101 matches found
CVE-2017-5693
The CVE-2017-5693 issue affects Intel Puma 5, 6 and 7 Series firmware. A network attacker can cause a denial of service via crafted network traffic due to resource depletion or timeouts. CVSSv3 base score 7.5 (HIGH). Public details in the provided documents describe the vulnerability and impact b...
CVE-2018-5693
The CVE affects LinuxMagic MagicSpam extension for Plesk, versions before 2.0.14-1. Local attackers can disclose mailbox names by reading /var/log/magicspam/mslog, enabling information disclosure on the host. Remediation: upgrade to 2.0.14-1 or newer (as indicated by the vulnerability description).
MagicSpam 2.0.13 - Insecure File Permission Vulnerability
Document Title: =============== MagicSpam 2.0.13 - Insecure File Permission Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2113 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5693 CVE-ID: ======= CVE-2018-5693 Release Date:...
CVE-2006-5693
...
CVE-2006-5693
CVE-2006-5693 entry is rejected and not associated with an active vulnerability.
CVE-2015-5693
Symantec Web Gateway (SWG) appliances running before 5.2.2 with database 5.0.0.1277 are affected by CVE-2015-5693 (Traffic Capture EoP). The vulnerability is tied to the hostname/configuration processing path that allows an authenticated, remote attacker to inject commands executed with root priv...
X2Engine < 3.5.1 Multiple Vulnerabilities
According to its version number, the X2Engine application installed on the remote web server is prior to version 3.5.1. It is, therefore, potentially affected by multiple vulnerabilities : - A PHP file inclusion vulnerability exists due to insufficient sanitization of the 'file' HTTP GET paramete...
CVE-2014-5693
The Slots Vacation - FREE Slots (Android, package com.scopely.slotsvacation) is affected by CVE-2014-5693: app version 1.47.2 does not verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. Root cause is mis...
X2CRM 3.4.1 - Multiple Vulnerabilities
No description provided by source. Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure:...
Multiple Vulnerabilities in X2CRM
Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...
CVE-2013-5693
CVE-2013-5693 affects X2Engine X2CRM
X2CRM 3.4.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September...
X2CRM 3.4.1 - Multiple Vulnerabilities
X2CRM 3.4.1 - Multiple Vulnerabilities Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure:...
X2CRM 3.4.1 Cross Site Scripting / Local File Inclusion
Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...
X2CRM 3.4.1 - Multiple Vulnerabilities
Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...
SuSE 10 Security Update : strongswan (ZYPP Patch Number 5693)
This update of strongswan fixes a denial of service problem that occurs while parsing a IKESAINIT message dursing key exchange. This allows an remote attacker to crash the daemon. CVE-2008-4551 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell,...
CVE-2008-5693
CVE-2008-5693 affects Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier (and possibly other Ipswitch products). The vulnerability permits remote attackers to read contents of custom ASP files in WSFTPSVR/ by issuing a request with an appended dot. Documents show an impact to confidentiality (par...
GLSA-200711-05 : SiteBar: Multiple issues
"The remote host is affected by the vulnerability described in GLSA-200711-05 SiteBar: Multiple issues Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the 'dir' parameter CVE-2007-5491, CVE-2007-5694 %NASLMINLEVEL 70300 C Tenable Network...
SiteBar: Multiple issues
Background SiteBar is a PHP application that allows users to store their bookmarks on a web server. Description Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the "dir" parameter CVE-2007-5491, CVE-2007-5694; the translation module also...
CVE-2007-5693
SiteBar 3.3.8 contains an eval-injection vulnerability in the translation module (translator.php) that allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action (CVE-2007-5693). Evidence across multiple advisories (Debian DSA-1423-1, GLSA, and OSS...