CVE-2014-2722

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH...

Brother Industries HL-L8360CDW Information Disclosure Vulnerability

The Brother Industries HL-L8360CDW is a multifunction printer from Brother Industries of Japan. An information disclosure vulnerability exists in the Brother Industries HL-L8360CDW v1.20, which arises from a configuration or other error in the operation of a networked system or product, and can b...

The vulnerability of the TLS protocol implementation in the Dovecot mail server, related to resource exhaustion, allows attackers to cause service failures.

The vulnerability of the Dovecot mail server’s TLS protocol implementation is related to a configuration error. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2013-1634

A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup...

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

A non-password protected cloud database containing hundreds of millions of customer records and internal logs for cosmetic giant Estée Lauder has been found exposed online, according to researchers. In all, 440,336,852 individual data pieces were exposed, according to researcher Jeremiah Fowler a...

Cisco Application Policy Infrastructure Controller Out Of Band Management IP Tables Bypass Vulnerability

A vulnerability in the out of band OOB management interface IP table rule programming for Cisco Application Policy Infrastructure Controller APIC could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. These IP ports would be permitted to the OOB...

Gallagher Command Centre Information Disclosure Vulnerability

Gallagher Command Centre is the central management tool for the Gallagher Access Control System. An information disclosure vulnerability exists in Gallagher Command Center versions 7.x prior to 7.90.991 MR5, 8.00 prior to 8.00.1161 MR5, and 8.10 prior to 8.10.1134 MR4. The vulnerability stems fro...

Network Time Protocol Information Disclosure Vulnerability

Network Time Protocol NTP, Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. An information disclosure vulnerability exists in NTP version 4.2.7p25. The vulnerability arises from a configuration error in the operation of the network...

OpenStack Nova Information Disclosure Vulnerability (CNVD-2019-44961)

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration and Rackspace, Inc. in the U.S. OpenStack Nova is one of the cloud computing construct controllers written in Python. It is part of the IaaS system. An information disclosure...

Pegasystem PEGA Platform Information Disclosure Vulnerability (CNVD-2019-45126)

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications for BPM Business Process Management, Case Management, Real Time Decision Making and CRM Customer Relationship Management. An information disclosure vulnerabili...

Schneider Electric M340 Communication Modules Information Disclosure Vulnerability

The Schneider Electric M340 communication module is a communication module from Schneider Electric, France. An information disclosure vulnerability exists in multiple Schneider Electric products. The vulnerability arises from a configuration or other error in the operation of a networked system o...

WordPress W3 Total Cache Information Disclosure Vulnerability

W3 Total Cache is a website caching plugin. An information disclosure vulnerability exists in WordPress W3 Total Cache. The vulnerability stems from a configuration or other error in the operation of a networked system or product. An attacker can exploit this vulnerability to obtain sensitive...

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

CVE-2019-3428

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...

CVE-2019-3428

CVE-2019-3428 affects ZTE ZXCDN IAMWEB v6.01.03.01. The issue is a configuration error that allows an attacker to directly access the management portal over HTTP, resulting in users’ information leakage. The available documents consistently describe a misconfiguration leading to exposure of manag...

Error: No Product Licenses Found on the License Server for the Selected Model

When configuring XenApp 6.5, the following error message is displayed: “No product licenses found on the license server for the selected model”...

Cryptocat Information Disclosure Vulnerability (CNVD-2019-40496)

Cryptocat is an open source web-based online chat software developed by Canadian software developer Nadim Kobeissi. The software supports encryption of communications. An information disclosure vulnerability exists in Cryptocat versions prior to 2.0.42. The vulnerability exists due to a...

The vulnerability of the multi-connection mode of the Microprogrammable Network Interface Device Firepower Threat Defense (FTD) allows a attacker to exit the container for their own instance of FTD and execute arbitrary commands with root privileges.

The vulnerability of the multi-connection mode of the Firepower Threat Defense FTD software relates to security configuration errors. Exploiting this vulnerability allows an attacker to execute arbitrary commands with root privileges from within the FTD instance...

The vulnerability of the ufw network firewall utility in the Astra Linux operating system, which allows a hacker to trigger a service failure under a configured policy-based integrity control for the file system.

The vulnerability of the ufw network firewall utility in the Astra Linux operating system is related to a configuration error that causes the utility to terminate abnormally when attempting to enable the ufw network firewall. Exploiting this vulnerability could allow an attacker to trigger a...

Google Android Touch Driver Information Disclosure Vulnerability (CNVD-2019-34472)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA, and Touch driver is one of the touch drivers. The Touch driver component in Android has an information disclosure vulnerability that originates from a configuration error in a networked system or...