4647 matches found
CVE-2016-2295
Moxa MiiNePortE14641 devices with firmware 1.1.10 Build 09120714, MiiNePortE17080 devices with firmware 1.1.10 Build 09120714, MiiNePortE21242 devices with firmware 1.1 Build 10080614, MiiNePortE24561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build...
CVE-2016-2295
Moxa MiiNePortE14641 devices with firmware 1.1.10 Build 09120714, MiiNePortE17080 devices with firmware 1.1.10 Build 09120714, MiiNePortE21242 devices with firmware 1.1 Build 10080614, MiiNePortE24561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build...
CVE-2016-0876
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file...
CVE-2016-0876
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file...
Authorization
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file...
CVE-2016-2295
The CVE-2016-2295 issue affects Moxa MiiNePort devices (E1_E1_7080, E1_4641, E2_1242, E2_4561, and E3) with listed firmware builds, where cleartext configuration data is stored. Reading the configuration file remotely can disclose sensitive information. According to ICS-CERT, this includes potent...
CVE-2016-0876
CVE-2016-0876 affects Moxa EDR-G903 Secure Router (versions prior to 3.4.12). The vulnerability stems from plaintext storage of passwords in configuration files, enabling remote attackers to read cleartext passwords. Impact is remote exposure of credentials; CVSS v3 base score 7.5 (HIGH). Mitigat...
CVE-2016-2295
Moxa MiiNePortE14641 devices with firmware 1.1.10 Build 09120714, MiiNePortE17080 devices with firmware 1.1.10 Build 09120714, MiiNePortE21242 devices with firmware 1.1 Build 10080614, MiiNePortE24561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build...
MGASA-2016-0199 Updated wpa_supplicant packages fix security vulnerabilities
Updated wpasuppliant packages fix security vulnerabilities: A vulnerability was found in how wpasupplicant writes the configuration file update for the WPA/WPA2 passphrase parameter. If this parameter has been updated to include control characters either through a WPS operation CVE-2016-4476 or...
Updated wpa_supplicant packages fix security vulnerabilities
Updated wpasuppliant packages fix security vulnerabilities: A vulnerability was found in how wpasupplicant writes the configuration file update for the WPA/WPA2 passphrase parameter. If this parameter has been updated to include control characters either through a WPS operation CVE-2016-4476 or...
Moxa EDR-G903 Information Disclosure Vulnerability (CNVD-2016-03388)
The Moxa EDR-G903 is an all-in-one firewall/VPN security router product. A security vulnerability exists in the Moxa EDR-G903 that allows remote attackers to submit special URIs to obtain configuration file and log file information...
Fusion K2 Wireless Router Override Read Configuration File Vulnerability
The Fusion K2 Wireless Router is a wireless router for home use. The Fusion K2 Wireless Router is vulnerable to an override read configuration file vulnerability. Since Fusion K2 can read the configuration file which contains the password of the logged-in device without logging in, it can illegal...
Moderate: Red Hat Security Advisory: openshift security update
Updated openshift packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.1. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Linux Vulnerability Scanner: Vuls
Vulnerability scanner for Linux, agentless, written in golang For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to choose not to use...
CVE-2016-0871
Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request...
CVE-2016-0871
Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request...
CVE-2016-0871
Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request...
CVE-2016-0871
The CVE-2016-0871 issue affects Eaton Lighting EG2 Web Control (V4.04P and prior). Root causes include CWE-565: Reliance on Cookies without Validation, and CWE-312: Cleartext Storage of Sensitive Information. A remote attacker could read configuration files and view credentials via a direct reque...
CVE-2016-0830
CVE-2016-0830 affects Android 6.x Bluetooth; btif_config.c handling of configuration entries can cause memory corruption and a persistent daemon crash when many entries are triggered, leading to remote DoS. The issue is tied to internal bug 26071376. Remediation is upgrading to patch level March ...
SAP Download Manager 2.1.142 Weak Encryption
Advisory Information Title: SAP Download Manager Password Weak Encryption Advisory ID: CORE-2016-0004 Advisory URL: http://www.coresecurity.com/advisories/sap-download-manager-password-weak-encryption Date published: 2016-03-08 Date of last update: 2016-03-07 Vendors contacted: SAP Release mode:...