Stack overflow

Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service...

CVE-2017-12822

Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors...

CVE-2017-12819

Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55...

CVE-2017-12818

CVE-2017-12818 is the Sentinel/ Gemalto vulnerability: a stack-based buffer overflow in the custom XML-parser of Sentinel HASP SRM, Sentinel HASP, and Sentinel LDK runtime (prior to LDK RTE 7.55). Impact per ICS-CERT: remote code execution or denial of service. Affected products include HASP SRM/...

CVE-2017-12820

CVE-2017-12820 affects Gemalto SafeNet Sentinel stacks (HASP SRM, Sentinel HASP, Sentinel LDK) prior to Sentinel LDK RTE 7.55. The vulnerability is described as an arbitrary memory read from a controlled memory pointer, which could enable remote denial of service. Public advisories indicate the i...

CVE-2017-12819

CVE-2017-12819 refers to remote manipulation of the Gemalto SafeNet Sentinel language-pack updater, enabling NTLM-relay attacks for the system user in HASP SRM, Sentinel HASP and Sentinel LDK before Sentinel LDK RTE 7.55. Connected advisories corroborate remote NTLM-relay risk and advise upgradin...

CVE-2017-12819

Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55...

CVE-2017-12821

Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution...

CVE-2017-12822

CVE-2017-12822 affects Gemalto’s HASP SRM, Sentinel HASP and Sentinel LDK prior to Sentinel LDK RTE 7.55. The NEAR-term root cause is an improper access control flaw that allows the administrative interface to be remotely enabled and disabled without authentication, potentially expanding the atta...

CVE-2017-11498

Buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process a denial of service via a language pack ZIP file with invalid HTML files...

CVE-2017-11496

Stack buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files...

CVE-2017-11498

Buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process a denial of service via a language pack ZIP file with invalid HTML files...

CVE-2017-11497

Stack buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters...

CVE-2017-11498

Buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process a denial of service via a language pack ZIP file with invalid HTML files...

CVE-2017-11496

Stack buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files...

CVE-2017-12731

A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. The application is vulnerable to injection of...

OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite SQL Injection Vulnerabilities

The SiteSentinel Integra 100, SiteSentinel Integra 500 and SiteSentinel iSite ATG are products that provide tank monitoring capabilities for OPW's fuel management system. An SQL injection vulnerability exists in OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite, which can be...

dealerspecials.sun-sentinel.com XSS vulnerability

Vulnerable URL: http://dealerspecials.sun-sentinel.com/places/search/type:1/maxprice:0/maxmiles:0/make:Toyota/model:Sienna/services:0/dealer:0%22%27%2D%2D%21 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.08.2017 Vulnerability type:| XSS Vulnerability status:| Public...

NetIQ iManager and NetIQ eDirectory MD5 Hash Algorithm Vulnerabilities

NetIQ iManager and NetIQ eDirectory are both products of the American company NetIQ formerly Novell. The former is a WEB-based application that can manage and configure eDirectory objects using wireless devices. The latter is an identity management infrastructure platform that combines identity...

NetIQ Sentinel Server Denial of Service Vulnerability

NetIQ Sentinel Server is a security information and event management tool. NetIQ Sentinel Server 8.0 prior to version 8.0.1 has a security vulnerability that can lead to information disclosure and remote denial of service...