14 matches found
CVE-2019-16948
An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is visible on the internal network as opposed to what general web traffic would see...
CVE-2019-16948
creationtimestamp| type| source ---|---|--- 2024-02-13 14:41:23+00:00| seen| https://t.me/ctinow/183843...
Mageia: Security Advisory (MGASA-2019-0021)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-16948
CVE-2020-16948 : A information-disclosure vulnerability in Microsoft SharePoint Server arises when the server fails to properly handle objects in memory, allowing an attacker who can log on and run a crafted application to obtain information that could help further compromise the system. The issu...
CVE-2020-16948 Microsoft SharePoint Information Disclosure Vulnerability
...
Security Updates for Microsoft SharePoint Server 2010 (October 2020)
The Microsoft SharePoint Server 2010 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request ...
CVE-2019-16948
CVE-2019-16948 is an SSRF vulnerability in Enghouse Web Chat 6.1.300.31. In any POST request, an attacker can replace the port in WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to infer what is visible on the internal network, as the response differs between open an...
Debian DLA-1513-1 : openafs security update
Several security vulnerabilities were discovered in OpenAFS, a distributed file system. CVE-2018-16947 The backup tape controller process accepts incoming RPCs but does not require or allow for authentication of those RPCs. Handling those RPCs results in operations being performed with...
[SECURITY] [DSA 4302-1] openafs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4302-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 23, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1513-1] openafs security update
Package : openafs Version : 1.6.9-2+deb8u8 CVE ID : CVE-2018-16947 CVE-2018-16948 CVE-2018-16949 Debian Bug : 908616 Several security vulnerabilities were discovered in OpenAFS, a distributed file system. CVE-2018-16947 The backup tape controller process accepts incoming RPCs but does not require...
OpenAFS < 1.6.22.4, 1.8.x - 1.8.1.1 Multiple Vulnerabilities - Windows
OpenAFS is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-16948
CVE-2018-16948 affects OpenAFS before 1.6.23 and 1.8.x before 1.8.2, where several RPC server routines did not fully initialize output variables before returning, leaking memory contents from stack and heap. The issue arises in the OpenAFS cache manager acting as an Rx server for the AFSCB servic...
Design/Logic Flaw
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service BSOD or possibly have unspecified other impact via a \.\Viragtlt DeviceIoControl request of 0x82730008, a different vulnerability than CVE-2017-16948...
CVE-2017-16948
CVE-2017-16948 affects TG Soft Vir.IT eXplorer Lite 8.5.42. The issue is a NULL pointer dereference triggered by a 0x82730008 DeviceIoControl request to \.�Viragtlt, exploitable by local users and resulting in denial of service (and potential other impact) as described in multiple sources. The vu...