93 matches found
Debian: Security Advisory (DLA-2248-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2012-2248
An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...
CVE-2012-2248
An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...
CVE-2012-2248
CVE-2012-2248 affects dhclient 4.3.1-6 due to an embedded path variable, described across multiple sources as a path traversal issue. The available connected documents consistently identify the problem as a vulnerability in the dhclient component, but do not provide concrete exploitation steps, a...
CVE-2019-2248
creationtimestamp| type| source ---|---|--- 2019-05-24 17:53:17+00:00| seen| https://t.me/cvemitreorg/305...
CVE-2019-2248
Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2019-2248
CVE-2019-2248 describes a buffer overflow that can occur when an invalid header overwrites an existing buffer with a fixed-size allocation, affecting a wide range of Qualcomm Snapdragon products (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon IoT/Wearables, Snapdragon 615/16, 625, 820/820...
CVE-2019-2248
Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2018-2248
...
CVE-2018-2248
CVE-2018-2248 entry is rejected/not used and does not represent an active vulnerability.
Apache Struts 2.x < 2.3.15.1 Multiple Vulnerabilities (S2-016) (S2-017)
The version of Apache Struts running on the remote host is 2.x prior to 2.3.15.1. It, therefore, is affected by multiple vulnerabilities including a remote command execution vulnerability and an open redirect vulnerability. Note that Nessus has not tested for these issues but has instead relied...
Security Bulletin:Sterling Web Channel is affected by Apache Struts 2 security vulnerabilities (CVE-2013-4310, CVE-2013-4316, CVE-2013-2251, CVE-2013-2248, CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966, CVE-2013-1965)
Summary IBM Sterling Web Channel use Apache Struts 2 and is affected by some of the vulnerabilities that exist in Apache Struts 2. Vulnerability Details CVEID: CVE-2013-4310 Description: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the action:...
CVE-2017-2248
Untrusted search path vulnerability in Installer of Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2248
Untrusted search path vulnerability in Installer of Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2248
CVE-2017-2248 affects Lhaz+ installers (version 3.4.0 and earlier). The root cause is an untrusted search path leading to insecure loading of a Trojan horse DLL (CWE-427), enabling arbitrary code execution with the user’s privileges during installation. Public sources in CNVD/JVN indicate the vul...
JVN#21369452: Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries
Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Base Score: 7.8 CVSS...
netcf security update
CentOS Errata and Security Advisory CESA-2015:2248 Updated netcf packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...
Oracle Linux 7 : netcf (ELSA-2015-2248)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2248 advisory. 0.2.8-1 - Rebase to netcf-0.2.8 - resolve rhbz1165965 - CVE-2014-8119 - resolve rhbz1159000 - support multiple IPv4 addresses in interface config redhat driver ...
Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-Site Request Forgery
Exploit Title: Dell SonicWALL Secure Remote Access SRA Appliance Cross-Site Request Forgery Date: 04/28/2015 Exploit Author: Veit Hailperin Vendor Homepage: www.dell.com Version: Dell SonicWALL SRA 7.5 prior to 7.5.1.0-38sv and 8.0 prior to 8.0.0.1-16sv CVE : 2015-2248 Exploitation Procedure...
CVE-2015-2248
Cross-site request forgery CSRF vulnerability in the user portal in Dell SonicWALL Secure Remote Access SRA products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request...