Shopify: change Login Services settings without owner access

Hi in settings - account owner can set login service for staff members! this is only available for owners, and full access admins can't see or change this values! admin with setting access can send a "POST" request to shop.json and change this settings! steps: - get access token for one full acce...

HP Virtual Connect Enterprise Manager Information Disclosure Vulnerability

HP VCEM allows centralized management of network connectivity and load distribution for HP BladeSystem servers, etc. A security vulnerability exists in HP Matrix Operating Environment versions prior to 7.5.0 and other products prior to HP VCEM SDK 7.5.0. It could be exploited by an authenticated...

HP Matrix Operating Environment Systems Insight Manager Information Disclosure Vulnerability (CNVD-2015-05704)

HP Matrix Operating Environment is a set of cloud management software designed for infrastructure services from Hewlett-Packard HP in the U.S. HP Systems Insight Manager SIM is a set of management software for HP servers and storage devices. The software provides multi-system management, fault...

CVE-2015-5368

CVE-2015-5368 concerns the HP lt4112 LTE/HSPA+ Gobi 4G module. The HP HP EliteBook/ElitePad/Elite/ProBook/Spectre/ZBook and mt41 Thin Client lines with firmware older than 12.500.00.15.1803 are vulnerable. The description states remote attackers could modify data, cause a denial of service, or ex...

CVE-2015-5432

HP Virtual Connect Enterprise Manager VCEM SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors...

Design/Logic Flaw

HP Systems Insight Manager SIM before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors...

Design/Logic Flaw

HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

Design/Logic Flaw

HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5428...

CVE-2015-5429

HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5428...

CVE-2015-5428

HP Matrix Operating Environment before 7.5.0 is affected by multiple vulnerabilities that could allow remote attackers to obtain sensitive information or modify data. The HP Security Bulletin HPSBMU03409 rev.1 lists impacted components (SIM, SMH, VCA, VCRM, Insight Orchestration) and states that ...

CVE-2015-5432

CVE-2015-5432 affects the HP Virtual Connect Enterprise Manager SDK prior to version 7.5.0 (used with HP Matrix Operating Environment before 7.5.0). Root cause: vulnerable SDK components enabling remote attackers to obtain sensitive information or modify data via unspecified vectors. Impact per s...

CVE-2015-5404

CVE-2015-5404 affects HP Systems Insight Manager (SIM) before 7.5.0, used in HP Matrix Operating Environment before 7.5.0. An attacker could remotely obtain sensitive information or modify data via unspecified vectors. HP issued remediation in the HP Matrix Operating Environment 7.5.0 release and...

HP Matrix Operating Environment Information Disclosure Vulnerability (CNVD-2015-05709)

HP Matrix Operating Environment is a suite of cloud management software designed for infrastructure services from Hewlett-Packard HP. A security vulnerability exists in HP Matrix Operating Environment versions prior to 7.5.0. A remote attacker could exploit the vulnerability to obtain sensitive...

HP Matrix Operating Environment Information Disclosure Vulnerability (CNVD-2015-05711)

HP Matrix Operating Environment is a suite of cloud management software designed for infrastructure services from Hewlett-Packard HP. A security vulnerability exists in HP Matrix Operating Environment versions prior to 7.5.0. A remote attacker could exploit the vulnerability to obtain sensitive...

HP Version Control Repository Manager Buffer Overflow Vulnerability

HP Version Control Repository Manager is a set of version control repository management products from Hewlett-Packard HP. A buffer overflow vulnerability exists in HP Version Control Repository Manager versions prior to 7.5.0. This could allow an authenticated remote user to modify data via...

Android Dolphin Browser remote code execution-vulnerability warning-the black bar safety net

The attacker has the ability to by Android the Dolphin Browser to control the user's network communication data, you can modify the download and application browser new theme function. By using this function, an attacker can write arbitrary files, these files will be in the user device browser...

Cisco Unified Web Interaction Manager Web Interface Security Restriction Bypass Vulnerability

Cisco Unified Web Interaction Manager is a WEB interaction manager. An input validation vulnerability in Cisco Unified Web Interaction Manager WEBjiekou could be exploited by a remote attacker to submit a special request to view, modify, or delete data stored on the target system...

CVE-2015-3750

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security HSTS protection mechanism for Content Security Policy CSP report requests, which allows man-in-the-middle attackers to...

Cisco Unified Interaction Manager Web Interface Authorization Bypass Vulnerability

A vulnerability in the Cisco Unified Interaction Manager web interface could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to insufficient validation of user-supplied data against the application authorization contr...

Multiple SQL Injection Vulnerabilities in Cacti

Cacti is a set of open source network traffic monitoring and analysis tools. Cacti suffers from multiple SQL injection vulnerabilities. Due to the program's failure to properly filter user-supplied input before using it in a SQL query. Allowing an attacker to compromise the application, access or...