EUVD-2010-4501

Malware in sbrugna...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform is related to deficiencies in the security measures used to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the SolidWall WAF, related to security flaws, allows attackers to trigger a service failure.

The vulnerability of the SolidWall WAF lies in the deficiencies of its security mechanisms. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerabilities of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP software integration platforms are related to deficiencies in authentication procedures. These deficiencies allow attackers to circumvent security restrictions, enhance their privileges, and gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP integration platforms is related to deficiencies in the authentication process due to incorrect processing of user information via RFC messages, thereby compromising the security between SAP systems. Exploiting this vulnerability...

The vulnerability of the Exim message transfer agent, related to security mechanisms that are lacking, allows attackers to increase their privileges.

The vulnerability of the Exim message transfer agent is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow attackers to gain elevated privileges...

The vulnerability of the Windows GDI+ component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows GDI+ component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow an attacker, acting remotely, to gain unauthorized access to protected information...

The vulnerability of the Windows Function Discovery SSDP Provider on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Function Discovery SSDP Provider component in Windows operating systems is related to deficiencies in the implementation of security mechanisms. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Sanitize library for the Ruby programming language stems from deficiencies in the security measures used to protect web page structures. This vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Sanitize library for the Ruby programming language is related to deficiencies in the security measures used to protect web page structures. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Cisco Digital Network Architecture (DNA) Center’s network management system, due to security mechanisms that are deficient, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Cisco Digital Network Architecture DNA Center management system is related to security mechanisms that are deficient. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Windows GDI component in Microsoft Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Microsoft Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

CVE-2010-4533

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies...

Security feature bypass

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies...

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

Vulnerability of the Server component: Security: Roles of the Oracle MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Security component involves deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...

OPM Hack Expands to Include Data of 21.5M People

UPDATE–The ever-expanding data breach at the Office of Personnel Management has now spread to include the Social Security numbers and other personal data of a total of 21.5 million people, and the toll also now includes the agency’s director, Katherine Archuleta, who resigned Friday morning...