Design/Logic Flaw

IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before 7.5.0.5, and 8 before 8.0.0.1 allows remote authenticated users to cause a denial of service queue-slot exhaustion by leveraging PCF query privileges for a crafted query...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF29, 8.0.0.x before 8.0.0.1 CF15, and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

Design/Logic Flaw

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460...

CVE-2013-5557

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance ASA Software 9.1.2 and earlier allows remote authenticated users to cause a denial of service device crash or error-recovery event via an HTTP request that triggers a rewrite, aka Bug ID...

CVE-2015-1467

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 language or 2 type parameter to private/en/locale/index...

UBUNTU-CVE-2015-0241

The tochar function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a 1 large number of digits when processing a numeric...

CVE-2014-9049

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method...

Design/Logic Flaw

The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method...

mysql: unspecified vulnerability related to Server:Security:Privileges:Foreign Key (CPU Jan 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key...

Multiple Siemens Ruggedcom Products Security Bypass Vulnerabilities

Siemens Ruggedcom WIN51xx, WIN52xx, WIN70xx and WIN72xx are broadband wireless base station products from Siemens, Germany. A security vulnerability exists in the integrated management service of multiple Siemens Ruggedcom products. A remote attacker could exploit the vulnerability to bypass...

Multiple Information Disclosure Vulnerabilities in Fortinet FortiAuthenticator Appliance

Fortinet FortiAuthenticator is a family of secure authentication software from Fortinet that can be combined with FortiToken two-factor authentication token to provide secure two-factor authentication to third-party devices authenticated via RADIUS or LDAP. The Fortinet FortiAuthenticator Applian...

Fortinet FortiAuthenticator Appliance Cross-Site Scripting Vulnerability Vulnerability

Fortinet FortiAuthenticator is a family of secure authentication software from Fortinet that can be combined with FortiToken two-factor authentication token to provide secure two-factor authentication to third-party devices authenticated via RADIUS or LDAP. The Fortinet FortiAuthenticator Applian...

ClearSCADA 'dbserver.exe' Remote Authentication Bypass Vulnerability

ClearSCADA is the integrated SCADA host platform. A remote authentication bypass vulnerability exists in ClearSCADA 'dbserver.exe', which allows an attacker to bypass authentication mechanisms and obtain sensitive information...

CVE-2014-7269

ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware...

CVE-2014-7288

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...

SIPhone Enterprise PBX - Remote Authentication bypass Vulnerability

Exploit for php platform in category remote exploits E / | | | | X By \ | || | | ' \ / | ' \ / \ P BaD-HaCKeR-MaN | || /| | | | | | | | / L TheMostCompleteHackerInTheWorld |/|| || ||/|| ||| O email protected I T + SIPhone Enterprise PBX Suffers from a Remote Authentication Bypass Vulnerability...

CVE-2015-0236

libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the virDomainSnapshotGetXMLDesc interface or 2 image to the virDomainSaveImageGetXMLDesc interface...

ClearSCADA Remote Authentication Bypass

!/usr/bin/python cs-auby.py ClearSCADA Remote Authentication Bypass Exploit Jeremy Brown jbrown3264/gmail Oct 2010 released Jan 2015 There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in dbserver.exe and taking advantage of the way the...

ClearSCADA - Remote Authentication Bypass Exploit

There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in dbserver.exe and taking advantage of the way the program handles it. !/usr/bin/python cs-auby.py ClearSCADA Remote Authentication Bypass Exploit Jeremy Brown jbrown3264/gmail Oct 2010...

ClearSCADA - Remote Authentication Bypass

ClearSCADA - Remote Authentication Bypass !/usr/bin/python cs-auby.py ClearSCADA Remote Authentication Bypass Exploit Jeremy Brown jbrown3264/gmail Oct 2010 released Jan 2015 There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in...