57 matches found
RedHat Update for firefox RHSA-2017:2456-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox < 55 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 55. It is, therefore, affected by multiple vulnerabilities, some of which allow code execution and potentially exploitable application crashes. C Tenable Network Security, Inc. include'compat.inc'; if...
Mozilla Firefox ESR < 52.3 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.3. It is, therefore, affected by multiple vulnerabilities, some of which allow code execution and potentially exploitable crashes. C Tenable Network Security, Inc. include'compat.inc'; if description...
Oracle golden gate critical vulnerability analysis-vulnerability warning-the black bar safety net
In this article, we will once again prove over-reliance on automation tool will allow people to ignore off a lot of potential danger, at the same time, we will also discuss some of the relevant Oracle Golden Gate technical level of the important weaknesses vulnerability, and to show you yet anoth...
CVE-2016-7809
Cross-site request forgery CSRF vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended operations via unspecified vectors...
Oracle GoldenGate File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GoldenGate. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GoldenGate mgr process, which listens on TCP port 7809. By default, the process...
Oracle GoldenGate Veridata File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GoldenGate. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GoldenGate mgr process, which listens on TCP port 7809. By default, the process...
Oracle GoldenGate Denial of Service Vulnerability
This vulnerability allows remote attackers to cause a denial condition on vulnerable installations of Oracle GoldenGate. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GoldenGate mgr process, which listens on TCP port 7809. By default, this proce...
CVE-2015-7809
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the self variable in a template...
CVE-2015-7809
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the self variable in a template...
CVE-2015-7809
CVE-2015-7809 affects the Twig templating engine (Sensio Labs Twig) prior to version 1.20.0. When Sandbox mode is enabled, the displayBlock function in Template.php allows remote code execution via the _self variable in templates. Several connected advisories confirm the issue as a remote code ex...
CVE-2015-7809
Removed by vendor...
CVE-2015-7809
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the self variable in a template...
FreeBSD : pear-twig -- remote code execution (705b759c-7293-11e5-a371-14dae9d210b8)
Fabien Potencier reports : End users can craft valid Twig code that allows them to execute arbitrary code RCEs via the self variable, which is always available, even in sandboxed templates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
CVE-2014-7809
CVE-2014-7809 affects Apache Struts 2.0.0–2.3.x with predictable values, enabling remote CSRF bypass. Connected IBM advisories confirm impact on IBM FlashSystem 840/V840-AC0/AC1 nodes and IBM SAN Storwize, IBM Sterling Order Management, Call Center, and related products where Struts is used as p...
Apache Struts 2 Multiple Vulnerabilities (S2-023) (S2-025)
The remote web server is using a version of Struts 2 that is affected by multiple vulnerabilities : - A cross-site request forgery vulnerability exists due to the token generator failing to adequately randomize the token values. An attacker can exploit this issue by extracting a token from a form...
SuSE 11.2 Security Update : xorg-x11-libXrender (SAT Patch Number 7809)
This update of xorg-x11-libXrender fixes several integer overflow issues. bnc815451, bnc821669, CVE-2013-1987 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C...