956 matches found
IBM MQ Appliance Remote Command Execution Vulnerability
The IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM USA. A security vulnerability exists in IBM MQ Appliance versions 8.0 and 9.0. An attacker could exploit the vulnerability to execute arbitrary commands on the system...
Vim Denial of Service Vulnerability
Vim is an open-source, configurable text editor for creating and changing any type of text, which can be used on most UNIX systems and Apple OS X. It can be used to create and change any type of text. A security vulnerability exists in Vim version 8.0. The vulnerability can be exploited by an...
IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2017-07382)
IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WAS version 8.0, 8.5...
Unspecified Vulnerability in Symantec Veritas NetBackup and NetBackup Appliance (CNVD-2017-07088)
Symantec Veritas NetBackup NBU and NetBackup NBU Appliance are both products of Symantec USA. The former is a set of enterprise-class backup management software that can run on multiple operating systems, and the latter is an enterprise-class backup management appliance. A security vulnerability...
CVE-2017-4982
EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system...
CVE-2017-6356
Palo Alto Networks Terminal Services aka TS Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors...
CVE-2017-6402
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur...
HMI/SCADA software webaccess 7.2/8.0/8.1 has 4 dll hijack vulnerabilities
WebAccess can build an information management platform for users and synchronize the efficiency of vertical market management development. There are 4 dll hijack vulnerabilities in the HMI/SCADA software webaccess, when bwopctool.dll, bwabout.dll, BwPAlarm.dll, and Webvsid.dll are loaded...
CVE-2016-0379
IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service channel outage by leveraging queue-manager rights...
CVE-2016-1403
CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005...
Open-Xchange AppSuite Open Redirect Vulnerability
Open-Xchange AppSuite OX AppSuite is a suite of Web-based cloud desktop environments from Open-Xchange, Inc. in the United States. The environment allows users to manage email, tasks, files, etc. more intuitively. An open redirection vulnerability exists in Open-Xchange AppSuite version 7.8.0 and...
PT-2016-6145 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r8 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: The administrative...
PT-2016-6143 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r8 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: A cross-site...
PT-2016-6142 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r9 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: The issue allows...
CVE-2016-0243
Cross-site scripting XSS vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a differe...
IBM WebSphere MQ Denial of Service Vulnerability (CNVD-2015-03364)
IBM WebSphere MQ is a messaging middleware product from IBM, USA. The product focuses on providing reliable and proven messaging for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM WebSphere MQ version 7.5 prior to 7.5.0.5 and version 8.0 prior to 8.0.0.2, which...
Apple Safari WebKit Memory Corruption Vulnerability (CNVD-2015-01862)
WebKit is the open source web browser engine currently used by Safari, Chrome and other browsers. A security vulnerability in the WebKit user interface in Apple Safari versions prior to 6.2.4, 7.x versions prior to 7.1.4, and 8.x versions prior to 8.0.4 allows remote attackers to execute arbitrar...
ActiveMQ: XSS vulnerability in scheduled.jsp
Cross-site scripting XSS vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."...
PT-2013-1884 · Apache · Apache Activemq
Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ versions prior to 5.8.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting XSS attacks. This can be achieved through various vectors, including th...
CVE-2012-3379
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0808. Reason: This candidate is a duplicate of CVE-2012-0808. Notes: All CVE users should reference CVE-2012-0808 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...