PT-2022-5708 · Symantec · Symantec Endpoint Protection

Name of the Vulnerable Software and Affected Versions: Symantec Endpoint Protection Windows versions prior to 14.3 RU6/14.3 RU5 Patch 1 Description: The issue is related to a Security Control Bypass, which can potentially allow a threat actor to circumvent existing security controls. This...

Oracle MySQL Server 输入验证错误漏洞

Oracle MySQL Server is a relational database from Oracle Corporation USA. An input validation error vulnerability exists in MySQL Server. The vulnerability is caused due to incorrect input validation of the MySQL client C API component. A remotely authenticated user can exploit this vulnerability...

How to land on the Favourites view under Apps on StoreFront 1912?

To set the default landing page to 'Favourites' under the apps tab in 1912. By default, the landing page is 'Home'. The below script would help in achieving the same: Step 1: In the Storefront console, navigate to 'Manage Receiver for Web Sites' Step 2: Click configure and browse to 'Client...

CVE-2020-17470

An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs they are always set to 1 in fnetdnspoll in fnetdns.c. This significantly simplifies DNS cache poisoning attacks...

mysql: C API unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

The vulnerability of the C API component of the MySQL Database Management System client, which allows a hacker to trigger a service failure.

The vulnerability of the C API component of the MySQL Database Management System client exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL Protocol network protocol...

mysql: C API unspecified vulnerability (CPU Jan 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client...

mysql: C API unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

mysql: C API unspecified vulnerability (CPU Jan 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

CVE-2020-7255

CVE-2020-7255 is a local privilege-escalation vulnerability in the administrative UI of McAfee Endpoint Security (ENS) for Windows , affected in versions prior to 10.7.0 February 2020 Update . The issue arises because ENS does not properly check user permissions when editing configuration via the...

The vulnerability of the C API component of the MySQL Database Management System client, which allows a hacker to trigger a service failure.

The vulnerability of the C API component of the MySQL Database Management System client is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL Protocol network protocol...

Input validation

ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface...

CVE-2012-2087

ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface...

mysql: C API unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

mysql: C API unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

CVE-2017-12346

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

CVE-2017-12343

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

Cross site scripting

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

CVE-2017-12345

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

Cross site scripting

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...