Lucene search
K

67 matches found

CNNVD
CNNVD
added 2021/06/02 12:0 a.m.4 views

Mcafee Database Security Server 代码问题漏洞

Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A code...

10CVSS5.8AI score0.02242EPSS
Exploits0References2
OSV
OSV
added 2021/03/18 5:15 p.m.4 views

CVE-2020-26155

Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in...

7.8CVSS5.7AI score0.00363EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/09 12:0 a.m.8 views

Mcafee Database Security Server 和 Sensor 加密问题漏洞

Mcafee Database Security Server and Mcafee Database Security sensor are both products of Mcafee Corporation, China.Mcafee Database Security Server is a database security software. Mcafee Database Security Server is a database security software that provides users with an overall view of the...

6.3CVSS6.6AI score0.00172EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/02/15 7:0 a.m.47 views

CVE-2019-8341

An issue was discovered in Jinja2 2.10. The fromstring function is prone to Server Side Template Injection SSTI where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and...

9.8CVSS8.4AI score0.4478EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2016/12/13 12:0 a.m.28 views

Attachmate Host Access Management and Security Server PassThru Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Attachmate Host Access Management and Security Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PassThru resource. The issue results...

5CVSS0.1AI score0.02219EPSS
Exploits0References1
Prion
Prion
added 2016/11/29 11:59 a.m.13 views

Directory traversal

Administrative Server in Micro Focus Host Access Management and Security Server MSS and Reflection for the Web RWeb and Reflection Security Gateway RSG and Reflection ZFE ZFE allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory...

4.3CVSS7.2AI score0.02219EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2016/11/29 11:0 a.m.47 views

CVE-2016-5765

The CVE-2016-5765 entry describes a remote, unauthenticated directory-traversal information-disclosure in Micro Focus MSS and related products (RWeb, RSG, ZFE, and older components). Affected: MSS 12.3 before 12.3.326, MSS 12.2 before 12.2.342; RSG 12.1 before 12.1.362; RWeb 12.3 before 12.3.312,...

6.5CVSS6.4AI score0.02219EPSS
Exploits0References3Affected Software4
CNVD
CNVD
added 2016/06/08 12:0 a.m.10 views

Symantec Embedded Security: Critical System Protection and Symantec Data Center Security: Server Advanced Elevation of Privilege Vulnerabilities

Symantec Embedded Security:Critical System Protection SES:CSP and Symantec Data Center Security: Server Advanced SDCS:SA are both security products from Symantec Corporation. SES:CSP is a lightweight intrusion detection and prevention system client product; SDCS:SA provides security for physical...

8CVSS7.7AI score0.02536EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/12/14 12:0 a.m.7 views

The vulnerability of Oracle WebLogic Server application servers allows attackers to execute arbitrary code.

The vulnerability of the WLS Security server component of Oracle WebLogic Server is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted Java objects transmitted over the TCP protocol,...

7.5CVSS7.9AI score0.96032EPSS
Exploits17References12Affected Software7
Tenable Nessus
Tenable Nessus
added 2015/02/26 12:0 a.m.35 views

Symantec Data Center Security Server SQLi (SYM15-001)

The remote Symantec Data Center Security Server running on the remote host is affected by a SQL injection vulnerability in the '/sis-ui/authenticate' script on the web console interface. A remote attacker, using a crafted HTTP request, can exploit this to execute SQL queries, allowing the...

6.5CVSS5.9AI score0.04554EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2015/02/26 12:0 a.m.42 views

Symantec Data Center Security Server 'WCUnsupportedClass.jsp' XSS

The remote Symantec Data Center Security Server running on the remote host is affected by a reflected cross-site scripting vulnerability due to improper validation of input to the 'classname' parameter in the 'WCUnsupportedClass.jsp' script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.2AI score
Exploits0References1
0day.today
0day.today
added 2015/01/22 12:0 a.m.83 views

Symantec Data Center Security - Multiple Vulnerabilities

Symantec Data Center Security: Server Advanced SDCS:SA and Symantec Critical System Protection SCSP suffer from cross site scripting, remote SQL injection, information disclosure, and policy bypass vulnerabilities. ======================================================================= title:...

7.2CVSS0.6AI score0.0922EPSS
Exploits4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Check Point Software Firewall-1 4.0/1.4.1 Resource Exhaustion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1416/info The Check Point Firewall-1 SMTP Security Server in Firewall-1 4.0 and 4.1 on Windows NT is vulnerable to a simple network-based attack which can increase the firewall's CPU utilization to 100%. Sending a stream ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Bubla <= 1.0.0rc2 (bu/process.php) Remote File Include Vulnerability

No description provided by source. DeltasecurityTEAM WwW.Deltasecurity.iR Portal Name = Bubla = 1.0.0rc2 Class = Remote File Inclusion Risk = High Remote File Execution Download = http://download.sourceforge.net/pub/sourceforge/b/bu/bubla/bubla-1.0.0rc1.tar.gz Discoverd By = DeltahackingTEAM User...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Bubla <= 0.9.2 (bu_dir) Multiple Remote File Include Vulnerabilities

No description provided by source. DeltasecurityTEAM WwW.Deltasecurity.iR Portal Name = Bubla 0.9.1 Class = Remote File Inclusion Risk = High Remote File Execution Download = http://download.sourceforge.net/pub/sourceforge/b/bu/bubla/bubla-0.9.1.tar.gz Discoverd By = DeltahackingTEAM User In Delt...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.35 views

VMware View Server Directory Traversal Vulnerability (VMSA-2012-0017)

The version of VMware View Server installed on the remote host is potentially affected by a directory traversal vulnerability in the Connection Server and View Security Server. This may allow a remote attacker to read arbitrary files from the system. C Tenable Network Security, Inc...

5CVSS6.3AI score0.02802EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2012/12/20 10:7 p.m.18 views

VMware View critical directory traversal vulnerability

DDI Vulnerability Research Team VRT for reported a critical vulnerability in VMware View Server , that is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive...

5CVSS6.8AI score0.02802EPSS
Exploits0
The Hacker News
The Hacker News
added 2012/12/20 11:7 a.m.47 views

VMware View critical directory traversal vulnerability

DDI Vulnerability Research Team VRT for reported a critical vulnerability in VMware View Server , that is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive...

5CVSS6.3AI score0.02802EPSS
Exploits0
ThreatPost
ThreatPost
added 2012/12/19 10:19 p.m.38 views

VMware Patches Directory Traversal Vulnerability in View Server and Security Server

Virtualization vendor VMware has patched a critical vulnerability in its VMware View desktop virtualization product that could have led to a directory traversal attack and an attacker reading or downloading files without the need for authentication. VMware View 5.x prior to 5.1.2 and 4.x prior to...

5CVSS7.1AI score0.02802EPSS
Exploits0References3
NVD
NVD
added 2012/12/19 11:56 a.m.33 views

CVE-2012-5978

Multiple directory traversal vulnerabilities in the 1 View Connection Server and 2 View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors...

5CVSS7AI score0.02802EPSS
Exploits0References3
Rows per page
Query Builder