1388 matches found
Libpcap Design Vulnerabilities
libpcap is a C library for network packet capture. A security vulnerability exists in the pcap-linux.c file in version 1.1.1 prior to libpcap commit ea9432fabdf4b33cbc76d9437200e028f1c47c93. A remote attacker can exploit this vulnerability to send arbitrary data with the help of specially crafted...
OpenText Document Sciences xPression SQL Injection Vulnerability
OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada. A SQL injection vulnerability exists in OpenText Document Sciences xPression version 4.5SP1 Patch 13. A remote...
OpenText Document Sciences xPression SQL Injection Vulnerability (CNVD-2017-33295)
OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...
CVE-2017-13068
QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack...
CVE-2017-14935
Pulse Secure Pulse One On-Premise 2.0.1649 and below does not properly validate requests, which allows remote users to query and obtain sensitive information...
Fedora pure-ftpd misconfiguration vulnerability
Fedora is a Linux-based operating system developed by the Fedora Project community and sponsored by Red Hat. pure-ftpd is one of the FTP service programs. A misconfiguration vulnerability exists in Downstream version 1.0.46-1 of pure-ftpd in Fedora. A remote attacker could exploit this...
Webservice Gateway Directory Traversal Vulnerability in Multiple EMC Products
EMC ViPR SRM and others are products of EMC Corporation.EMC ViPR SRM is a suite of storage resource management software.Storage M&R is a data storage collector.Webservice Gateway is one of the gateways. A directory traversal vulnerability exists in Webservice Gateway in multiple EMC products. A...
CVE-2017-9458
XML external entity XXE vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or...
IBM QRadar Network Security XML External Entity Injection Vulnerability
IBM QRadar Network Security is a suite of network threat protection software from IBM in the United States. The software uses deep packet inspection and behavior-based analysis to detect and protect against known and unknown threats. An XML external entity injection vulnerability exists in IBM...
Oracle Java Advanced Management Console Unauthorized Read Vulnerability
Oracle Java SE is Oracle's suite of standard edition Java platforms for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. java Advanced Management Console is one of the Java Advanced Management Console components for creating...
IBM InfoSphere Information Server XML External Entity Injection Vulnerability
IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An XML external entity injection vulnerability exists in IBM InfoSphere Information Server versions 9.1,...
Oracle Application Management Pack for Oracle E-Business Suite Remote Vulnerability
Oracle E-Business Suite is a fully integrated suite of global business management software from Oracle Corporation.Application Management Pack AMP for Oracle E-Business Suite is one of the extensions of the Application Management Pack AMP for Oracle E-Business Suite is one of the application...
Niushop open source mall system has multiple SQL injection vulnerabilities
NiuShop open source mall system , is by the Shanxi Niu Cool Information Technology Co., Ltd. completely independent design , research and development of a PHP open source e-commerce system . NiuShop open source mall system collectionGoodsOrShopt, cancelCollGoodsOrShop, platformAdvList,...
Oracle FLEXCUBE Private Banking Unauthorized Read Vulnerability
Oracle Financial Services Applications is a set of core banking, online banking and property management financial services software from Oracle Corporation, of which Oracle FLEXCUBE Private Banking is a private banking component. A security vulnerability exists in the Miscellaneous subcomponent o...
Unspecified Vulnerability in Oracle PeopleSoft Enterprise FSCM
Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise FSCM is one of the financial and supply chain management components. A...
Unspecified Vulnerability in Oracle Business Intelligence Enterprise Edition
Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, and other functionality.Oracle Business Intelligence Enterprise Edition is one of the business intelligence...
Apple macOS Sierra Audio memory corruption vulnerability
Apple macOS Sierra is a specialized operating system developed by Apple Inc. for Mac computers.The audio component is one of the audio components. A memory corruption vulnerability exists in the Audio component of Apple macOS Sierra before 10.12.6. A remote attacker can exploit this vulnerability...
The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the TrustZone technology’s authentication mode for Qualcomm Secure Execution Environment for Android, as found in the CAF repository, stems from synchronization errors when using a common resource. Exploiting this vulnerability could allow an attacker operating remotely to...
The vulnerability of the Oracle MySQL database management system allows a hacker to modify data.
The vulnerability of the MySQL Server component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to remotely gain access to modify, add, or delete data using network packets...
Schneider Electric homeLYnk Controller Security Bypass Vulnerability
The Schneider Electric homeLYnk Controller is a logic controller. A security bypass vulnerability exists in all versions of the Schneider Electric homeLYnk Controller prior to 1.5.0. A remote attacker could exploit this vulnerability to obtain sensitive information...