243 matches found
CVE-2016-5260
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file...
UBUNTU-CVE-2016-5260
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file...
CVE-2016-5260
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file...
CVE-2016-1436
The General Packet Radio Switching Tunneling Protocol 1 aka GTPv1 implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service Session Manager process restart via a crafted GTPv1 packet, aka Bug ID CSCuz46198...
CVE-2016-1436
The General Packet Radio Switching Tunneling Protocol 1 aka GTPv1 implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service Session Manager process restart via a crafted GTPv1 packet, aka Bug ID CSCuz46198...
Cisco ASR 5000 Series Packet Data Network Gateway Denial of Service Vulnerability
Cisco ASR 5000 Series is the 5000 series of wireless controller products from Cisco.Packet Data Network Gateway aka PGW is one of the packet data gateways. A security vulnerability exists in the General Packet Radio Switching Tunneling Protocol Version 1 GTPv1 implementation of the Cisco ASR 5000...
CVE-2015-2913
server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote attackers to predict...
Cisco Packet Data Network Gateway IP Stack Denial of Service Vulnerability
A vulnerability in the IP stack of the Cisco Packet Data Network Gateway PGW could allow an unauthenticated, remote attacker to cause a partial denial of service DoS of the Session Manager service when a malformed IP packet is received. The vulnerability is due to improper input validation of...
Cisco Gateway GPRS Support Node TCP Invalid Packet Vulnerability
A vulnerability in the TCP packet input handler of the Cisco Gateway GPRS Support Node GGSN could allow an unauthenticated, remote attacker to cause a reset of the Session Manager application. The vulnerability is due to improper input validation of the length fields of the TCP/IP header. An...
Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation
The Netlux Antivirus suffers from an unquoted search path issue impacting the Session Manager Service 'NXSessSvc' service for Windows deployed as part of Netlux Antivirus package. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated...
Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation
Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation Vendor: Netlux Systems Private Limited. Product web page: http://www.netluxantivirus.com Affected version: 1.0.1.8 and 1.0.1.4 Summary: Netlux Antivirus is an award-winning product that provides comprehensive protection against...
CVE-2015-0712
The session-manager service in Cisco StarOS 12.0, 12.2300, 14.0, and 14.0600 on ASR 5000 devices allows remote attackers to cause a denial of service service reload and packet loss via malformed HTTP packets, aka Bug ID CSCud14217...
Cisco StarOS for Cisco ASR 5000 Series HTTP Packet Processing Denial of Service Vulnerability
A vulnerability in HTTP packet processing of Cisco StarOS for Cisco ASR 5000 Series devices could allow an unauthenticated, remote attacker to cause a reload of the session manager service on the affected device. The vulnerability is due to improper processing of malformed HTTP packets. An...
MobaXterm - Terminal for Windows with X11 server, tabbed SSH client, network tools and much more...
MobaXterm is your ultimate toolbox for remote computing. In a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all...
CVE-2014-3331
The Session Manager component in Packet Data Network Gateway aka PGW in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service process crash via a crafted TCP packet, aka Bug ID CSCuo21914...
Cisco Packet Data Network Gateway Denial of Service Vulnerability
A vulnerability in the Session Manager software of Cisco Packet Data Network Gateway PGW could allow an unauthenticated, remote attacker to cause the Session Manager to crash. The issue is due to insufficient validation of received TCP packets. An attacker could exploit this issue by sending a...
TANne 0.6.17 Session Manager SysLog Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6553/info TANne is a freely available, open source session management package. It is available for Unix and Linux operating systems. Due to programming error, it may be possible to exploit a format string vulnerability. A...
Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
Description Oracle Java SE is prone to a buffer-overflow vulnerability in Java Runtime Environment. An attacker can exploit this issue to execute arbitrary code in the context of the current user. This vulnerability affects the following supported versions: 7 Update 21 , 6 Update 45 , 5.0 Update ...
Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
Description Oracle Java SE is prone to a memory-corruption vulnerability in Java Runtime Environment. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions...
Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
Description Oracle Java Runtime Environment is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass sandbox protection and perform unauthorized actions in the context of the application. This vulnerability affects the following supported versions: 7 Update 17 and...