ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities
9.8CVSS
2.3AI Score
swissquote.ch XSS vulnerability
Vulnerable URL: http://www.swissquote.ch/espace/extern/SFBoerse/resultNew.jsp?lang=de&s;=CH0009987501_M9_CHF&title;=%22%3E%3Csvg/onload=alert(/OPENBUGBOUNTY/)%3E Details: Description| Value ---|--- Patched:| Yes, at 08.11.2017 Latest check for patch:| 08.11.2017 07:32 GMT Vulnerability type:| XSS.....
6.3AI Score
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name...
9.8CVSS
5.3AI Score
Android Security Bulletin—October 2016
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air (OTA) update. The Nexus firmware images have also been released to the Google Developer site....
9.3AI Score
0.038EPSS
espace-livres-creation.be XSS vulnerability
Vulnerable URL: http://espace-livres-creation.be/?elc-auteur=%27%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E&elc-titre;=%5C%5C%5C%27%5C%5C&elc-editeur;=%5C%5C%5C%27%5C%5C&s;=elc Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability.....
6.3AI Score
Security Advisory - Information Leak Vulnerability in Huawei eSpace IAD
Huawei eSpace IAD products have an information leak vulnerability. Some Web pages do not verify the validity of the permission. An attacker can check and download the fault information by access special URL. (Vulnerability ID: HWPSIRT-2016-08001) This vulnerability has been assigned a CVE ID:...
5.2AI Score
0.001EPSS
espace-diabolo.be XSS vulnerability
Open Bug Bounty ID: OBB-178730 Description| Value ---|--- Affected Website:| espace-diabolo.be Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention...
6.4AI Score
espace-diabolo.be XSS vulnerability
Vulnerable URL: http://www.espace-diabolo.be/partenaires.asp?page=308">&p;=h2q5DSKSQlzuveQdO3qbpzzlL6iq1GK5dqU4JGT6& Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 24757248 VIP...
6.3AI Score
-0.2AI Score
Ian Dunn: [Not just a server configuration issue] Full Path Disclosure
Hey, I've just found a 'full path disclosure' in basic-google-maps-placemarks, so it's not just a server configuration issue! I've tested it on different servers (including windows, ubuntu, CentOS etc..) PoC So, if we visit wp-content/plugins/basic-google-maps-placemarks/unit-tests.php it is...
0.3AI Score
MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016
Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow....
1AI Score
Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016
On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection...
1.4AI Score
0.967EPSS
espace-cmr.com XSS vulnerability
Vulnerable URL: http://www.espace-cmr.com/recherche Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1753396 VIP website status:| No Check espace-cmr.com SSL connection:| (Grade:...
6.2AI Score
pourlascience.fr XSS vulnerability
Open Bug Bounty ID: OBB-157810 Description| Value ---|--- Affected Website:| pourlascience.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention...
6.4AI Score
F5 BIG-IP - TCP vulnerability CVE-2015-8099
Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge (HSB) on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies are configured for use and...
5.8AI Score
0.008EPSS
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x....
5.9CVSS
7.2AI Score
0.008EPSS
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x....
5.8AI Score
0.008EPSS
F5 Networks BIG-IP : TCP vulnerability (K35358312)
Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge (HSB) on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies are configured for use and...
5.8AI Score
K35358312 : TCP vulnerability CVE-2015-8099
Security Advisory Description Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge (HSB) on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies.....
5.9CVSS
5.7AI Score
0.008EPSS
Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability
Google security research team disclosed a buffer overflow vulnerability in GNU C library (glibc) (CVE-2015-7547) on February 16, 2016, remote attackers can exploit the vulnerability to execute arbitrary code on an affected device. (Vulnerability ID: HWPSIRT-2016-02018) This vulnerability has been.....
8.1CVSS
2.2AI Score
Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability
Google security research team disclosed a buffer overflow vulnerability in GNU C library (glibc) (CVE-2015-7547) on February 16, 2016, remote attackers can exploit the vulnerability to execute arbitrary code on an affected device. (Vulnerability ID: HWPSIRT-2016-02018) This vulnerability has been.....
8.9AI Score
0.974EPSS
7.5AI Score
0.002EPSS
7.5AI Score
0.002EPSS
Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified...
7.5CVSS
7.2AI Score
0.002EPSS
Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP...
7.5CVSS
7.1AI Score
0.002EPSS
Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified...
7.5AI Score
0.002EPSS
Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP...
7.3AI Score
0.002EPSS
espacefoot.fr XSS vulnerability
Open Bug Bounty ID: OBB-117087 Description| Value ---|--- Affected Website:| espacefoot.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
espace-etudiant.com vulnerability
Vulnerable URL: http://www.espace-etudiant.com/inc/link.asp?stat=lienlogo&ref;=284&lien;=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability status:| Publicly disclosed Alexa Rank| 10137897 Google Pagerank| 5 VIP website...
6.9AI Score
Vulnerable URL: http://indulgy.com/search/grumpycat Details: Description| Value ---|--- Patched:| Yes, at 17.12.2015 Latest check for patch:| 17.12.2015 01:41 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8950 Google Pagerank| 5 VIP website status:| Yes Check...
6.3AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
6.8AI Score
0.002EPSS
Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered...
6.8AI Score
0.002EPSS
Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered...
6.3AI Score
0.002EPSS
6.8AI Score
0.003EPSS
6.8AI Score
0.003EPSS
An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access.....
7.2AI Score
0.003EPSS
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH...
7.2AI Score
0.003EPSS
An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access.....
6.7AI Score
0.003EPSS
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH...
6.6AI Score
0.003EPSS
Vulnerable URL: http://www.rts.ch/audio/audio/espace-2/programmes/entre-les-lignes/7225854-florian-eglin-holocauste-18-11-2015.html?x">x=1 Details: Description| Value ---|--- Patched:| Yes, at 12.04.2016 Latest check for patch:| 12.04.2016 02:05 GMT Vulnerability type:| XSS Vulnerability status:...
6.3AI Score
6.8AI Score
0.003EPSS
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response...
7.2AI Score
0.003EPSS
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response...
6.7AI Score
0.003EPSS
Security Advisory - DoS Vulnerability in Huawei U2990 and U2980
Huawei U2990 and U2980 have a DoS vulnerability caused by no error correction mechanism when handling specific signaling packets. An attacker can send malformed packets to cause a denial of service condition in some services of the U2990 and U2980. (Vulnerability ID: HWPSIRT-2015-09025) This...
0.6AI Score
Security Advisory - DoS Vulnerability in Huawei eSpace 8950 IP Phone
When Huawei eSpace 8950 IP phone receive some type of malicious ARP packets, memory leak may occur on the network interface card. When the memory is overloaded by such packets, the IP phone restarts (Vulnerability ID: HWPSIRT-2015-08041). This vulnerability has been assigned Common Vulnerabilities....
7.2AI Score
0.002EPSS