Cisco Prime Infrastructure Remote Code Execution Vulnerability

Cisco Prime Infrastructure is a solution for wireless management through Cisco Technologies LMS and NCS. Cisco Prime Infrastructure has a remote code execution vulnerability in log file handling, which allows an authenticated, remote attacker to alter system file logs to execute arbitrary code...

VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0008) (remote check)

The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - A directory traversal vulnerability exists that allows a remote attacker to read arbitrary files. CVE-2011-0426 - An information disclosure vulnerability exists due to...

Design/Logic Flaw

Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a log file, aka Bug ID CSCuw81494...

Cisco Prime Infrastructure Log File Remote Code Execution Vulnerability

A vulnerability in the log file handling for Cisco Prime Infrastructure could allow an authenticated, remote attacker to change and modify the system log file. The log file could have executable code added to it that could be executed when the log file is viewed. The vulnerability is due to lack ...

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

PHP FPM 'fpm_log.c' Buffer Overflow Vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A buffer overflow vulnerability in PHP FPM 'fpmlog.c' allows remote attackers to exploit the vulnerability to submit a special request to crash the application...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system’s log file is caused by an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted .jnt file...

CVE-2015-7934

The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors...

Design/Logic Flaw

The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors...

CVE-2015-7934

The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors...

CVE-2015-7934

The CVE-2015-7934 entry concerns the Adcon Telemetry A840 Telemetry Gateway Base Station’s Java client, where the Java client reveals the full pathname of log files on the server. The vulnerability is an information disclosure (log-file pathnames) that could be exploited remotely, with no client ...

CVE-2015-7934

The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors...

Adcon Telemetry A840 Telemetry Gateway Information Disclosure Vulnerability (CNVD-2015-08414)

The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. The Adcon Telemetry A840 Telemetry Gateway displays the full pathname of the log file in the server, allowing remote attackers to exploit this vulnerability to obtain sensitive...

CVE-2015-6847

The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file...

CVE-2015-6847

The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2015-07430)

Mozilla Firefox is an open source web browser. A security vulnerability exists in the Mozilla Firefox Search feature, which allows attackers to read log files and access file: URLs of HTML documents...

CVE-2002-2103

Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities...

NTP Denial of Service Vulnerability (CNVD-2015-07024)

NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. A security vulnerability exists in NTP versions prior to 4.2.8p4 and 4.3.x prior to 4.3.77. When the program allows remote configuration, an attacker can exploit the vulnerability ...