Infoblox NIOS 安全漏洞

Infoblox NIOS is an operating system that powers Infoblox core network services. It ensures uninterrupted operation of the network infrastructure. A security vulnerability exists in Infoblox NIOS versions prior to 8.5.2, which stems from a program that allows entity expansion during an XML upload...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 Corporation in the United States. A security vulnerability exists in F5 BIG-IP, which can be exploited by attackers to trigger a...

CVE-2021-26826

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash...

CVE-2021-26826

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash...

Perfex CRM 2.4.4 Cross Site Scripting

Document Title: =============== Perfex v2.4.4 CRM - Print Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2231 Release Date: ============= 2020-06-24 Vulnerability Laboratory ID VL-ID: ==================================== 22...

Project Open v5.0.3 PMS - Multiple Web Vulnerabilities

Document Title: =============== Project Open v5.0.3 PMS - Multiple Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2225 Release Date: ============= 2020-04-24 Vulnerability Laboratory ID VL-ID: ==================================== 22...

Macs Framework 1.14f Cross Site Scripting / SQL Injection

Document Title: =============== Macs Framework v1.14f CMS - Multiple Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2206 Release Date: ============= 2020-04-14 Vulnerability Laboratory ID VL-ID: ====================================...

Use-after-free

WebKitGTK+ is vulnerable to use-after-free. It is possible for a remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing...

Microsoft Warns of Critical Windows Zero-Day Flaws

Microsoft is warning of critical zero-day flaws in its Windows operating system that could enable remote code execution. The unpatched flaws are being exploited by attackers in “limited, targeted” attacks, the company said. According to Microsoft, two remote code execution vulnerabilities exist i...

CVE-2020-10376

Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header...

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Digital Error Vulnerability

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliances Software ASA Software are both products of Cisco, Inc.Cisco Firepower Threat Defense is a set of unified software that provides next-generation firewall services. Defense is a set of unified software to provide...

Cisco UCS Director, Cisco Integrated Management Controller Supervisor - Multiple Vulnerabilities

Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data Discovered by Pedro Ribeiro email protected from Agile Information Security ================================================================...

Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection

Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data Discovered by Pedro Ribeiro [email protected] from Agile Information Security...

Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities

Cisco UCS Director Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data...

CVE-2019-1010060

CVE-2019-1010060 affects NASA CFITSIO before 3.43. A buffer overflow in the library (example: ftp_status in drvrnet.c) can be triggered by a long string, with over 40 source files changed in the update. The attack is remote and unauthenticated, and the impact is arbitrary code execution. The fixe...

UBUNTU-CVE-2019-11391

DISPUTED An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with $a at the beginning and nested repetition operators. NOTE: t...

Cisco Enterprise NFV Infrastructure Software Secure Copy Protocol Server Input Validation Vulnerability

Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from the U.S.-based Cisco. The platform enables full lifecycle management of virtualization services through a central coordinator and controller. secure copy protocol SCP server is one of the...

Vivotek IP Cameras - Remote Stack Overflow (PoC)

Vivotek IP Cameras - Remote Stack Overflow PoC STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials...

CVE-2017-1347

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462...

Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-08704)

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. Fastspot BigTree CMS 4.2.18 and earlier versions of the core\admin\modules\developer\extensions\install\process.php file and core\admin\modules\developer\ An SQL injection...