64 matches found
CVE-2016-3540
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework...
CVE-2016-3540
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework...
CVE-2016-3540
CVE-2016-3540 affects Oracle Enterprise Manager Grid Control (Enterprise Manager Base Platform UI Framework) 12.1.0.5 and 13.1.0.0. The vulnerability is described as an unspecified flaw in the UI Framework subcomponent that could allow a remote attacker to disclose information, impacting confiden...
Debian DSA-3540-1 : lhasa - security update
Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
CVE-2014-3540
...
CVE-2014-3540
CVE-2014-3540 is a duplicate of CVE-2014-0114. The connected advisories describe a remote code execution flaw in Apache Struts 1.x (1.x through 1.3.10) where an attacker can manipulate the ClassLoader via the class parameter passed to getClass, enabling arbitrary code execution. Remediation cente...
CVE-2013-3540
Cross-site request forgery CSRF vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users...
CVE-2013-3540
CVE-2013-3540 affects AirLive IP cameras (e.g., POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD). The vulnerability is a Cross-Site Request Forgery (CSRF) in the CGI endpoint cgi-bin/admin/usrgrp.cgi, enabling remote attackers to hijack administrator authentication to perf...
Airlive IP Cameras - Multiple Vulnerabilities
Exploit for hardware platform in category web applications 1.Advisory Information Title: Airlive Multiple Vulnerabilities Date Published: 12/06/2013 Date of last updated: 12/06/2013 2.Vulnerability Description Multiple vulnerabilities have been found in this devices: -CVE-2013-3540. Cross Site...
Fedora 17 : python-django-horizon-2012.1.3-1.fc17 (2012-16148)
Latest bugfix update for the essex branch CVE-2012-3540 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2012-3540
Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...
networking-bgpvpn (=11.0.1) potentially affected by CVE-2012-3540 via horizon (=16.2.2)
horizon PYPI version =16.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - networking-bgpvpn =11.0.1 Source cves: CVE-2012-3540 Source advisory: OSV:PYSEC-2012-18...
sahara-dashboard (=10.0.2) potentially affected by CVE-2012-3540 via horizon (=15.3.2)
horizon PYPI version =15.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - sahara-dashboard =10.0.2 Source cves: CVE-2012-3540 Source advisory: OSV:PYSEC-2012-18...
CVE-2010-3540
The connected Oracle CPU October 2010 documents identify CVE-2010-3540 as a Solaris 10/OpenSolaris vulnerability affecting ZFS. The flaw is listed as Local, with CVSS v2 base score 4.0 (Medium) and no remote/external access required. The vulnerability is categorized as a ZFS- related issue, affec...
CVE-2009-3540
Cross-site scripting XSS vulnerability in listads.php in YourFreeWorld Ultra Classifieds Pro allows remote attackers to inject arbitrary web script or HTML via the cn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3540
The CVE corresponds to a cross-site scripting (XSS) vulnerability in listads.php of YourFreeWorld Ultra Classifieds Pro, exploitable via the cn parameter to inject arbitrary script/HTML. The description notes remote exploit with no confirmed proof-of-exploit elsewhere in the provided documents. N...
[security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01539423 Version: 1 HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access NOTICE: The information in this Security Bulletin should be...
CVE-2007-3540
CVE-2007-3540 describes multiple XSS vulnerabilities in rwAuction Pro 4.0/5.0. The flaw is in the search.asp page, exploitable via input parameters including search , show , searchtype , catid , and searchtxt . An attacker could inject arbitrary script/HTML through these inputs, with impact limit...
CVE-2006-3540
CVE-2006-3540 affects Check Point Zone Labs ZoneAlarm Internet Security Suite (examples: 6.5.722.000, 6.1.737.000). The issue arises from improper validation of RegSaveKey, RegRestoreKey, and RegDeleteKey calls when targeting the registry path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\...
CVE-2005-3540
CVE-2005-3540 affects petris prior to version 1.0.1. Debian security advisories (DSA-929-1, DSA-929-1) describe a buffer overflow that may allow remote code execution with group games privileges, fixed in Petris 1.0.1-4sarge0 and released updates for stable/unstable suites. OSV and Debian tracker...