CVE-2016-6882

MatrixSSL before 3.8.7, when the DHERSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack...

MalQR - Collection of malicious QR Codes and Barcodes you can use to test the security of your scanners

MalQR is a collection of malicious QR codes and barcodes you can use to test the security of your scanners. It gives you the ability to conduct such tests with easiness : you just need to have a smartphone, a tablet or a laptop with an internet connection and browse MalQR.shielder.it to have a...

Test your barcode scanners: MalQR

Test your barcode scanners MalQR is a collection of malicious QR codes and barcodes you can use to test the security of your scanners. It gives you the ability to conduct such tests with easiness : you just need to have a smartphone, a tablet or a laptop with an internet connection and browse...

PT-2017-2885 · Insidesecure · Matrixssl

Name of the Vulnerable Software and Affected Versions: InsideSecure MatrixSSL version 3.8.7b Description: A heap buffer overflow vulnerability exists in the X509 certificate parsing functionality. This issue can be triggered by a specially crafted x509 certificate, leading to remote code executio...

Denial Of Service (DoS)

matrix-appservice-irc is vulnerable to denial of service DoS attacks. Spam messages in this implementation cause a memory leak, allowing a malicious user to send multiple spam messages to a single node to cause it to run out of memory and crash...

Cross-site Scripting (XSS)

Apache CXF HTTP transport is vulnerable to cross-site scripting XSS attacks. It exists when a request URL contains unexpected matrix parameters. Apache CXF HTTP transport uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available...

CVE-2016-6812

A vulnerability was found in FormattedServiceListWriter in Apache CXF HTTP transport module that could allow an attacker to inject unexpected matrix parameters into the request URL. On a successful injection these matrix parameters will find their way back to the client in the services list page...

SOL52430518 - PHP vulnerability CVE-2016-6289

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

Auto-Matrix Aspect-Nexus and Aspect-Matrix Building Automation Front-End Solutions File Containment Vulnerability

Auto-Matrix Aspect-Nexus and Aspect-Matrix Building Automation Front-End Solutions are Auto-Matrix USA's building automation front-end solutions for infrastructure, which are primarily deployed stateside in commercial facilities, critical manufacturing and energy and wastewater systems I&C. A...

CVE-2016-2307

American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application allow remote attackers to read arbitrary files via unspecified vectors, as demonstrated by the configuration file...

CVE-2016-2308

American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application store passwords in cleartext, which allows remote attackers to obtain sensitive information by reading a file...

CVE-2016-2308

The CVE-2016-2308 vulnerability affects American Auto-Matrix Building Automation Front-End Solutions (Aspect-Nexus and Aspect-Matrix) applications prior to version 3.0.0, where passwords are stored in clear text. This enables a remote attacker to read sensitive information from a file on the host...

CVE-2016-2307

American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application allow remote attackers to read arbitrary files via unspecified vectors, as demonstrated by the configuration file...

WordPress Matrix Gallery Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress Matrix Gallery Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

American Auto-Matrix Front-End Solutions Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified a local file inclusion and a plain text storage of password vulnerabilities in American Auto-Matrix’s Building Automation Front-End Solutions application. The Aspect-Matrix hardware platform was made end of life in 2015 and will no longer...

SOL78530002 - Java vulnerability CVE-2013-5803

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

CVE-2016-4358

HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029...

CVE-2016-4358

HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029...

CVE-2016-4357

HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028...