68 matches found
CVE-2018-2159
CVE-2018-2159 is rejected/not used and does not represent an active vulnerability entry.
CVE-2018-2159
...
Security Bulletin: Open Redirect and Cross-Site Scripting Vulnerabilities in the Rational Change Help System (CVE-2012-2159, CVE-2012-2161)
Summary Some scripts in the help system used by IBM Rational Change are vulnerable to open redirect or cross-site scripting attacks. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires...
CVE-2016-2159
The savesubmission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for a web-service...
CVE-2016-2159
The vulnerability CVE-2016-2159 affects Moodle via the save_submission function in mod/assign/externallib.php, enabling remote authenticated users to bypass due-date restrictions by abusing the student role in a web-service request. Affected versions include Moodle up to 2.6.11, 2.7.x before 2.7....
Fedora 22 : moodle-2.8.11-1.fc22 (2016-b91d895e5a)
Multiple CVEs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...
Fedora 24 : moodle-3.0.3-1.fc24 (2016-9b591e1952)
3.0.3. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network Security,...
Oracle: Security Advisory (ELSA-2015-2159)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : curl (ELSA-2015-2159)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2159 advisory. - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 - reject CRLFs in URLs passed to pro...
CVE-2014-2159
CVE-2014-2159 affects Cisco TelePresence System MXP Series Software prior to F9.3.1, where the H.225 subsystem can be triggered to cause a denial of service (device reload) by receiving crafted packets. Related Cisco advisory Cisco-SA-20140430-MXP confirms multiple SIP/H.225 DoS issues and states...
Ubuntu Update for nss USN-2159-1
Check for the Version of nss OpenVAS Vulnerability Test $Id: gbubuntuUSN21591.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for nss USN-2159-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you ca...
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : nss vulnerability (USN-2159-1)
It was discovered that NSS incorrectly handled wildcard certificates when used with internationalized domain names. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to spoof SSL servers. Note that Tenable Network Security has extracted the precedi...
IBM Rational AppScan 8.x/7.x 多个安全漏洞
CVE ID:...
CVE-2011-2159
The CVE concerns SmarterTools SmarterStats 6.0 web server that omits the Content-Type header for a defined set of resources (including Admin and Client pages, skin/theme files, config/XML-like files, and sitemap.xml). The root cause is header omission which could allow remote attackers to cause a...
Debian DSA-2159-1 : vlc - missing input sanitising
Dan Rosenberg discovered that insufficient input validation in VLC's processing of Matroska/WebM containers could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securit...
CVE-2010-2159
creationtimestamp| type| source ---|---|--- 2010-05-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34058...
CVE-2009-2159
backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/...
CVE-2009-2159
backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/...
CVE-2009-2159
CVE-2009-2159 affects TorrentTrader Classic 1.09. The vulnerability is in the backup-database.php script, which does not require administrative authentication. This allows remote attackers to trigger creation and retrieval of a backup database by making a direct request and then downloading a .gz...
CVE-2009-2159
creationtimestamp| type| source ---|---|--- 2009-06-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8958...