WEG SuperDrive G2 12.0.0 - Insecure File Permissions

Exploit for windows platform in category local exploits WEG SuperDrive G2 v12.0.0 Insecure File Permissions Vendor: WEG Group Product web page: http://www.weg.net Affected version: SuperDrive G2 v12.0.0 Build 20150930-J1.8.060-NB8.0.2 SuperDrive v7.0.0 Summary: SuperDrive is a Windows graph tool...

WEG SuperDrive G2 12.0.0 - Insecure File Permissions

WEG SuperDrive G2 12.0.0 - Insecure File Permissions WEG SuperDrive G2 v12.0.0 Insecure File Permissions Vendor: WEG Group Product web page: http://www.weg.net Affected version: SuperDrive G2 v12.0.0 Build 20150930-J1.8.060-NB8.0.2 SuperDrive v7.0.0 Summary: SuperDrive is a Windows graph tool for...

Cacti SQL Injection Vulnerability (CNVD-2015-08486)

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti Group. The tool through snmpget to obtain data , using RRDtool drawing graphs to analyze , and provide data and user management features . A SQL injection vulnerability exists in Cacti versions prior to...

Bugzilla security issues

Bugzilla Security Advisory During the generation of a dependency graph, the code for the HTML image map is generated locally if a local dot installation is used. With escaped HTML characters in a bug summary, it is possible to inject unfiltered HTML code in the map file which the CreateImagemap...

DEBIAN-CVE-2015-8369

SQL injection vulnerability in include/topgraphheader.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rraid parameter in a properties action to graph.php...

cacti -- SQL injection vulnerabilities

NVD reports: SQL injection vulnerability in include/topgraphheader.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rraid parameter in a properties action to graph.php...

[SECURITY] Fedora 21 Update: metis-5.1.0-7.fc21

METIS is a set of serial programs for partitioning graphs, partitioning finite element meshes, and producing fill reducing orderings for sparse matrices. The algorithms implemented in METIS are based on the multilevel recursive-bisection, multilevel k-way, and multi-constraint partitioning scheme...

[SECURITY] Fedora 22 Update: metis-5.1.0-7.fc22

METIS is a set of serial programs for partitioning graphs, partitioning finite element meshes, and producing fill reducing orderings for sparse matrices. The algorithms implemented in METIS are based on the multilevel recursive-bisection, multilevel k-way, and multi-constraint partitioning scheme...

[SECURITY] Fedora 23 Update: metis-5.1.0-7.fc23

METIS is a set of serial programs for partitioning graphs, partitioning finite element meshes, and producing fill reducing orderings for sparse matrices. The algorithms implemented in METIS are based on the multilevel recursive-bisection, multilevel k-way, and multi-constraint partitioning scheme...

Gping - Ping, But With A Graph

Ping, but with a graph Install and run Created/tested with Python 3.4, should run on 2.7 will require the statistics module though. pip3 install pinggraph Tested on Windows and Ubuntu, should run on OS X as well. After installation just run: gping yourhost If you don't give a host then it pings...

SUSE-SU-2015:1757-1 Security update for docker

docker was updated to version 1.8.3 to fix two security issues. These security issues were fixed: - CVE-2014-8178: Manipulated layer IDs could have lead to local graph poisoning bsc949660. - CVE-2014-8179: Manifest validation and parsing logic errors allowed pull-by-digest validation bypass...

Cacti SQL Injection Vulnerability (CNVD-2015-04994)

Cacti is based on PHP, MySQL, SNMP and RRDTool developed a set of graphical analysis of network traffic monitoring tools . Cacti 'graphs.php' , 'cdef.php', 'datatemplates.php', 'graphtemplates.php' and 'hosttemplates.php' scripts incorrectly filter user input, allowing remote attackers to exploit...

Cacti vulnerable to cross-site scripting

Overview Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameters in graphview.php. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IP...

Cisco Acquires OpenDNS for $635 Million

Cisco continues to spend on security, today announcing its intent to acquire San Francisco-based OpenDNS for $635 million. OpenDNS’ domain name system and cloud-based security services bring threat data collected from those platforms to Cisco’s security offerings. “To build on Cisco’s advanced...

Cacti 'get_hash_graph_template' function SQL injection vulnerability

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti Group. The tool through snmpget to obtain data , using RRDtool drawing graphs to analyze , and provide data and user management features . A SQL injection vulnerability exists in the 'gethashgraphtemplate...

DEBIAN-CVE-2015-4454

SQL injection vulnerability in the gethashgraphtemplate function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graphtemplateid parameter to graphtemplates.php...

UBUNTU-CVE-2015-4454

SQL injection vulnerability in the gethashgraphtemplate function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graphtemplateid parameter to graphtemplates.php...

Drupal Open Graph Importer Module Limit Bypass Vulnerability

Drupal is a free, open source content management system developed in PHP. open Graph Importer is a module that supports back-end administrators or other users to import content from other websites using open graph meta tags. A security vulnerability exists in the Drupal Open Graph Importer module...

CVE-2015-4389

The Open Graph Importer ogtagimporter 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import ogtagimporter" permission...

Open redirect

The Open Graph Importer ogtagimporter 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import ogtagimporter" permission...