2293 matches found
QNAP QTS path traversal vulnerability
Overview QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal vulnerability. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2013-7174QNAP QTS is a Network-Attached Storage NAS system accessible via a web interface. QNAP QTS...
Synology DiskStation Manager arbitrary file modification
Overview Synology DiskStation Manager versions 4.3-3776-3 and below contain a vulnerability that allows a remote unauthenticated user to append arbitrary data to an arbitrary file under root privileges. Description CWE-284: Improper Access Control - CVE-2013-6955Synology DiskStation Manager...
Cisco Prime Data Center Network Manager FileUploadServlet Arbitrary File Upload (CVE-2013-5486; CVE-2019-1620)
An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager. The vulnerability is due to lack of authentication and insufficient input validation in the FileUploadServlet when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...
InstantCMS 1.10.3 SQL Injection Vulnerability
InstantCMS version 1.10.3 suffers from a remote SQL injection vulnerability. Vendor: InstantSoft Vulnerable Versions: 1.10.3 and probably prior Tested Version: 1.10.3 Advisory Publication: November 20, 2013 without technical details Vendor Notification: November 20, 2013 Vendor Patch: November 21...
Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)
A command execution vulnerability exists in Apache Roller due to a lack of sanitization on OGNL expressions passed to certain methods. This can lead to OGNL injection which can result in remote code execution. A remote unauthenticated attacker could exploit this vulnerability by sending crafted...
Microsoft IIS Request Header Buffer Overflow (MS10-065; CVE-2010-2730)
A code execution vulnerability exists in Microsoft Internet Information Services IIS when FastCGI is enabled. Successful exploitation would allow an attacker to inject and execute arbitrary code on the target system with the security privileges of the IIS Worker process. The vulnerability is due ...
[security bulletin] HPSBMU02915 rev.1 - HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03888320 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03888320 Version: 1 HPSBMU02915 rev....
Samsung DVR authentication bypass
Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...
HP LeftHand Virtual SAN Appliance hydra Ping Hostname Overflow
Added: 09/19/2013 CVE: CVE-2012-3285 BID: 57754 OSVDB: 89919 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...
Symantec PGP Desktop Untrusted Search Path Vulnerability
Symantec PGP Desktop is prone to untrusted search path vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
HP System Management Homepage iprange Parameter Stack Buffer Overflow
Added: 09/09/2013 CVE: CVE-2013-2362 BID: 61337 OSVDB: 95489 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A stack buffer overflow vulnerability in HP SMH allows command execution when an attacker...
Symantec PGP Desktop and Encryption Desktop Integer Overflow Vulnerability
Symantec PGP/Encryption Desktop is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Wordpress Better WP Security Plugin - Stored XSS Vulnerability
Richard Warren ======= Summary ======= Name: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE Release Date: 30 July 2013 Reference: NGS00500 Discoverer: Richard Warren Vendor: Bit51 Vendor Reference: Systems Affected: Bit51 Better WP Security Plugin Version...
Oracle MySQL Server InnoDB Memcached Plugin Resource Exhaustion - High Confidence (CVE-2013-1570)
A memory exhaustion vulnerability has been reported in the InnoDB memcached plugin component of Oracle MySQL Server. This vulnerability is due to incorrect freeing of allocated memory when processing certain type of requests. A remote unauthenticated attacker can exploit this vulnerability by...
Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability
Added: 07/18/2013 CVE: CVE-2013-1082 BID: 60179 OSVDB: 91118 Background ZENworks Mobile Management ZMM offers centralized management tools that are useful for deploying new mobile devices in the workforce, whether those devices are company-issued or privately owned. ZMM ensures that users have th...
Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability
Added: 07/18/2013 CVE: CVE-2013-1082 BID: 60179 OSVDB: 91118 Background ZENworks Mobile Management ZMM offers centralized management tools that are useful for deploying new mobile devices in the workforce, whether those devices are company-issued or privately owned. ZMM ensures that users have th...
Oracle Linux 3 : samba (ELSA-2007-1013)
From Red Hat Security Advisory 2007:1013 : Updated samba packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba is a suite of programs used by...
Oracle Linux 4 : samba (ELSA-2007-1016)
From Red Hat Security Advisory 2007:1016 : Updated samba packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba is a suite of programs used by machines t...
Adobe ColdFusion 9 & 10 code injection vulnerability
Overview Adobe ColdFusion 9, 9.0.1, 9.0.2 with the APSB13-03 hotfix and 10 are vulnerable to a code injection vulnerability when ColdFusion is configured to not require authentication and RDS is disabled. Description Adobe ColdFusion is vulnerable to a code injection attack when RDS is disabled a...
IBM Notes runs arbitrary JAVA and Javascript in emails
Overview IBM Notes parses arbitrary JAVA and Javascript code by default when viewing emails. Description The n.runs AG security advisory states:Notes 8.5.3 does not filter tags inside HTML emails. This can be used to load arbitrary Java applets from remote sources making it an information...