707 matches found
CVE-2017-1217
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123857...
Unitrends Enterprise Backup api/includes/systems.php Remote Code Execution Vulnerability
Unitrends Enterprise Backup is a suite of enterprise-grade data protection software from the US-based Unitrends. The software provides data backup, data recovery and deduplication features. A security vulnerability exists in the api/includes/systems.php file in versions of Unitrends Enterprise...
Novell eDirectory Clickjacking Vulnerability
Novell eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from Novell, USA. The platform provides authentication policies, data backup and recovery services, data disaster recovery and other functions. A...
Pharos PopUp Printer Client Heap Buffer Overflow Vulnerability
Pharos PopUp Printer Client is a suite of printer client software from Pharos Systems International. A heap buffer overflow vulnerability exists in Pharos PopUp Printer Client version 9.0. An attacker could exploit this vulnerability to execute arbitrary code in the context of the affected...
NetApp Data ONTAP Security Bypass Vulnerability
NetApp Data ONTAP is a set of storage operating system from American NetApp. The system supports the enhancement of the user's enterprise application performance and improve the flexibility of the data center and so on. A security vulnerability exists in NetApp Data ONTAP versions 9.0 and 9.1 pri...
tcpdump buffer overflow vulnerability (CNVD-2017-02240)
tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A buffer overflow vulnerability exists in the pimv2checkchecksum...
tcpdump buffer overflow vulnerability (CNVD-2017-02243)
tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A buffer overflow vulnerability exists in the juniperparseheader...
ALPINE-CVE-2016-8575
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933print, a different vulnerability than CVE-2017-5482...
ALPINE-CVE-2016-7932
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2checkchecksum...
ALPINE-CVE-2016-7973
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions...
DEBIAN-CVE-2016-7985
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calmfastprint...
ZOHO ManageEngine ServiceDesk Plus Privilege Vulnerability
ZOHO ManageEngine ServiceDesk is the United States ZhuoHao ZOHO company's set of web-based help desk HelpDesk and asset management software. An elevation of privilege vulnerability exists in ManageEngine ServiceDesk Plus 9.0 and prior versions, which can be exploited by an attacker to gain...
CVE-2016-0304
The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J...
IBM Domino Man-in-the-Middle Attack Vulnerability
IBM Domino formerly IBM Lotus Domino is a suite of platforms for hosting social business applications from the American company IBM. A security vulnerability exists in IBM Domino versions 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1. An attacker is allowed to exploit the...
CVE-2015-5043
diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015 allows local users to obtain root access via unspecified key sequences...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the glx-utils-9.0 package of the Red Hat Enterprise Linux operating system can be exploited, which may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
IBM Domino SSLv2 Buffer Overflow Vulnerability
IBM Domino formerly known as IBM Lotus Domino is a set of platforms for hosting social business applications from IBM in the United States. The platform combines business messaging, applications and social collaboration, and provides users with real-time online communication capabilities. A buffe...
postgresql: SET ROLE without ADMIN OPTION allows adding and removing group members
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command...
PT-2014-1324 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 8.2 before 8.25.47 Cisco Adaptive Security Appliance ASA Software versions 8.4 before 8.47.5 Cisco Adaptive Security Appliance ASA Software versions 8.7 before 8.71.11 Cisco Adaptive...
CVE-2014-2104
Multiple cross-site scripting XSS vulnerabilities in the Business Voice Services Manager BVSM page in Cisco Unified Communications Domain Manager 9.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and...