ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities

BitRAT C&C

List of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. BitRAT C&C aggregated IOC by SSL Blacklist...

7910.org Cross Site Scripting vulnerability OBB-1258530

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

Description of the security update for SharePoint Foundation 2013: August 11, 2020

Description of the security update for SharePoint Foundation 2013: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

Cisco SD-WAN Solution Software Buffer Overflow Vulnerability (cisco-sa-sdbufof-h5f5VSeL)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by a buffer overflow vulnerability. This could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could...

espace-emplois.fr Cross Site Scripting vulnerability OBB-1225367

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

Description of the security update for SharePoint Foundation 2013: July 14, 2020

Description of the security update for SharePoint Foundation 2013: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

F5 Networks BIG-IP : Intel MCE vulnerability (K17269881)

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. (CVE-2018-12207) Impact A privileged guest user may use this flaw to induce....

CVE-2019-19415

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the....

CVE-2019-19416

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the....

CVE-2019-19417

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the....

Huawei Data Communication: Three DoS Vulnerabilities in the SIP Module of Some Huawei Products (huawei-sa-20200115-01-sip)

There are three denial of service (DoS) vulnerabilities in the SIP module of some Huawei...

Description of the security update for SharePoint Foundation 2013: June 9, 2020

Description of the security update for SharePoint Foundation 2013: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

Huawei Data Communication: DoS Vulnerability in TLS of Some Huawei Products (huawei-sa-20170705-01-tls)

There is a denial of service (DoS) vulnerability in some huawei products when handle TLS and DTLS handshake with certificate. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Remote Code Execution Vulnerability in Fastjson (huawei-sa-20191204-01-fastjson)

A remote code execution vulnerability exists in the open-source JSON parsing library Fastjson. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Input Validation Vulnerability in Multiple Huawei Products (huawei-sa-20170419-01-pse)

There is an input validation vulnerability in Huawei Multiple products. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Weak Algorithm Vulnerability in Some Huawei Products (huawei-sa-20190821-02-algorithm)

There is a weak algorithm vulnerability in some Huawei...

Huawei Data Communication: Five Vulnerabilities in Some Huawei Products (huawei-sa-20191211-01-ssp)

There is an out-of-bounds read vulnerability in some Huawei...

Huawei Data Communication: Multiple Vulnerabilities Released on Microsoft security advisory 4025685 (huawei-sa-20170909-01-windows)

Microsoft had released a Security Advisory 4025685 on June 14 to fix multiple critical security vulnerabilities in such systems as Microsoft Windows XP, Windows Server 2003, Windows VISTA, and Windows...

Huawei Data Communication: Sixteen OpenSSL Vulnerabilities on Some Huawei products (huawei-sa-20170322-01-openssl)

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc...

Huawei Data Communication: DoS Vulnerability in Some Huawei Products (huawei-sa-20171202-01-pse)

There is a DoS vulnerability caused by memory exhaustion in some Huawei...

Huawei Data Communication: Four Remote Code Execution Vulnerability in Some Microsoft Windows Systems (huawei-sa-20190819-01-windows)

Microsoft released a security advisory to disclose four remote code execution vulnerabilities in Remote Desktop Services. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Dirty COW Vulnerability in Huawei Products (huawei-sa-20161207-01-dirtycow)

In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Denial of Service Vulnerability on Several Products (huawei-sa-20171206-01-ssl)

There is a denial of service vulnerability on several products. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Weak Cryptography Vulnerability in Some Huawei Products (huawei-sa-20171222-01-cryptography)

Some Huawei products have a weak cryptography...

Huawei Data Communication: Multiple Vulnerabilities in Some Huawei Products (huawei-sa-20171215-01-buffer)

There are two buffer overflow vulnerabilities in some Huawei...

Huawei Data Communication: CPU Side Channel Vulnerability L1TF (huawei-sa-20180815-01-cpu)

Intel and security researchers publicly disclosed three new cpu side-channel vulnerabilities (CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646). This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Privilege Escalation Vulnerability in Some Huawei Products (huawei-sa-20181010-01-debug)

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software...

Huawei Data Communication: CPU Vulnerabilities 'Meltdown' and 'Spectre' (huawei-sa-20180606-01-cpu)

Security researchers disclosed two groups of CPU...

Huawei Data Communication: Weak Algorithm Vulnerability in Some Huawei Products (huawei-sa-20180704-01-algorithm)

There is a weak algorithm vulnerability in some Huawei...

Huawei Data Communication: Weak Algorithm Vulnerability in Some Huawei Products (huawei-sa-20180703-01-algorithm)

There is a weak algorithm vulnerability in some Huawei...

Huawei Products DoS Vulnerability (huawei-sa-20171201-01-pse)

Multiple Huawei products are prone to a denial of service...

Huawei Data Communication: Multiple Buffer Overflow Vulnerabilities in Some Huawei Products (huawei-sa-20171201-01-sip)

There are three buffer overflow vulnerabilities in the SIP backup feature of some Huawei...

Huawei Data Communication: OpenSSL Vulnerability in Some Huawei Products (huawei-sa-20180613-01-openssl)

Constructed ASN.1 types with a recursive definition in some OpenSSL versions could eventually exceed the stack given malicious input with excessive...

Huawei Data Communication: Multiple OpenSSL Vulnerabilities in January 2017 (huawei-sa-20170503-01-openssl)

On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new...

Description of the security update for SharePoint Foundation 2013: May 12, 2020

Description of the security update for SharePoint Foundation 2013: May 12, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

espace-aubade.fr Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1159205 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

espace-emplois.fr Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1142544 Security Researcher geeknik Helped patch 8696 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting espace-emplois.fr website...

Description of the security update for SharePoint Foundation 2013: April 14, 2020

Description of the security update for SharePoint Foundation 2013: April 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support NL

Lenovo Security Advisory: LEN-29592 Potential Impact: Denial of service, privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2013-4312, CVE-2013-7446, CVE-2014-3631, CVE-2014-5206, CVE-2014-5207, CVE-2014-6410, CVE-2014-7145,...

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-29592 Potential Impact: Denial of service, privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2013-4312, CVE-2013-7446, CVE-2014-3631, CVE-2014-5206, CVE-2014-5207, CVE-2014-6410, CVE-2014-7145,...

MS15-099: Description of the security update for SharePoint Foundation 2013: September 8, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more...

espace-projets-interassociatifs.fr Cross Site Scripting vulnerability OBB-1138090

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

Description of the security update for SharePoint Foundation 2013: March 10, 2020

Description of the security update for SharePoint Foundation 2013: March 10, 2020 Summary This security update resolves a vulnerability that occurs if SharePoint Server does not correctly sanitize a specially crafted request to an affected SharePoint server. To learn more about the vulnerability,.....

CVE-2020-5326

Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration...

CVE-2020-8950

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an...

CVE-2020-8950

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an...

Privilege escalation

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an...

CVE-2020-8950

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an...

Description of the security update for SharePoint Foundation 2013: February 11, 2020

Description of the security update for SharePoint Foundation 2013: February 11, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint...

CVE-2020-7910

JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer...