Lucene search
K

473 matches found

CISA
CISA
added 2014/08/04 12:0 a.m.9 views

Local Privilege Escalation Vulnerability in Symantec Endpoint Protection

US-CERT is aware of a local privilege escalation vulnerability in Symantec Endpoint Protection. This vulnerability affects all versions of Symantec Endpoint Protection Client 11.x and 12.x running Application and Device Control. Exploitation of this vulnerability may allow an attacker to gain ful...

7AI score
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

PostNuke 0.6x/0.7x NS-Languages Module language Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an attacker to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

123 Flash Chat 5.0 - Remote Code Injection Weakness

No description provided by source. source: http://www.securityfocus.com/bid/16360/info 123 Flash Chat is prone to an arbitrary code injection weakness. An attacker can influence the value of a variable that is insecurely passed to an 'eval' call. Successful exploitation may allow attackers to tak...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

PostNuke 0.6x/0.7x NS-Languages Module language Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an attacker to...

7.1AI score
Exploits0
CheckPoint Security
CheckPoint Security
added 2014/03/12 10:0 p.m.13 views

Check Point response to "Bypassing Application Control"

...

2.2AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/09/16 12:0 a.m.28 views

Cisco Application Control Engine Login Administrator IP Address Overlap (cisco-sa-20120620-ace)

The Cisco Application Control Engine ACE software installed on the remote Cisco IOS device is earlier than A42.3 / A51.1. It, therefore, potentially does not properly share a management IP address among multiple contexts when multicontext mode is enabled. This might allow an administrative user t...

7.1CVSS5.5AI score0.01016EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/16 12:0 a.m.36 views

Cisco Application Control Engine (ACE) Version

Cisco Application Control Engine ACE software is installed on the remote Cisco IOS or ACE device. It is a load-balancing and application-delivery solution for Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers, and it is also available as an appliance. TRUSTED...

5.4AI score
Exploits0References2
CheckPoint Security
CheckPoint Security
added 2013/05/29 9:0 p.m.10 views

Check Point response to 'SSH encapsulated in DNS traffic is not detected by Application Control'

...

2.1AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2013/01/05 12:0 a.m.64 views

Ruby on Rails Active Record组件SQL注入漏洞(CVE-2012-6496)

CVE ID:CVE-2012-6496 Ruby on Rails是一款Web应用程序框架,构建在Ruby语言之上。 Ruby on Rails Active Record组件存在一个SQL注入漏洞,允许攻击者利用"findby"方法进行SQL注入攻击,可获得敏感信息或控制应用系统。 0 Ruby on Rails 3.0.x Ruby on Rails 3.1.x Ruby on Rails 3.2.x 厂商解决方案 Ruby on Rails 3.0.18,3.1.9和3.2.10已经修复此漏洞,建议用户下载使用: http://www.ruby-lang.org...

7.5CVSS0.4AI score0.04458EPSS
Exploits2
CheckPoint Security
CheckPoint Security
added 2013/01/01 10:0 p.m.11 views

Anti-Virus / Anti-Bot / Application Control / URL Filtering update might fail on R75.40 / R75.40VS / R75.45 / R75.46 / E80.41

...

1.3AI score
Exploits0Affected Software6
myhack58
myhack58
added 2012/12/07 12:0 a.m.18 views

Ruijie Application Control engine of the management server can increase user-vulnerability warning-the black bar safety net

Ruijie Application Control engine of the management server, the RG-ACE series Application Control engine of the management server V3. 1. 3 6. 0 0 1, The Official Website of the connection http://www.ruijie.com.cn/service/down-search.aspx the display is the latest version according to not authorit...

0.5AI score
Exploits0
htbridge
htbridge
added 2012/11/28 12:0 a.m.38 views

Multiple SQL Injection Vulnerabilities in Elite Bulletin Board

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Elite Bulletin Board, which can be exploited to perform SQL injection attacks. 1 Multiple SQL injection vulnerabilities in Elite Bulletin Board: CVE-2012-5874 The vulnerabilities exist due to insufficient sanitation of...

7.5CVSS1.2AI score0.02514EPSS
Exploits6Affected Software1
CheckPoint Security
CheckPoint Security
added 2012/10/20 10:0 p.m.10 views

Check Point response to 'Bypassing application control SSH detection'

...

1.9AI score
Exploits0Affected Software1
NVD
NVD
added 2012/08/22 10:42 a.m.15 views

CVE-2012-4593

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command...

5CVSS6.6AI score0.00988EPSS
Exploits0References1
Prion
Prion
added 2012/08/22 10:42 a.m.15 views

Authentication flaw

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command...

5CVSS7.2AI score0.00988EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2012/08/22 10:0 a.m.23 views

CVE-2012-4593

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command...

6.6AI score0.00988EPSS
Exploits0References1
CVE
CVE
added 2012/08/22 10:0 a.m.54 views

CVE-2012-4593

McAfee Application Control and Change Control 5.1.x and 6.0.0 are affected by an authentication bypass vulnerability. The issue arises because the product does not enforce an intended password requirement in certain situations involving attributes of the password file, allowing local users to byp...

5CVSS6.8AI score0.00988EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2012/07/11 12:0 a.m.118 views

Checkpoint Abra - Vulnerabilities

Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V., Komarov A. Group-IB Summary: Check Point Abra allow...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/07/10 12:0 a.m.43 views

Checkpoint Abra - Multiple Vulnerabilities

Check Point Abra Vulnerabilities Author: Belov V., Komarov A. Group-IB, http://group-ib.ru Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Summary: Che...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2012/07/10 12:0 a.m.33 views

Check Point Abra安全限制绕过和信息泄露漏洞

BUGTRAQ ID: 54360 Check Point Abra可把一台普通PC变为受到全面保护的公司电脑。用户使用Abra,可随时随地、不论离线或在线,通过虚拟专用网(VPN)连接来访问公司电子邮件、文件和应用程序。Abra可在任何一台PC上自动运行,并且利用介质加密来保护U盘内的数据安全。 Check Point Abra在实现上存在安全限制绕过和信息泄露漏洞,成功利用后可允许攻击者获取敏感信息和绕过某些安全限制。 0 Check Point Software Abra 厂商补丁: Check Point Software --------------------...

6.9AI score
Exploits0
Rows per page
Query Builder