51 matches found
Seagate Personal Cloud Multiple Vulnerabilities(CVE-2018-5347)
Vulnerabilities summary The following advisory describes two 2 unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is “the easiest way to store, organize, stream and share all your music, movies, photos, and important documents.” Credit An independent...
CVE-2018-5347
The CVE-2018-5347 entry concerns Seagate Personal Cloud’s Seagate Media Server. The vulnerability affects the .psp URL handling in the Django-based web application (views.py: uploadTelemetry and getLogs) where unsanitized GET parameters are passed to system commands, enabling unauthenticated comm...
CVE-2016-5347
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver...
CVE-2016-5347
CVE-2016-5347 describes an information-disclosure vulnerability in Qualcomm components, specifically in the CAF Android/Linux kernel audio driver. The issue allows leakage of kernel stack data to userspace via the audio driver, affecting Qualcomm-based Android devices using CAF-released kernels. ...
CVE-2013-5347
This CVE entry is rejected/not used and does not represent an active vulnerability.
CVE-2017-5347
GeniXCMS 0.0.8 contains an SQL injection in inc/mod/newsletter/options.php. The vulnerability allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php. Affected component/file: inc/mod/newsletter/options.php; entry point: gxadmi...
Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Creds / Remote Access
i? Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Credentials Remote Shell Access Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/irisaccesssystem/irisaccess4000/ http://www.irisid.com/productssolutions/hardwareproducts/icam4000series/...
CVE-2015-5347
Cross-site scripting XSS vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web script or HTML via a...
CVE-2015-5347
Apache Wicket is affected by an XSS in the getWindowOpenJavaScript function within ModalWindow (org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow). The vulnerability allows a remote attacker to inject arbitrary script/HTML through the ModalWindow title. Affected versions are 1.5.x p...
CVE-2014-5347
Disqus Comment System plugin for WordPress (versions before 2.76) is affected by CSRF vulnerabilities that can allow an attacker to hijack an administrator’s authenticated session and trigger XSS via parameters to wp-admin/edit-comments.php (disqus_replace, disqus_public_key, disqus_secret_key) o...
CVE-2012-5347
TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code via shell metacharacters in the command parameter to 1 inc/filefunctions.inc or 2 info.php...
CVE-2012-5347
The CVE-2012-5347 entry concerns TinyWebGallery 1.8.3, where remote attackers can execute arbitrary code by supplying shell metacharacters in the command parameter to (1) inc/filefunctions.inc or (2) info.php. The vulnerability constitutes a command-injection flaw that can be triggered over the n...
VMSA-2009-0014 : VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
a. Service Console update for DHCP and third-party library update for DHCP client. DHCP is an Internet-standard protocol by which a computer can be connected to a local network, ask to be given configuration information, and receive from a server enough information to configure itself as a member...
SLES9: Security update for Sun Java
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: java2 java2-jre For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5040565 within...
SuSE 10 Security Update : Sun Java 1.4.2 (ZYPP Patch Number 5852)
The version update to SUN Java 1.4.2sr19 fixes numerous security issues such as privilege escalations. CVE-2008-5360 / CVE-2008-5359 / CVE-2008-5358 / CVE-2008-5357 / CVE-2008-5356 / CVE-2008-5344 / CVE-2008-5343 / CVE-2008-5342 / CVE-2008-5341 / CVE-2008-5340 / CVE-2008-5339 / CVE-2008-2086 /...
Fedora 10 : java-1.6.0-openjdk-1.6.0.0-7.b12.fc10 (2008-10913)
OpenJDK security patches applied. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...
SuSE Security Summary SUSE-SR:2009:006
The remote host is missing updates announced in advisory SUSE-SR:2009:006. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
Fedora Update for java-1.6.0-openjdk FEDORA-2008-10860
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Ubuntu USN-713-1 (openjdk-6)
The remote host is missing an update to openjdk-6 announced via advisory USN-713-1. OpenVAS Vulnerability Test $Id: ubuntu7131.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7131.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-713-1 openjdk-6 Authors: Thoma...
Ubuntu: Security Advisory (USN-713-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...