78 matches found
PT-2022-1430 · Cisco · Cisco Ece
Name of the Vulnerable Software and Affected Versions: Cisco ECE affected versions not specified Description: A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the...
OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
Juniper Networks Junos OS 安全漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, which arises from a protection mechanism failu...
UBUNTU-CVE-2021-2389
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
Hcl Technologies Inotes 安全漏洞
HCL iNotes is a browsing client for accessing HCLDomino mail, contacts, calendar, scheduling and collaboration features. A label phishing vulnerability exists in HCL iNotes. The vulnerability stems from improper validation of email content. A remote, unauthenticated attacker could exploit the...
CVE-2020-3137 Cisco Email Security Appliance Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists because the...
CVE-2020-3244
A vulnerability in the Enhanced Charging Service ECS functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of...
Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerability (cisco-sa-webex-player-Q7Rtgvby)
The version of Cisco Webex Network Recording Player and Cisco Webex Player installed on the remote host is affected by a remote code execution vulnerability due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format ARF or th...
PT-2019-1960 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.15 and prior Description: The issue is related to the MySQL Server component, specifically the Server: Replication subcomponent. It allows an unauthenticated attacker with logon to the infrastructure where MySQL Serv...
CVE-2016-6455
A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 DPC2 could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service DoS condition. This vulnerability...
Cisco ASA < 9.5(2.2) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)
Binary data 801954.prm...
Apache ActiveMQ 5.x < 5.10.1 Multiple Vulnerabilities
Binary data 8961.prm...
HP-UX Update for AAA Server HPSBUX01011
Check for the Version of AAA Server OpenVAS Vulnerability Test HP-UX Update for AAA Server HPSBUX01011 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Microsoft Windows Internet Naming Service (WINS) fails to properly validate the length of specially crafted packets
Overview Microsoft Windows Internet Naming Service WINS fails to properly validate the length of specially crafted packets which could allow an unauthenticated, remote attacker to cause a denial-of-service condition. Description The Windows Internet Naming Service WINS maps IP addresses to NETBIO...
Security Update for Windows 8 for x64-based Systems (KB2727528)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for IIS FTP 7.5 for Windows Vista (KB2489256)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for Windows Server 2008 x64 Edition (KB2705219)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for Windows Server 2003 for Itanium-based Systems (KB974318)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...