82 matches found
GSD-2022-1004240 powerpc/prom_init: Fix kernel config grep
powerpc/prominit: Fix kernel config grep This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.10 by commit...
CVE-2021-42562
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users...
CVE-2021-38532
NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings...
CVE-2020-8789
Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration...
CVE-2019-17558
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...
ASUS RT-N10+ 2.0.3.4 CSRF / XSS / Command Execution
Exploit Title: XSS And CSRF to RCE in ASUS RT-N10 Repeater Mode Date: 13/10/2019 Exploit Author: Matheus Vrech Vendor Homepage: https://www.asus.com/ Version: ASUS RT-N10+, Firmware: 2.0.3.4 Tested on: Archlinux, Windows 10 XSS: when someone change router to repeater mode you should be able to...
Solare Datensysteme Solar-Log Devices 2.8.4-56/3.5.2-85 - Multiple Vulnerabilities
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log 250/300/500/800e/1000/1000 PM+/1200/2000 vulnerable version: Firmware 2.8.4-56 / 3.5.2-85 fixed...
PIXORD Vehicle 3G Wi-Fi Router Command Injection / Information Disclosure
Exploit Title: Vehicle 3G Wi-Fi Router - PIXORD - Multiple Vulnerabilities Date: May 01, 2015 No response from Vendor till date Discovered by: Karn Ganeshen Vendor Homepage: http://www.pixord.com/en/productsshow.php?show=17 Version: Model Name :3GR-431P Software Version :RTA-A00102 Wireless Drive...
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
Exploit Title: Vehicle 3G Wi-Fi Router - PIXORD - Multiple Vulnerabilities Date: May 01, 2015 No response from Vendor till date Discovered by: Karn Ganeshen Vendor Homepage: http://www.pixord.com/en/productsshow.php?show=17 Version: Model Name :3GR-431P Software Version :RTA-A00102 Wireless Drive...
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities Exploit Title: Vehicle 3G Wi-Fi Router - PIXORD - Multiple Vulnerabilities Date: May 01, 2015 No response from Vendor till date Discovered by: Karn Ganeshen Vendor Homepage: http://www.pixord.com/en/productsshow.php?show=17 Versio...
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits Exploit Title: Vehicle 3G Wi-Fi Router - PIXORD - Multiple Vulnerabilities Date: May 01, 2015 No response from Vendor till date Discovered by: Karn Ganeshen Vendor Homepage: http://www.pixord.com/en/productsshow.php?show=17 Version: Model...
SAP multiple security vulnerabilities
Multiple hardcoded credentials, unauthorized configuration access...
Low: Red Hat Bug Fix Advisory: htdig bug fix update
An updated htdig package that fix various bugs is now available. The htdig system is a complete world wide web indexing and searching system for a small domain or intranet. This system is not meant to replace the need for powerful internet-wide search systems like Lycos, Infoseek, Webcrawler and...
SSH over Non Standard Ports (CVE-2001-0361)
...
Debian DSA-502-1 : exim-tls - buffer overflow
Georgi Guninski discovered two stack-based buffer overflows in exim and exim-tls. They cannot be exploited with the default configuration from the Debian system, though. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : -...
Oracle 9iAS SOAP Default Configuration Unauthenticated Application Deployment
Binary data 1593.prm...
CVE-2002-0511
The default configuration of Name Service Cache Daemon nscd in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead of consulting the authoritative DNS server for the A record, which could make it easier for remote attackers to bypass applications that restrict access based on host nam...
AT&T WinVNC allows user access to passwords and configuration via weak registry permissions
Overview The default installation of WinVNC on certain Microsoft Windows systems permits unauthenticated access to the WinVNC service. Description AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be available on the desktop of a remote...
Tektronix (Xerox) PhaserLink 850 Webserver Vulnerability (NEW)
Summary - New Tektronix Xerox printers have covered up a security through obscurity flaw discovered in November, 1999 with more security through obscurity. The unauthenticated and unfiltered administrator configuration page on the PhaserLink webserver is now located at the URL...
CVE-2000-0184
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords...