60 matches found
Cisco UCS Director Cloupia Script Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE', 'Description' = %q This module exploits an authentication bypass and directory traversals in Cisco UCS...
Information disclosure
cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature SEC-540...
Debian DLA-540-1 : qemu security update
Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2016-3710 Wei Xiao and Qinghao Tang of 360.cn Inc discovered an out-of-bounds read and write flaw in the QEMU VGA module. A privileged guest user could use this flaw to execute arbitrary code on the host with the...
Amazon Linux: Security Advisory (ALAS-2015-540)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : libjpeg-turbo (ALAS-2015-540)
A flaw in libjpeg-turbo was reported that could lead to a local denial of service when processing a specially crafted JPEG issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2015-540...
F5 Networks BIG-IP : SSH vulnerability (K13600)
A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using secure shell SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect. The following platforms a...
CVE-2012-0364
Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495...
CVE-2012-0363
The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...
CVE-2012-0364
Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495...
CVE-2012-0363
The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...
CVE-2012-0363
Cisco SRP 500 Series Web Interface Command Injection (CVE-2012-0363) affects Cisco SRP 520/540 series devices with specific pre-update firmware. An authenticated user could cause the device to execute arbitrary OS commands via the web interface (command injection) as described in CSCtt46871. Affe...
CVE-2012-0364
CVE-2012-0364 affects Cisco Small Business SRP 500 Series devices (SRP 520/520W-U/540) with firmware older than 1.1.26 or 1.2.4, where an unauthenticated remote attacker could upload a configuration file via an unspecified URL, potentially replacing device configurations. The Cisco Security Advis...
CVE-2012-0365
Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified...
Ubuntu: Security Advisory (USN-540-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : flac vulnerability (USN-540-1)
Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. Note that Tenable Network...
Design/Logic Flaw
The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...
CVE-2007-3348
The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...
CVE-2007-3348
The CVE-2007-3348 entry concerns D-Link DPH-540/DPH-541 phones. Affected component: the SIP handling code where a malformed SDP header in a SIP INVITE can be used by remote attackers to trigger a device denial of service. This is described in NVD/CVE records with a CVSS v2 base score of 7.8 (HIGH...
CVE-2007-3347
The CVE-2007-3347 entry concerns the D-Link DPH-540/DPH-541 SIP phones. The issue is that these phones accept SIP INVITE messages that originate outside the Call Server’s IP, enabling remote attackers to initiate arbitrary SIP communication with the device. A demonstrated effect is communication ...
CVE-2007-3348
The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service device outage via a malformed SDP header in a SIP INVITE message...