2777 matches found
CVE-2017-8856
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process...
CVE-2017-8858
CVE-2017-8858 affects Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. The issue is an unauthenticated, privileged remote file write via the bprd process. This is a remote, unauthenticated threat with high impact (CVE-2017-8858 is disclosed in multiple sources; no exploi...
IBM MQ 8.x < 8.0.0.3 Multiple Information Disclosure (credentialed check)
The version of IBM MQ formerly IBM WebSphere MQ 8.x installed on the remote Windows host is missing fix pack 8.0.0.3 or later. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the Advanced Message Security policy when a JMS client application sends a message to the...
CVE-2017-3497
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Remote Administration Daemon. The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...
CVE-2017-3808
A vulnerability in the Session Initiation Protocol SIP UDP throttling process of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate...
CVE-2017-6611
A vulnerability in the web framework code of Cisco Prime Infrastructure 2.22 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of some...
Cross site scripting
A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. More Information: CSCuw63001 CSCuw63003. Known Affected...
SICUNET Access Controller Multiple Vulnerabilities
SICUNET Access Controller is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Moodle 3.2.x < 3.2.2 Multiple Vulnerabilities
Binary data 700011.prm...
CVE-2017-3867
A vulnerability in the Border Gateway Protocol BGP Bidirectional Forwarding Detection BFD implementation of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to bypass the access control list ACL for specific TCP and UDP traffic. More Information:...
VulnCheck KEV: CVE-2017-3881
A vulnerability in the Cisco Cluster Management Protocol CMP processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges...
SICUNET Access Controller 0.32-05z Code Execution / File Disclosure Vulnerabilities
Exploit for php platform in category web applications SICUNET Physical Access Controller - Multiple Vulnerabilities ------------------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in the SICUNET Access Controller Products. The...
SICUNET Access Controller 0.32-05z Code Execution / File Disclosure
SICUNET Physical Access Controller - Multiple Vulnerabilities ------------------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in the SICUNET Access Controller Products. The vulnerabilities were discovered during a black box security...
CVE-2017-3821
A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting XSS attacks. More Information: CSCvc49348. Known Affected Releases: 10.52.14076.1. Known Fixed Releases: 12.00.98000.209...
CVE-2017-3839
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc04845. Known Affected Releases:...
tika: XML External Entity vulnerability
It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XX...
CVE-2017-3402
Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-3382
Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-3260
Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...
CVE-2016-8330
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks...