Lucene search
+L

64 matches found

NVD
NVD
added 2016/07/21 10:13 a.m.22 views

CVE-2016-3540

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework...

4.3CVSS4.1AI score0.02028EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2016/07/21 10:0 a.m.15 views

CVE-2016-3540

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework...

6AI score0.02028EPSS
Exploits0References4
CVE
CVE
added 2016/07/21 10:0 a.m.53 views

CVE-2016-3540

CVE-2016-3540 affects Oracle Enterprise Manager Grid Control (Enterprise Manager Base Platform UI Framework) 12.1.0.5 and 13.1.0.0. The vulnerability is described as an unspecified flaw in the UI Framework subcomponent that could allow a remote attacker to disclose information, impacting confiden...

4.3CVSS4.6AI score0.02028EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/04/05 12:0 a.m.33 views

Debian DSA-3540-1 : lhasa - security update

Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

7.8CVSS7.7AI score0.03228EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/07/08 1:0 a.m.19 views

CVE-2014-3540

...

Exploits5
CVE
CVE
added 2014/07/08 1:0 a.m.67 views

CVE-2014-3540

CVE-2014-3540 is a duplicate of CVE-2014-0114. The connected advisories describe a remote code execution flaw in Apache Struts 1.x (1.x through 1.3.10) where an attacker can manipulate the ClassLoader via the class parameter passed to getClass, enabling arbitrary code execution. Remediation cente...

8AI score
Exploits5
Cvelist
Cvelist
added 2013/10/04 11:0 p.m.27 views

CVE-2013-3540

Cross-site request forgery CSRF vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users...

7.9AI score0.01013EPSS
Exploits5References1
CVE
CVE
added 2013/10/04 11:0 p.m.52 views

CVE-2013-3540

CVE-2013-3540 affects AirLive IP cameras (e.g., POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD). The vulnerability is a Cross-Site Request Forgery (CSRF) in the CGI endpoint cgi-bin/admin/usrgrp.cgi, enabling remote attackers to hijack administrator authentication to perf...

6.8CVSS7.8AI score0.01013EPSS
Exploits5References1Affected Software6
0day.today
0day.today
added 2013/06/13 12:0 a.m.50 views

Airlive IP Cameras - Multiple Vulnerabilities

Exploit for hardware platform in category web applications 1.Advisory Information Title: Airlive Multiple Vulnerabilities Date Published: 12/06/2013 Date of last updated: 12/06/2013 2.Vulnerability Description Multiple vulnerabilities have been found in this devices: -CVE-2013-3540. Cross Site...

6.8CVSS0.2AI score0.27567EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2012/10/24 12:0 a.m.26 views

Fedora 17 : python-django-horizon-2012.1.3-1.fc17 (2012-16148)

Latest bugfix update for the essex branch CVE-2012-3540 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.8CVSS5.3AI score0.02895EPSS
Exploits1References3
OSV
OSV
added 2012/09/05 11:55 p.m.7 views

CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

6.2AI score
Exploits0References11
vulnersOsv
vulnersOsv
added 2012/09/05 11:55 p.m.6 views

networking-bgpvpn (=11.0.1) potentially affected by CVE-2012-3540 via horizon (=16.2.2)

horizon PYPI version =16.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - networking-bgpvpn =11.0.1 Source cves: CVE-2012-3540 Source advisory: OSV:PYSEC-2012-18...

5.8CVSS5.8AI score0.02895EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2012/09/05 11:55 p.m.4 views

sahara-dashboard (=10.0.2) potentially affected by CVE-2012-3540 via horizon (=15.3.2)

horizon PYPI version =15.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - sahara-dashboard =10.0.2 Source cves: CVE-2012-3540 Source advisory: OSV:PYSEC-2012-18...

5.8CVSS5.8AI score0.02895EPSS
Exploits1
CVE
CVE
added 2010/10/14 5:0 p.m.57 views

CVE-2010-3540

The connected Oracle CPU October 2010 documents identify CVE-2010-3540 as a Solaris 10/OpenSolaris vulnerability affecting ZFS. The flaw is listed as Local, with CVSS v2 base score 4.0 (Medium) and no remote/external access required. The vulnerability is categorized as a ZFS- related issue, affec...

4CVSS5.9AI score0.00331EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2009/10/02 7:0 p.m.25 views

CVE-2009-3540

Cross-site scripting XSS vulnerability in listads.php in YourFreeWorld Ultra Classifieds Pro allows remote attackers to inject arbitrary web script or HTML via the cn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.00845EPSS
Exploits0References2
CVE
CVE
added 2009/10/02 7:0 p.m.42 views

CVE-2009-3540

The CVE corresponds to a cross-site scripting (XSS) vulnerability in listads.php of YourFreeWorld Ultra Classifieds Pro, exploitable via the cn parameter to inject arbitrary script/HTML. The description notes remote exploit with no confirmed proof-of-exploit elsewhere in the provided documents. N...

4.3CVSS5.6AI score0.00845EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2008/09/15 12:0 a.m.36 views

[security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01539423 Version: 1 HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access NOTICE: The information in this Security Bulletin should be...

0.4AI score
Exploits0
CVE
CVE
added 2007/07/03 8:0 p.m.38 views

CVE-2007-3540

CVE-2007-3540 describes multiple XSS vulnerabilities in rwAuction Pro 4.0/5.0. The flaw is in the search.asp page, exploitable via input parameters including search , show , searchtype , catid , and searchtxt . An attacker could inject arbitrary script/HTML through these inputs, with impact limit...

4.3CVSS5.7AI score0.01065EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/07/13 12:0 a.m.41 views

CVE-2006-3540

CVE-2006-3540 affects Check Point Zone Labs ZoneAlarm Internet Security Suite (examples: 6.5.722.000, 6.1.737.000). The issue arises from improper validation of RegSaveKey, RegRestoreKey, and RegDeleteKey calls when targeting the registry path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\...

4.9CVSS6.7AI score0.00603EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2006/01/09 6:0 p.m.52 views

CVE-2005-3540

CVE-2005-3540 affects petris prior to version 1.0.1. Debian security advisories (DSA-929-1, DSA-929-1) describe a buffer overflow that may allow remote code execution with group games privileges, fixed in Petris 1.0.1-4sarge0 and released updates for stable/unstable suites. OSV and Debian tracker...

7.5CVSS7.8AI score0.03238EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder