Lucene search
K

110 matches found

NVD
NVD
added 2016/11/23 2:59 a.m.24 views

CVE-2016-9562

SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service null pointer exception and icman outage via an HTTPS request to the sap.comP4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835...

7.5CVSS7.5AI score0.03882EPSS
Exploits0References3
Prion
Prion
added 2016/11/23 2:59 a.m.18 views

Null pointer dereference

SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service null pointer exception and icman outage via an HTTPS request to the sap.comP4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835...

5CVSS7.2AI score0.03882EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2016/09/20 12:0 a.m.4 views

Trend Micro Control Manager task_controller Information Disclosure

An information disclosure vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation of the 'url' parameter in the request for taskcontrol.php. An unauthenticated remote attacker could exploit this vulnerability by sending a specially crafted HT...

0.9AI score
Exploits0
NVD
NVD
added 2014/11/16 5:59 p.m.22 views

CVE-2014-8950

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the 1 URL Filtering or 2 Identity Awareness blade is used, allows remote attackers to cause a denial of service crash via vectors involving an HTTPS request...

7.1CVSS6.6AI score0.01548EPSS
Exploits0References4
Prion
Prion
added 2014/11/16 5:59 p.m.19 views

Cross site request forgery (csrf)

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the 1 URL Filtering or 2 Identity Awareness blade is used, allows remote attackers to cause a denial of service crash via vectors involving an HTTPS request...

7.1CVSS7.2AI score0.01548EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/11/16 5:0 p.m.26 views

CVE-2014-8950

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the 1 URL Filtering or 2 Identity Awareness blade is used, allows remote attackers to cause a denial of service crash via vectors involving an HTTPS request...

6.6AI score0.01548EPSS
Exploits0References4
CVE
CVE
added 2014/11/16 5:0 p.m.49 views

CVE-2014-8950

The CVE-2014-8950 entry concerns Check Point Security Gateway versions R77 and R77.10. The vulnerability affects the URL Filtering and Identity Awareness blades, where an HTTPS request can trigger a denial-of-service (crash). The available documents confirm the affected product and blades, and th...

7.1CVSS6.8AI score0.01548EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/07/30 2:55 p.m.15 views

Cross site request forgery (csrf)

Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request...

5CVSS6.8AI score0.03376EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/07/30 2:0 p.m.19 views

CVE-2014-2356 Innominate mGuard Exposure of Sensitive Information to an Unauthorized Actor

Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request...

4.3CVSS6.3AI score0.03376EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/06/22 12:0 a.m.12 views

McAfee ePolicy Orchestrator Remote Code Execution (CVE-2013-0140; CVE-2013-0141)

A remote code execution vulnerability has been reported in McAfee ePolicy Orchestrator ePO. The vulnerability is due to an error in the ePO server that fails to properly sanitize user supplied data. A remote attacker can exploit this weakness to execute arbitrary code via a specially crafted http...

7.9CVSS7.7AI score0.02544EPSS
Exploits4
Packet Storm
Packet Storm
added 2013/11/19 12:0 a.m.19 views

PineApp MailSecure Command Execution

Hi, related this: http://seclists.org/fulldisclosure/2013/Nov/136 In February 2013 I send Pineapp the following information: ----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https...

7.4AI score
Exploits0
Prion
Prion
added 2013/05/09 12:31 p.m.16 views

Cross site request forgery (csrf)

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbitrary custom web applications via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38379...

7.8CVSS7.2AI score0.0123EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/08/27 12:0 a.m.50 views

Symantec Endpoint Protection code execution

Multiple security vulnerabilities on TCP/8433 https request parsing...

7.2CVSS2.6AI score0.0146EPSS
Exploits7References1
NVD
NVD
added 2012/04/10 9:55 p.m.28 views

CVE-2012-0147

Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability."...

5CVSS5.9AI score0.3562EPSS
Exploits1References8
NVD
NVD
added 2010/05/27 7:30 p.m.17 views

CVE-2010-0596

Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain...

9CVSS6.2AI score0.02107EPSS
Exploits0References5
Prion
Prion
added 2009/08/14 3:16 p.m.17 views

Authentication flaw

The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a 1 http or ...

10CVSS7.5AI score0.0637EPSS
Exploits1References4Affected Software5
Prion
Prion
added 2009/07/29 5:30 p.m.22 views

Design/Logic Flaw

Unspecified vulnerability on the Cisco Wireless LAN Controller WLC platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules WiSM, WLC Modules for Integrated Services Routers,...

10CVSS7.1AI score0.02146EPSS
Exploits0References3Affected Software6
Cvelist
Cvelist
added 2009/07/29 5:0 p.m.32 views

CVE-2009-1166

The administrative web interface on the Cisco Wireless LAN Controller WLC platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules WiSM, WLC Modules for Integrated Services...

6.5AI score0.01602EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/07/29 5:0 p.m.38 views

CVE-2009-1167

Unspecified vulnerability on the Cisco Wireless LAN Controller WLC platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules WiSM, WLC Modules for Integrated Services Routers,...

6.5AI score0.02146EPSS
Exploits0References3
Prion
Prion
added 2009/06/25 1:30 a.m.19 views

Cross site request forgery (csrf)

The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a 1 http or 2 https request, related to the a SD Camera Web Server and the b Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr9649...

6.8CVSS7.5AI score0.0114EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder