Lucene search
K

233 matches found

Drupal
Drupal
added 2017/12/06 12:0 a.m.22 views

Configuration Update Manager - Moderately critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2017-091

The Configuration Update Reports sub-module in the Configuration Update module project enables you to run reports to see what configuration on your site differs from the configuration distributed by a module, theme, or installation profile, and to revert, delete, or import configuration. This...

6.7AI score
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2015/10/06 12:0 a.m.4 views

The vulnerability of the Avira Management Console allows a hacker to execute arbitrary code.

The vulnerability of the Update Manager service in the Avira Management Console relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS5.9AI score0.35159EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2015/09/30 12:0 a.m.8 views

Avira Management Console Server HTTP Header Processing Heap Buffer Overflow

A heap buffer overflow vulnerability has been reported in Avira Management Console Server. The vulnerability exists in the way Update Manager Service handles overly long HTTP headers. A remote unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the server...

2.4AI score
Exploits0
CNVD
CNVD
added 2015/09/22 12:0 a.m.3 views

Avira Management Console Memory Misreference Vulnerability

Avira Management Console provides centralized and effective control of Avira security components. A memory misreference vulnerability exists in the Avira Management Console's Update Manager service, which can be exploited by a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.35159EPSS
Exploits0References1
NVD
NVD
added 2015/09/21 7:59 p.m.14 views

CVE-2015-7303

Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header...

10CVSS7.6AI score0.35159EPSS
Exploits0References1
Prion
Prion
added 2015/09/21 7:59 p.m.13 views

Design/Logic Flaw

Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header...

10CVSS8.1AI score0.35159EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/09/21 7:0 p.m.20 views

CVE-2015-7303

Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header...

7.6AI score0.35159EPSS
Exploits0References1
CVE
CVE
added 2015/09/21 7:0 p.m.47 views

CVE-2015-7303

CVE-2015-7303 is a use-after-free in Avira Management Console's Update Manager service. By sending oversized HTTP headers, remote attackers can trigger memory reuse and execute arbitrary code, potentially with SYSTEM privileges; authentication is not required per ZDI-15-445. Multiple entries (NVD...

10CVSS7.9AI score0.35159EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2015/09/16 12:0 a.m.25 views

(0Day) Avira Management Console Update Manager Service HTTP Header Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Avira Management Console. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP headers by the Update Manager service. By sending overly...

9.3CVSS7.2AI score0.35159EPSS
Exploits0References2
Metasploit
Metasploit
added 2015/06/08 9:58 a.m.35 views

VMWare Update Manager 4 Directory Traversal

This modules exploits a directory traversal vulnerability in VMWare Update Manager on port 9084. Versions affected by this vulnerability: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4 Update 4. This module requires Metasploit: https://metasploit.com/download Current sourc...

5CVSS0.2AI score0.59726EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2015/05/01 12:0 a.m.52 views

VMware vSphere Update Manager Java Vulnerability (VMSA-2015-0003)

The version of VMware vSphere Update Manager installed on the remote Windows host is 5.0 prior to Update 3d, 5.1 prior to Update 3a, 5.5 prior to Update 2e, or 6.0 prior to 6.0.0a. It is, therefore, affected by a vulnerability related to the bundled version of Oracle JRE prior to 1.7.076. A flaw...

4CVSS6.7AI score0.67234EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2014/12/12 12:0 a.m.40 views

VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0012)

The version of VMware vCenter Update Manager installed on the remote Windows host is 5.1 prior to Update 3. It is, therefore, affected by multiple vulnerabilities related to the bundled version of Oracle JRE prior to 1.6.081. C Tenable Network Security, Inc. include"compat.inc"; if description...

10CVSS7.4AI score0.06118EPSS
Exploits1References23
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.37 views

[security bulletin] HPSBMU03043 rev.1 - HP Smart Update Manager for Windows and Linux, Local Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04302476 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04302476 Version: 1 HPSBMU03043 rev....

2.1CVSS0.3AI score0.0039EPSS
Exploits0
NVD
NVD
added 2014/12/10 9:59 p.m.16 views

CVE-2014-2608

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors...

7.2CVSS7.3AI score0.0039EPSS
Exploits0References1
Prion
Prion
added 2014/12/10 9:59 p.m.13 views

Design/Logic Flaw

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors...

7.2CVSS6.7AI score0.0039EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2014/12/10 9:59 p.m.2 views

CVE-2014-2608

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors...

7.2CVSS5.5AI score0.0039EPSS
Exploits0References2
CVE
CVE
added 2014/12/10 9:0 p.m.43 views

CVE-2014-2608

HP Smart Update Manager (SUM) for Windows (6.x, fixed in 6.4.1) and Linux (6.2.x–6.4.x, fixed in 6.4.1) is affected by CVE-2014-2608. The issue enables local disclosure of information and potential privilege escalation via unknown vectors. HP’s Security Bulletin HPSBMU03043 rev.1 notes the affect...

7.2CVSS6.4AI score0.0039EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/12/10 9:0 p.m.29 views

CVE-2014-2608

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors...

7.3AI score0.0039EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/09/17 12:0 a.m.48 views

VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)

The version of VMware vCenter Update Manager installed on the remote Windows host is 5.5 prior to Update 2. It is, therefore, affected by multiple vulnerabilities related to the bundled version of Oracle JRE prior to 1.7.055. C Tenable Network Security, Inc. include"compat.inc"; if description...

10CVSS7.9AI score0.10117EPSS
Exploits1References33
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.19 views

HP Smart Update Manager Detection

Binary data hpsumdetect.nbin...

7.3AI score
Exploits0References1
Rows per page
Query Builder