CVE-2015-7850

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service infinite loop or crash by pointing the key file at the log file...

CVE-2015-4717

The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $GET parameters cast by PHP to an array, which allows remote attackers to cause a denial of service infinite loop and log file consumption via crafted endpoint...

USN-2777-1 linux-lts-utopic vulnerabilities

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 Benjamin Randazzo...

DEBIAN-CVE-2015-6252

The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service memory consumption via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation...

CVE-2015-5742

Summary of CVE-2015-5742 : In Veeam Backup & Replication, the VeeamVixProxy component stored Local Administrator credentials in log files with world-readable permissions, enabling a local user to read sensitive data from logs. Affected versions are Veeam B&R prior to 8.0 Update 3. The issue arise...

USN-2751-1 linux-lts-vivid vulnerabilities

Benjamin Randazzo discovered an information leak in the md multiple device driver when the bitmapinfo.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. CVE-2015-5697 Marc-André Lureau discovered that the vhost driver did not properly...

Mozilla Maintenance Service Log File Overwrite Elevation of Privilege

Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege Summary: The maintenance service creates a log file in a use...

The vulnerability of the microprogramming software of the Cisco TelePresence Video Communication Server allows a intruder to gain access to protected information.

The vulnerability of the Configuration Log File component of the Cisco TelePresence Video Communication Server software lies in the lack of protection for sensitive data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to protected information by analyzing log...

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution

Exploit Title: ManageEngine EventLog Analyzer SQL query execution Product: ManageEngine EventLog Analyzer Vulnerable Versions: v10.6 build 10060 and previous versions Tested Version: v10.6 build 10060 Windows Advisory Publication: 14/09/2015 Vulnerability Type: authenticated SQL query execution...

Netgear FVS318 Router Multiple Vulnerabilities

Multiple Vulnerabilities in Netgear FVS318 Router ------------------------------------------------------------------------ SUMMARY The Netgear FVS318 is "an easy to use, firewall/router designed for home users and small businesses". SecuriNews Research has found 2 vulnerabilities in the router, o...

Cisco Security Management Appliance Log Rollover Denial of Service Vulnerability

A vulnerability in the web interface of the Cisco Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on a targeted device. The vulnerability is due to inadequate validation of user credentials for incoming HTTP requests,...

ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities EMC Identifier: ESA-2015-131 CVE Identifier: CVE-2015-4531, CVE-2015-4532, CVE-2015-4533, CVE-2015-4534, CVE-2015-4535, CVE-2015-4536 Severity Rating: CVSS v2 Base Score: See below f...

Mozilla - Maintenance Service Log File Overwrite Privilege Escalation

Mozilla - Maintenance Service Log File Overwrite Privilege Escalation Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of...

Mozilla Maintenance Service Log File Overwrite Elevation of Privilege Exploit

Exploit for windows platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege...

Mozilla - Maintenance Service Log File Overwrite Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege Summary: The maintenance service creates a log file in a use...

CVE-2015-4536

EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing is configured, stores certain obfuscated password data in a log file, which allows remote authenticated users to obtain sensitive information by reading this file...

Design/Logic Flaw

Java Method Server JMS in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when debugtrace is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing ...

Design/Logic Flaw

EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing is configured, stores certain obfuscated password data in a log file, which allows remote authenticated users to obtain sensitive information by reading this file...

CVE-2015-4535

Java Method Server JMS in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02, when debugtrace is configured, allows remote authenticated users to gain super-user privileges by leveraging the ability to read a log file containing ...

CVE-2015-4536

EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing is configured, stores certain obfuscated password data in a log file, which allows remote authenticated users to obtain sensitive information by reading this file...