72 matches found
CVE-2017-2273
CVE-2017-2273 affects Buffalo WMR-433 and WMR-433W routers. The vulnerability is a Cross-site Request Forgery (CSRF) in firmware: WMR-433 v1.02 and earlier and WMR-433W v1.40 and earlier. The issue allows remote attackers to hijack administrator authentication via unspecified vectors, potentially...
CVE-2017-2273
Cross-site request forgery CSRF vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
JVN#48413726: Multiple vulnerabilities in multiple Buffalo wireless LAN routers
WMR-433 and WMR-433W provided by BUFFALO INC. are wireless LAN routers. WMR-433 and WMR-433W contain multiple vulnerabilities listed below. Cross-site Request Forgery CWE-352 - CVE-2017-2273 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L| Base Score: 4.3...
Fedora Update for moodle FEDORA-2015-4613
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-2273
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...
CVE-2015-2273
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...
CVE-2015-2273
CVE-2015-2273 is a Moodle XSS flaw in mod/quiz/report/statistics/statistics_question_table.php that allows remote authenticated users (via student role) to inject script/HTML through a crafted quiz response. Affected Moodle versions: 2.5.9 and 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x bef...
Fedora 20 : moodle-2.6.10-1.fc20 (2015-4530)
Update to latest versions of the respective branches. f20 has been updated from 2.5.x to 2.6.x because 2.5.x is EOL. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...
Fedora Update for moodle FEDORA-2015-4724
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-2273
CVE-2014-2273 affects the hx170dec device driver in Huawei P2-6011 prior to V100R001C00B043. The vulnerability enables local users to read and write to arbitrary memory locations via unspecified vectors, indicating a local-privilege impact on affected devices. The Huawei security advisory HW-4015...
Ubuntu 13.10 : linux vulnerability (USN-2273-1)
Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges. Note that Tenable Network Security has extracted the preceding description block...
Comodo Internet Security Denial of Service Vulnerability (Jul 2013)
Comodo Internet Security is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-2273
CVE-2013-2273 affects bitcoind/Bitcoin-Qt releases prior to specific 0.4.9rc1, 0.5.x prior to 0.5.8rc1, 0.6.x prior to 0.6.0.11rc1, 0.6.1–0.6.5 prior to 0.6.5rc1, and 0.7.x prior to 0.7.3rc1. The issue allows remote attackers to obtain potentially sensitive information about the transaction chang...
CVE-2013-2273
bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 make it easier for remote attackers to obtain potentially sensitive information about returned change by leveraging certain predictability in th...
Comodo Internet Security < 5.10 kernel ImageBase Executable Handling Remote DoS
The version of Comodo Internet Security installed on the remote Windows host is affected by a denial of service vulnerability due to the way the application handles specially crafted 32-bit Portable Executable PE files with a kernel ImageBase value. C Tenable Network Security, Inc...
CVE-2012-2273
CVE-2012-2273 affects Comodo Internet Security on Windows 7 x64 prior to 5.10.228257.2253. The vulnerability is a denial-of-service caused by how the product handles specially crafted 32-bit PE files with a kernel ImageBase value, leading to a system crash. Products listed in OpenVAS/NVD referenc...
CVE-2012-2273
Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service system crash via a crafted 32-bit Portable Executable PE file with a kernel ImageBase value...
CVE-2011-2273
Technical details for CVE-2011-2273 are not publicly available in the provided documents; the description cites an unspecified vulnerability in Oracle Supply Chain Products Suite 9.3.0.3/9.3.1.1 related to Search. Monitor for updates.
Debian DSA-2273-1 : icedove - several vulnerabilities
Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. - CVE-2011-0083 / CVE-2011-2363 'regenrecht' discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. - CVE-2011-0085 'regenrecht'...
CVE-2010-2273
Multiple cross-site scripting XSS vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to...