338 matches found
CVE-2016-9365
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPor...
PHP < 5.6.26, 7.x < 7.0.11 Multiple Vulnerabilities (Sep 2016) - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
Jenkins Remote Code Execution Vulnerability (Nov 2014) - Linux
Jenkins is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins";...
Centreon 'POST' Parameter Multiple Vulnerabilities
Centreon is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:centreon:centreon"; ifdescription...
FlatPress 1.0.3 CSRF Arbitrary File Upload
Summary FlatPress is a blogging engine that saves your posts as simple text files. Forget about SQL! You just need some PHP. Description The vulnerability is caused due to the improper verification of uploaded files via the Uploader script using 'upload' POST parameter which allows of arbitrary...
JobScript Remote Code Execution
!C:/Python27/python.exe -u JobScript Remote Code Execution Exploit Vendor: Jobscript Product web page: http://www.jobscript.in Affected version: Unknown Summary: JobScript is inbuilt structured website was developed in PHP and MySQL database. It's a complete job script for those who wants to star...
X (Formerly Twitter): Improper Verification of email address while saving Account Settings
Signup for Ads on twitter and navigate to "Account Settings" on ads.twitter.com/accounts Enter any email address and save Account Settings. Notice that the email address gets updated successfully. There is no verification email that is sent out to confirm that the email account updated actually...
Omeka 2.2.1 - Remote Code Execution Exploit
No description provided by source. !/usr/bin/env python Omeka 2.2.1 Remote Code Execution Exploit Vendor: Omeka Team CHNM GMU Product web page: http://www.omeka.org Affected version: 2.2.1 and 2.2 Summary: Omeka is a free, flexible, and open source web-publishing platform for the display of...
newsPHP 216 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8489/info A vulnerability is reported to exist in newPHP that may allow an attacker to gain access to a vulnerable host due to improper verification of authentication credentials. This issue may be exploited to gain acces...
ownCloud 'calendar_id' Parameter privilege Escalation Vulnerability
ownCloud is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...
Apache Solr Directory Traversal Vulnerability (SOLR-4882, SOLR-5520) - Linux
Apache Solr is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:solr";...
ImageMagick Integer Overflow Vulnerability - 03 June (Windows)
The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln03jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 03 June Windows Authors: Thanga Prakash S...
HP Intelligent Management Center tftpserver.exe Remote Code Execution (CVE-2011-1851)
A remote code execution vulnerability has been reported in HP Intelligent Management Center. The vulnerability is due to improper verification of the destination buffer's size while handling the transfer mode field within the tftpserver.exe component. A remote attacker could exploit this...
Apple iTunes Remote Code Execution Vulnerability (Windows)
This host is installed with Apple iTunes and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodappleitunesremotecodeexecvulnwin.nasl 8169 2017-12-19 08:42:31Z cfischer $ Apple iTunes Remote Code Execution Vulnerability Windows Authors: Rachana Shetty Copyright...
Libcloud SSL Certificates Security Bypass Vulnerability
Libcloud is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TigerVNC SSL Certificate Validation Security Bypass Vulnerability - Windows
TigerVNC is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tigervnc:tigervnc";...
pppd out of bounds memory access, possible DOS
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Subject: pppd remote DOS. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Product Description: ppp is an implementation of PPP Point-to-Point Protocol for Unix systems...
CVE-2002-0145
chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root...