UBUNTU-CVE-2017-5446

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-2428

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2 servers to have an...

CVE-2016-8329

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Mobile Application Platform. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Oracle FLEXCUBE Private Banking Security Bypass Vulnerability (CNVD-2017-00786)

Oracle FLEXCUBE Private Banking is a product of Oracle Corporation USA. It plans, records, tracks and manages client wealth across a range of asset classes and tools to increase financial advisor productivity and improve client relationships. A remote security bypass vulnerability exists in Oracl...

Oracle E-Business Suite Remote Security Vulnerability (CNVD-2017-00638)

Oracle E-Business Suite is a suite of fully integrated, global business management software from Oracle Corporation. Oracle Common Applications also known as Oracle Common Application Calendar, CAC is one of the components that can simplify the management of daily activities, appointments, and...

Oracle Outside In Technology has an unspecified vulnerability (CNVD-2017-00917)

Oracle Outside In Technology is the United States Oracle Oracle company for software developers to provide a comprehensive set of solutions. It can be used to handle the access, conversion and control of content in more than 500 unstructured file formats. An unspecified vulnerability exists in...

Oracle FLEXCUBE Private Banking Security Bypass Vulnerability (CNVD-2017-00789)

Oracle FLEXCUBE Private Banking is a product of Oracle Corporation USA. It plans, records, tracks and manages client wealth across a range of asset classes and tools to increase financial advisor productivity and improve client relationships. A remote security bypass vulnerability exists in Oracl...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00942)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

Unspecified Vulnerability in Oracle Hospitality Applications

Oracle Hospitality Applications is a software from Oracle Corporation. A vulnerability in the "OPERA Application Login" of Oracle Hospitality Applications could be exploited by a remote attacker via the 'HTTP' protocol, affecting the confidentiality, integrity, and availability of the system...

BINOM3 Electric Power Quality Meter Sensitive Information Disclosure Vulnerability

The BINOM3 Electric Power Quality Meter is a universal multifunctional power quality monitor. BINOM3 Electric Power Quality Meter is vulnerable to sensitive information disclosure. Since the management portal is configured for HTTP by default, an attacker in the right position could sniff all log...

The vulnerability of the microprogramming software of the Harman AMX multimedia stream management system allows a intruder to gain access to protected information.

The vulnerability of the setUpSubtleUserAccount/bin/bw function in the Harman AMX multimedia stream management software exists due to the rigid encoding of registration data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to protected information...

Microsoft Internet Explorer Spoofing Vulnerability

Microsoft Internet Explorer is a popular web browser introduced by Microsoft and bundled with the Windows operating system. A spoofing vulnerability exists in Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof Web sites via ...

Oracle WebLogic Server Remote Vulnerability

Oracle WebLogic server is an application server platform for building and running enterprise applications and services. A remote vulnerability exists in Oracle WebLogic Server that allows attackers to exploit the 'HTTP' protocol to compromise 'CIE Related Components' subcomponents...

Privoxy Denial of Service Vulnerability

Privoxy is a proxy server with filtering for HTTP and HTTPS protocols, often used in combination with Tor. A denial of service vulnerability exists in Privoxy that allows remote attackers to launch denial of service attacks via unspecified vectors...

DEBIAN-CVE-2012-4545

The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...

WirelessIP5000 has multiple vulnerabilities

Overview WirelessIP5000, a wireless IP phone from Hitachi Cable, contains multiple vulnerabilities; - Illegal access using the port TCP3390 - SNMP access using an arbitrary community name - Access to the HTTP server by an unauthorized user in the factory default configuration - The HTTP server...

Debian: Security Advisory (DSA-832-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 770-1] New gopher packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 770-1 [email protected] http://www.debian.org/security/ Martin Schulze July 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 770-1] New gopher packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 770-1 [email protected] http://www.debian.org/security/ Martin Schulze July 29th, 2005 http://www.debian.org/security/faq -...

security flaw

The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service application crash via a certain packet that causes the dissector to access previously-freed memory...