snmp.html "System contact"...

td-grafik.de Cross Site Scripting vulnerability OBB-2799473

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)

The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is 11.5(1) prior to 11.5(1)SU11, 12.5(1) prior to 12.5(1)SU6 or 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An.....

Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)

The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user,....

Cisco Unified Communications Manager Improper Access Control (cisco-sa-ucm-access-dMKvV2DY)

The version of Cisco Unified Communications Manager installed on the remote host is 14.x prior to 14SU2. It is, therefore, affected by an improper access control vulnerability. An authenticated attacker with read-only privileges can exploit this vulnerability to perform a set of administrative...

Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability

Summary A type confusion vulnerability exists in the way Adobe Acrobat Reader DC 2022.001.20085 deals with overlapping annotations. A specially-crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious file to trigger this....

Cisco Unified Communications Manager Timing Attack (cisco-sa-ucm-timing-JVbHECOK)

The version of Cisco Unified Communications Manager installed on the remote device is version 12.5(1) prior to 12.5(1)SU6 or 14 prior to 14SU1. It is, therefore, affected by a timing attack due to insufficient protection of a system password. An unauthenticated remote attacker can exploit this...

Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-RgH7MpKA)

The version of Cisco Unified Communications Manager IM & Presence Service on the remote host is 12.5(1) prior to 12.5(1)SU5. It is, therefore affected by a cross-site scripting vulnerability (XSS). An unauthenticated remote attacker could, with the interaction of another user, exploit this...

espace-terroir.ch Cross Site Scripting vulnerability OBB-2744403

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Cisco Unified Communications Manager Arbitrary File Read (cisco-sa-ucm-file-read-qgjhEc3A)

The version of Cisco Unified Communications Manager (Unified CM) is affected by a vulnerability in its web-based management interface that allows an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. This vulnerability is due to...

Cisco Unified Communications Manager File Read (cisco-sa-cucm-imp-afr-YBFLNyzd)

The version of Cisco Unified Communications Manager (Unified CM) installed on the remote host is prior to 14SU2. It is, therefore, affected by a file read vulnerability. Due to insufficient file permissions, an authenticated remote attacker could read arbitrary files on the underlying operating...

Xen PV Guest Non-SELFSNOOP CPU Memory Corruption Exploit

On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to set arbitrary cache attributes on all its pages) can trick Xen into validating an L2 pagetable that contains a cacheline that is marked as clean in the cache but actually...