DLL Hijacking Vulnerability in INVT Studio

INVT Studio is a configuration software used to configure and monitor INVT drives. A DLL hijacking vulnerability exists in INVT Studio due to a failure to specify an absolute path for a DLL contained in an INVT Studio application, which allows an attacker to build a malicious application, place i...

Cisco Unified Communications Domain Manager Remote Code Execution Vulnerability

A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. The vulnerability is due to insecure key generation during application configuration. An attacker...

Inedo Otter Directory Traversal Vulnerability

Inedo Otter is a set of server monitoring and configuration software from Inedo, USA. The software displays the configuration status of the target server by providing a dynamic, visual interface. A directory traversal vulnerability exists in the file system's rafts in versions of Inedo Otter prio...

CVE-2017-14020

CVE-2017-14020 affects AutomationDirect products including CLICK Programming Software (C0-PGMSW) <= v2.10, C-More Programming Software (EA9-PGMSW) <= v6.30, C-More Micro (EA-PGMSW) <= v4.20.01.0, Do-more Designer (DM-PGMSW) <= v2.0.3, GS Drives (GSOFT) <= v4.0.6, SL-SOFT SOLO (SL-S...

Remote Denial of Service Vulnerability in GE Configuration Software iFIX V5.8

GE Proficy HMI/SCADA-iFIX configuration software is used for process visualization, data acquisition, analysis, and monitoring of operations. The software utilizes a SCADA engine with multiple connectivity options and an open, highly scalable distributed network model. A remote denial of service...

XSS in admin/ViewIssueFields.jspa

Reproduction: 1. Create custom fields with alert1 in name and/or description. 2. Go to 'Field Configurations' 3. Click 'Add Field Configuration', enter any text in 'Name' 4. Hit okay and wait for the page to refresh 5. Choose the config you just made - XSSed...

CVE-2013-2310

SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile...

CVE-2013-2310

SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile...

CVE-2013-2310

CVE-2013-2310 affects SoftBank Wi‑Fi Spot Configuration Software used on SoftBank devices (SHARP, Panasonic, NEC, Samsung 3G handsets; SoftBank mobile routers; Disney Mobile and WILLCOM Android devices). The vulnerability is in the connection process to Wi‑Fi access points where, due to improper ...