bmhomesolutions.net Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1045196 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting bmhomesolutions.net websi...

Photon OS 1.0: Linux PHSA-2017-0014 (deprecated)

An update of linux packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0014. The text itself is copyright C VMware, Inc...

Code injection

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account nam...

CVE-2017-7945

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account nam...

CVE-2017-7945

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account nam...

CVE-2017-7945

CVE-2017-7945 affects the GlobalProtect external interface of Palo Alto Networks PAN-OS. The issue arises from different login failure responses depending on whether a username exists, enabling remote username enumeration and brute-force attempts. Affected PAN-OS versions are 6.1.16 and earlier, ...

CVE-2017-0014

The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site,...

CVE-2017-0014

Public technical details for CVE-2017-0014 are not present in the provided connected documents. The records describe affected products and cross-reference other CVEs, but no concrete exploit vectors, impact specifics, or remediation are disclosed here. Monitor for updates.

Microsoft Windows Graphics Component Remote Code Execution (MS17-013: CVE-2017-0014)

A remote code execution vulnerability exists in Windows Graphics Component. The vulnerability is due to the way Windows Graphics Component handles objects in memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...

Oracle Linux 6 : ghostscript (ELSA-2017-0014)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0014 advisory. 8.70-211 - Added security fixes for: - CVE-2013-5653 bug 1380327 - CVE-2016-7977 bug 1380415 - CVE-2016-7979 bug 1382305 - CVE-2016-8602 bug 1383940...

Virtuozzo Linux Errata and Security Advisory 2017:0014 Moderate

Upstream security update. Follow RHSA-2017-0014 for details...