113 matches found
PT-2018-17921 · Node.Js +3 · Node.Js +3
Name of the Vulnerable Software and Affected Versions: Node.js versions 6.x and later Description: The issue allows for a DNS rebinding attack, potentially leading to remote code execution. This can be exploited by malicious websites open in a web browser on the same computer or another computer...
CVE-2014-9563
CRLF injection vulnerability in the web-based management WBM interface in Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via th...
Crlf injection
CRLF injection vulnerability in the web-based management WBM interface in Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via th...
CVE-2014-9563
CRLF injection vulnerability in the web-based management WBM interface in Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via th...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
The Java Debugger exploits and fixes-vulnerability warning-the black bar safety net
0x0 Foreword Recently found an interesting vulnerability-JAVA open the Debugger mode can execute arbitrary system commands. Need certain Use Conditions, you have to be open to debug the process of setting up a breakpoint, and then use this breakpoint to execute the command of the operation. 0x1...
Multiple Vulnerabilities Haunt Long List of PLC Modules
A long list of industrial-control modules manufactured by Schneider Electric and used to control operations at various industrial facilities contain multiple weaknesses and vulnerabilities that could allow an attacker to modify the firmware, login remotely and run arbitrary code on the vulnerable...
VxWorks 'debug' Port Detection
Binary data 5621.prm...