688 matches found
CVE-2015-4764
Technical details about CVE-2015-4764 are not publicly provided in the supplied documents; no concrete product/version/root-cause or remediation is stated. Monitor for updates.
CVE-2015-4775
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624,...
I2P - The Invisible Internet Project
I2P is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other. The network itself is strictly message based a la IP, but there is a library available to allow reliable streaming communication on top of it a la TCP. All...
CVE-2014-4632
VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...
Design/Logic Flaw
VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...
CVE-2014-4624
EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call...
Default credentials
EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store ADS GEN4S and Avamar Virtual Edition AVE, when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force atta...
CVE-2014-4624
EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call...
CVE-2014-4624
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x up to 7.0.2-43 expose MCUser and GSAN passwords via Java API calls without authentication (remote information disclosure). VMware vSphere Data Protection (VDP) 5.x also vulnerable via Java API access to retrieve credential...
CVE-2014-4623
EMC Avamar ADS GEN4(S) and Avamar Virtual Edition (AVE) versions 6.0.x, 6.1.x, and 7.0.x are affected when the Password Hardening package is installed prior to 2.0.0.4. The issue stems from using UNIX DES crypt for password hashing, enabling context-dependent attackers to recover cleartext passwo...
[SECURITY] Fedora 19 Update: python-oauth2-1.5.211-7.fc19
Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...
CVE-2013-3275
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilitie...
CVE-2013-3274
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...
Authorization
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...
CVE-2013-3274
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...
CVE-2013-3274
EMC Avamar Server and Avamar Virtual Edition before version 7.0 on Data Store Gen3, Gen4, and Gen4s hardware are affected by CVE-2013-3274 due to improper authorization checks on Java RMI calls. This potentially allows remote authenticated users to execute arbitrary code via unspecified vectors. ...
CVE-2013-3275
EMC Avamar Server and Avamar Virtual Edition prior to v7.0 on Data Store Gen3, Gen4, or Gen4s platforms are affected by cross frame scripting vulnerabilities (CVE-2013-3275). The web interface does not properly restrict FRAME elements, which can allow a crafted remote site to monitor input and ex...
Updated subversion packages fix security vulnerabilities
Subversion repositories with the FSFS repository data store format can be corrupted by newline characters in filenames. A remote attacker with a malicious client could use this flaw to disrupt the service for other users using that repository CVE-2013-1968. Subversion's svnserve server process ma...
[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability
Exploit Title : Answer my question wordpress plugin Multiple Cross-Site Scripting Vulnerabilities Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 09/19/12 version: 1.1 software link:http://wordpress.org/extend/plugins/answer-my-question/ Answer my question plugin description This plugi...
Veeam vPower NFS Service fails to start
Challenge This article documents troubleshooting steps to be taken if the Veeam vPower NFS Service fails to start. Solution Check Port Usage Check if another process is locking one of ports used by the Veeam vPower NFS Service: 1. Open an Administrative PowerShell Prompt 2. Run the following...