102 matches found
CVE-2021-3055
Palo Alto Networks PAN-OS is affected by CVE-2021-3055 due to an improper restriction of XML external entity (XXE) in the web interface. An authenticated administrator can read arbitrary files from the device and trigger a crafted request that crashes the service, causing DoS across PAN-OS servic...
CVE-2021-3055 PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface
An improper restriction of XML external entity XXE reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash...
PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface
An improper restriction of XML external entity XXE reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash...
Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 / 10.0.x < 10.0.6 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.20 or 9.0.x prior to 9.0.14 or 9.1.x prior to 9.1.10 or 10.0.x prior to 10.0.6. It is, therefore, affected by a vulnerability. - An improper restriction of XML external entity XXE reference vulnerability in...
CentOS Update for bpftool CESA-2019:3055 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : kernel (ELSA-2019-3055)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3055 advisory. - vhost vhost: make sure lognum innum Eugenio Perez 1750879 1750880 CVE-2019-14835 - net Bluetooth: Fix faulty expression for minimum encryption key si...
themedmerchandise.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-978797 Security Researcher KhanJanny Helped patch 3055 vulnerabilities Received 9 Coordinated Disclosure badges Received 38 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting themedmerchandise.com...
openSUSE: Security Advisory for virtualbox (openSUSE-SU-2018:2295-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : virtualbox (openSUSE-2018-853)
This update for virtualbox to version 5.2.16 fixes the following issues : The following security vulnerabilities were fixed boo1101667 : - CVE-2018-3005: Fixed an easily exploitable vulnerability that allowed unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox...
Oracle VM VirtualBox < 5.2.16 Multiple Vulnerabilities (July 2018 CPU)
The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.16. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory : - An unspecified vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization...
CVE-2018-3055
CVE-2018-3055 affects Oracle VM VirtualBox (Core) prior to version 5.2.16. The vulnerability is exploitable by an unauthenticated user who has logon access to the infrastructure where VirtualBox runs and requires user interaction. Successful exploitation can lead to a hang or frequently repeating...
Security Bulletin: XXE and XmlBomb vulnerability in FileNet Workplace (CVE-2016-3055)
Summary FileNet Workplace is susceptible to the XXE and XmlBomb vulnerability. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-3055 DESCRIPTION: IBM FileNet Workplace is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error when processing XML dat...
CVE-2017-3055
CVE-2017-3055 affects Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, and 15.023.20070 and earlier. The vulnerability is an exploitable heap overflow in JPEG 2000 parsing of the fragment list tag, which could lead to arbitrary code execution. The description does not ...
CVE-2016-3055
IBM FileNet Workplace 4.0.2 is affected by CVE-2016-3055 due to an XML External Entity (XXE) flaw in processing XML data, which could allow remote authenticated users to read arbitrary files or cause a memory-based denial of service. Affected version: FileNet Workplace 4.0.2 (before 4.0.2.14 LA01...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3055-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3055-1 advisory. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could u...
Oracle: Security Advisory (ELSA-2015-3055)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Adobe Reader Multiple Vulnerabilities - 01 (May 2015) - Mac OS X
Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...
Adobe Reader < 10.1.14 / 11.0.11 Multiple Vulnerabilities (APSB15-10)
The version of Adobe Reader installed on the remote host is a version prior to 10.1.14 / 11.0.11. It is, therefore, affected by the following vulnerabilities : - A buffer overflow condition exists in CoolType.dll due to improper validation of user-supplied input. A remote attacker can exploit thi...
CVE-2015-3055
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3059, and CVE-2015-3075...
Design/Logic Flaw
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075...