6522 matches found
Achievo 1.3.4 - Cross-Site Scripting
Achievo 1.3.4 - Cross-Site Scripting Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ Multiple XSS in Achievo 1. Advisory Information Title: Multiple XSS in Achievo Advisory ID: BONSAI-2009-0101 Advisory URL:...
Achievo 1.3.4 - SQL Injection
Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...
Code injection
Simple Linux Utility for Resource Management SLURM 1.2 and 1.3 before 1.3.14 does not properly set supplementary groups before invoking 1 sbcast from the slurmd daemon or 2 strigger from the slurmctld daemon, which might allow local SLURM users to modify files and gain privileges...
CVE-2009-2084
Simple Linux Utility for Resource Management SLURM 1.2 and 1.3 before 1.3.14 does not properly set supplementary groups before invoking 1 sbcast from the slurmd daemon or 2 strigger from the slurmctld daemon, which might allow local SLURM users to modify files and gain privileges...
CVE-2009-2084
Simple Linux Utility for Resource Management SLURM 1.2 and 1.3 before 1.3.14 does not properly set supplementary groups before invoking 1 sbcast from the slurmd daemon or 2 strigger from the slurmctld daemon, which might allow local SLURM users to modify files and gain privileges...
CVE-2009-2084
Removed by vendor...
CVE-2009-2084
CVE-2009-2084 affects SLURM 1.2 and 1.3 prior to 1.3.14. The vulnerability stems from not properly setting supplementary groups before invoking sbcast (slurmd) or strigger (slurmctld), allowing local SLURM users to modify files and gain privileges. Connected sources corroborate a privilege escala...
[InterN0T] Achievo 1.3.4 - XSS Vulnerability
Achievo - Cross Site Scripting Vulnerability Version Affected: 1.3.4 August 12, 2008 newest Info: Achievo is a flexible web-based resource management tool for business environments. Achievo's resource management capabilities will enable organisations to support their business processes in a simpl...
SAP Cfolders Multiple Stored XSS Vulnerabilies
Digital Security Research Group DSecRG Advisory DSECRG-09-014 Original advisory: http://dsecrg.com/pages/vul/show.php?id=114 Application: SAP Cfolders included in: SAP SRM, SAP ECC, SAP Knowledge Management and SAP NetWeaver cRooms Vendor URL: http://SAP.com Bugs: Multiple Stored XSS Risk: Hight...
Resource Management Errors
Overview Affected versions of this package are vulnerable to Resource Management Errors. The regular expression engine regex.c in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service infinite loop an...
PT-2008-1163 · Apple +2 · Iphone +4
Name of the Vulnerable Software and Affected Versions: Apple iPod touch versions 1.1 through 2.0.2 Apple iPhone versions 1.0 through 2.0.2 Qt affected versions not specified Description: The issue is related to a use-after-free vulnerability in WebKit and an error in resource management in the Qt...
Design/Logic Flaw
Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management SRM before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors...
[SECURITY] Fedora 7 Update: tog-pegasus-2.6.0-3.fc7
OpenPegasus WBEM Services for Linux enables management solutions that deliv er increased control of enterprise resources. WBEM is a platform and resource independent DMTF standard that defines a common information model and communication protocol for monitoring and controlling resources from...
Nine smart built Station V5. 2 small holes two-vulnerability and early warning-the black bar safety net
One is the injection vulnerability, newshow. asp id parameter is the presence of injection vulnerabilities, you can guess the member table, get the user account password. The second is upload vulnerability in resource management where you can capture and upload the asp file...
Resource Management Errors
Overview Affected versions of this package are vulnerable to Resource Management Errors. The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary...
Resource Management Errors
Overview Affected versions of this package are vulnerable to Resource Management Errors. Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service crash via a crafted FlateDecode stream that triggers a nu...
CVE-2005-0311
Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, allowing remote authenticated users to retain access. Affected product: Ingate Firewall (versions up to 4.1.3 or earlier). Root cause: PPTP session n...
Virtual Server 2005 R2 SP1
...
Windows Azure Pack: Admin API
Windows Azure Pack: Admin API...
Windows Azure Pack: Admin Site
Windows Azure Pack: Admin Site...