Sql injection

EMC AppSync all versions prior to 3.5 contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system...

Design/Logic Flaw

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state...

Remote code execution

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system...

CVE-2017-4982

EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system...

CVE-2016-8211

EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the...

CVE-2017-2766

EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise th...

CVE-2016-8215

EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Reflected Cross-Site Scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system...

Linux Privilege Escalation: RootHelper

Linux Privilege Escalation: Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggester...

Microsoft 'Accidentally' pushed 'Test patch' Update to All Windows 7 Users

A highly mysterious update that was pushed out to Windows machines globally was the result of a test that was not correctly implemented. Yes, Microsoft accidentally released a test patch KB3877432 to consumer machines running Windows 7, making users believe that the Windows Update service got...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3009710)

This host is missing an important security update according to Microsoft Bulletin MS14-069. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Oracle MySQL Server <= 5.5.38 / 5.6 <= 5.6.19 Security Update (cpuoct2014) - Windows

Oracle MySQL Server is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MySQL 3.23.x mysqld Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7052/info A vulnerability has been discovered for MySQL that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line...

ToendaCMS 0.x/1.0.x TCMS_Administer Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19626/info ToendaCMS is prone a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PH...

WSMP3 0.0.x Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7645/info A vulnerability has been reported in WsMp3. The problem occurs due to insufficient sanitization of HTTP POST requests. As a result, an attacker may be capable of executing arbitrary files on a target system. Thi...

EA Games Site Hacked to Steal Apple IDs

Hackers were able to compromise a server belonging to Electronic Arts Games this week and rig one of its websites to resemble an Apple log-in page to dole out phishing attacks. U.K.-based security firm Netcraft discovered the hacked site on Tuesday and informed EA, which blocked it on Wednesday...

Passwords, Email, Usernames Accessed in Ubisoft Hack

The video game publishing company Ubisoft is urging its users to create new passwords after announcing late last week on a support forum that attackers exploited a vulnerability in one of the company’s websites to gain unauthorized access to some of their online systems. The attackers compromised...

Bind Shell Backdoor Detection

A shell is listening on the remote port without any authentication being required. An attacker may use it by connecting to the remote port and sending commands directly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

openMairie openCourrier Multiple File Inclusion Vulnerabilities

openMairie openCourrier is prone to multiple file inclusion vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

Amiro.CMS &lt;= 5.4.0.0 folder disclosure

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-005 Amiro.CMS root folder disclosure Objective: Amiro CMS = 5.4.0.0 Type: Disclosure of ways Threat: Medium Date Discovered: 01.07.2009 Date of...

FreeBSD : typo3 -- multiple vulnerabilities (653606e9-f6ac-11dd-94d9-0030843d3802)

Secunia reports : Some vulnerabilities have been reported in Typo3, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and session fixation attacks, and compromise a vulnerable system. The 'Install tool' system extension uses...