Dp300,te60,tp3106,viewpoint 9030,ecns210 Td,espace 7950,espace Iad,espace U1981 Security Vulnerabilities

Dynamic analysis of firmware components in IoT devices

Among the various offensive security techniques, vulnerability assessment takes priority when it comes to analyzing the security of IoT/IIoT devices. In most cases, such devices are analyzed using the black box testing approach, in which the researcher has virtually no knowledge about the object...

Xen PV Guest Non-SELFSNOOP CPU Memory Corruption

...

playSMS <1.4.3 - Remote Code Execution

PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side...

Possible inject arbitrary `CSS` into the generated graph affecting the container HTML

An attacker is able to inject arbitrary CSS into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted CSS selectors. The following example shows how an attacker can exfiltrate....

Possible inject arbitrary `CSS` into the generated graph affecting the container HTML

An attacker is able to inject arbitrary CSS into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted CSS selectors. The following example shows how an attacker can exfiltrate....

Exploit for Uncontrolled Resource Consumption in Apache Tomcat

...

SoftGuard SNMP Network Management Extension HTML Injection / File Download Vulnerability

...

SoftGuard SNMP Network Management Extension HTML Injection / File Download

...

Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219)

Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

BootCommerce v3.2.1 - Multiple Persistent Vulnerabilities

...

General Electric Renewable Energy MDS Radios

EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: General Electric Renewable Energy Equipment: MDS iNET/iNET II/SD/TD220/TD220MAX Radios Vulnerabilities: Improper Input Validation, Hidden Functionality, Inadequate Encryption Strength, Uncontrolled...

qdPM 9.1 Remote Code Execution

...

qdPM 9.1 - Remote Code Execution (Authenticated) Exploit

...

qdPM 9.1 - Remote Code Execution (RCE) (Authenticated) (v2)

...

Magento 2 Community Edition Access Control Bypass

An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...

Magento 2 Community Edition Access Control Bypass

An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...

Ubuntu 16.04 ESM : libXrender vulnerabilities (USN-5436-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5436-1 advisory. Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to...

libxrender vulnerabilities

Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-7949,...

Meta Data Is Not Stripped From images

Hey team, while uploading site/page logo as an administrator, The meta data of the image like geolocation, device information, version, nameetc is not getting stripped, as a result the attacker can collect all the meta data information of the image by using tools like exif tool, metadata checker...

CVE-2022-1817

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...

CVE-2022-1817

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...

CVE-2022-1817 Badminton Center Management System Userlist Module cross site scripting

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have...

libXrender vulnerabilities

Releases Ubuntu 16.04 ESM Packages libxrender - X11 Rendering Extension client library Details Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code....

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203)

Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

Microsoft launches Defender for Business to help protect small and medium businesses

Happy National Small Business Week1 in the United States! Small and medium businesses (SMBs) are the bedrock of our economy, representing 90 percent of businesses and more than 50 percent of employment worldwide.2 As we celebrate their innovation and contributions this week, it’s important to...

Microsoft launches Defender for Business to help protect small and medium businesses

Happy National Small Business Week1 in the United States! Small and medium businesses (SMBs) are the bedrock of our economy, representing 90 percent of businesses and more than 50 percent of employment worldwide.2 As we celebrate their innovation and contributions this week, it’s important to...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-002)

The version of kernel installed on the remote host is prior to 5.10.47-39.130. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-002 advisory. 2024-06-19: CVE-2021-47227 was added to this advisory. 2024-06-06: CVE-2021-47009 was added to this...

Cisco Unified Communications Manager IM & Presence Service SQLI (cisco-sa-imp-sqlinj-GrpUuQEJ)

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM Presence Service (Unified CM IMP) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of...

Cisco Unified Communications Products Arbitrary File Write (cisco-sa-cucm-arb-write-74QzruUU)

According to its self-reported version number, the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified CM Session Management Edition is affected by an arbitrary file write vulnerability. An authenticated remote attacker can exploit this vulnerability to.....

Cisco Unified Communications Products Arbitrary File Read (cisco-sa-ucm-file-read-h8h4HEJ3)

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating...

Cisco Unified Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT)

According to its self-reported version number, the web-based management interface of the Cisco Unified Communications Manager (Unified CM) and Cisco Unified CM Session Management Edition is affected by a cross-site request forgery vulnerability. An authenticated, remote attacker can exploit this...

Cisco Unified Communications Products DoS (cisco-sa-ucm-dos-zHS9X9kD)

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a.....

Cisco Unified Communications Products XSS (cisco-sa-cucm-xss-6MCe4kPF)

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack...

WordPress Coru LFMember 1.0.2 Cross Site Scripting

...

WordPress Coru LFMember 1.0.2 Cross Site Scripting Vulnerability

...

Slackware: Security Advisory (SSA:2016-305-02)

The remote host is missing an update for...

WordPress WooCommerce <3.1.2 - Arbitrary Function Call

WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call...

espace-helvetia.ch Cross Site Scripting vulnerability OBB-2531840

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189)

Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft Excel remote code execution vulnerability. To learn more about the vulnerabilities, see the...

Security Bulletin: Vulnerabilities in Open Source OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2177 CVE-2000-1254 CVE-2016-2178).

Summary Open Source OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...

Security Bulletin: Open Source OpenSSL, GNUTls, RHEL CVE-2016-8610 'SSL-Death-Alert' affects IBM Cisco switches and directors.

Summary Open Source OpenSSL is used by IBM Cisco switches and directors. IBM Cisco switches and directors has addressed the CVE. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Switches and Directors.

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM Cisco Switches and Directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By connecting to a...

Security Bulletin: IBM Cisco Switches and Directors vulnerable to Sweet32 Birthday attacks (CVE-2016-2183 CVE-2016-6329).

Summary IBM Cisco Switches and Directors vulnerable to Sweet32 Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in.....

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108DESCRIPTION: OpenSSL could allow a remote....

Security Bulletin: OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] affects IBM Cisco SAN switches and directors.

Summary Open SSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to...

ICEHRM 31.0.0.0S Cross Site Request Forgery

...

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion Vulnerability

...

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion

...