IBM Tivoli Key Lifecycle Manager Information Disclosure Vulnerability (CNVD-2018-01129)

IBM Tivoli Key Lifecycle Manager enables you to locally create, distribute, back up, archive and manage the lifecycle of keys and certificates in your organization. An information disclosure vulnerability exists in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7. The vulnerability arises becau...

CVE-2017-1727

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive information in error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 134869...

Atlassian Bamboo Remote Code Execution Vulnerability (CNVD-2018-00579)

Atlassian Bamboo is a suite of continuous integration build tools from Atlassian Australia. The tools help development teams build, test, release and deploy projects using continuous delivery capabilities. A remote code execution vulnerability exists in Atlassian Bamboo versions prior to 6.1.6 an...

CVE-2017-17436

An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...

IBM Infosphere BigInsights Clickjacking Vulnerability

IBM InfoSphere BigInsights is a suite of software platforms for storing and analyzing "Big Data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data. A security vulnerability exists in IBM Infosphere...

Blue Coat Malware Analysis Appliance and Malware Analyzer G2 Command Execution Vulnerability

The Blue Coat Malware Analysis Appliance MAA and Malware Analyzer G2 are both malware analysis appliances in Blue Coat's Blue Coat Advanced Threat Protection solution, which provides malware blasting and analysis, exposing zero-day threats and unknown malware, and sharing threat intelligence...

Shopware content management system backend module cross-site scripting vulnerability

Shopware is the German Shopware company's open source e-commerce software. content management system backend modules is one of the content system backend module. A cross-site scripting vulnerability exists in the customer and order section of the content management system backend module in Shopwa...

NetApp Data ONTAP Denial of Service Vulnerability (CNVD-2017-30013)

NetApp Data ONTAP is a set of storage operating system from American NetApp. The system supports the enhancement of the user's enterprise application performance and improve the flexibility of the data center and so on. A security vulnerability exists in NetApp Data ONTAP versions prior to 8.2.5....

Electronic Funds Source Mobile Driver Source app for iOS Security Vulnerability

Electronic Funds Source EFS Mobile Driver Source app for iOS is an iOS based EFS card management app. A security vulnerability exists in version 2.5 of the EFS Mobile Driver Source app for iOS, which is caused by the program failing to validate an X.509 certificate on the server side of an SSL...

Apache Struts Denial of Service Vulnerability (CNVD-2017-23348)

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2...

Foscam C1 Indoor HD Camera cgiproxy.fcgi dns2 address configuration command injection vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using application firmware version 2.52.2.37. The vulnerability can be exploited to inject arbitrary shell characters by sendi...

Foscam C1 Indoor HD Camera Command Injection Vulnerability (CNVD-2017-14064)

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using application firmware version 2.52.2.37. The vulnerability can be exploited to inject arbitrary shell characters by sendi...

VulnCheck KEV: CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...

MODX Revolution Cross-Site Scripting Vulnerability (CNVD-2017-07468)

MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A cross-site scripting vulnerability exists in versions of MODX Revolution prior to 2.5.7. A remote...

CVE-2016-6103

IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2017-3412

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2016-0894

EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter...

IBM Security QRadar SIEM Directory Traversal Vulnerability

IBM Security QRadar SIEM is an IBM solution for consolidating log-sourced event data from thousands of devices and applications dispersed throughout the network. A directory traversal vulnerability exists in IBM Security QRadar SIEM 7.2.5 Patch 6 prior to the 7.2.x release. A remote attacker can...

IBM Security QRadar Incident Forensics Session Hijacking Vulnerability

IBM Security QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigations of suspected malicious network security incidents, and repair network security vulnerabilities. IBM Security QRadar Incident Forensics 7.2...

Cisco WebEx Meetings Server Cross-Site Request Forgery Vulnerability (CNVD-2015-04988)

Cisco WebEx Meetings Server CWMS is the United States Cisco Cisco WebEx meeting program in a set of multifunctional meeting solutions that include audio, video and Web conferencing. A cross-site request forgery vulnerability exists in CWMS version 2.5 MR1. A remote attacker can exploit this...