75 matches found
Vulnerability fixed in Siemens SIPROTEC systems
Siemens has fixed a vulnerability in SIPROTEC 5 systems. The vulnerability allows an unauthenticated malicious person to read information from the system. The vulnerability is located in the Web component of systems based on CPU variants CP050, CP100 and CP300. To exploit the vulnerability, the...
Vulnerability fixed in Atlassian Jira
A vulnerability has been fixed in Atlassian Jira Server and Jira Data Center. A malicious party could exploit the vulnerability to performing a Cross-Site Scripting XSS attack. A such attack can result in the execution of arbitrary script code in the browser used to visit the application. To do...
Vulnerability fixed in SIMATIC eaSie PCS7
Siemens has fixed a vulnerability in SIMATIC eaSie PCS7. A authenticated malicious party can exploit the vulnerability to access arbitrary files via path-traversal on the vulnerable system. The download function in which the vulnerability is not activated by default. Siemens has released updates ...
Vulnerability fixed in Trend Micro ServerProtect
Trend Micro has fixed a vulnerability in ServerProtect. A unauthenticated malicious party could potentially abuse it to bypass authentication. The vulnerability has a CVSS3.1 score of 9.8 assigned. Content-wise, however, few technical details made publicly available. Trend Micro has released...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to obtain system data. Potentially, the Denial-of-Service attack could be used to execute arbitrary code. Google has released a new version to address the vulnerabilities...
Vulnerabilities fixed in Aruba Networks AirWave Management Platform
Vulnerabilities have been fixed in AirWave Management Platform. The vulnerability with reference CVE-2021-3156 allows a local malicious person able to obtain elevated privileges and thereby execute arbitrary code under root privileges. The vulnerability with CVE-2021-3156 is described in detail i...
CVE-2021-34613
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
Vulnerability fixed in MantisBT
A vulnerability has been fixed in MantisBT. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. MantisBT has released updates to fix...
Vulnerability fixed in VLC
A vulnerability has been fixed in VLC. The vulnerability allows a malicious party capable of causing a denial-of-service and possibly executing arbitrary code under the privileges of the user. To exploit the vulnerability, a user must open a malicious file open. VLC has released updates to fix th...
Serious vulnerability fixed in Mozilla Firefox
A serious vulnerability has been fixed in Mozilla Firefox. A malicious party, by modifying a COOKIE-ECHO chunk in an SCTP package potentially cause a use-after-free. Mozilla indicates that it is likely, with enough effort, that this vulnerability could lead to the execution of arbitrary code...
Vulnerability fixed in Bitdefender Endpoint Security
Bitdefender has fixed an update in Bitdefender Endpoint Security Tools and the Endpoint Security SDK. The vulnerability could potentially be exploited by a malicious party to obtain elevated user privileges and manipulate data. Bitdefender categorizes this vulnerability according to the CVSSv3...
Photon OS 3.0: Elasticsearch PHSA-2020-3.0-0088
An update of the elasticsearch package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0088. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136577;...
Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000
The security-testlab team of Fraunhofer IOSB in Karlsruhe reported a security vulnerability that affects SICK FX0-GPNT00000 and SICK FX0-GENT00000 in the version V3.04.0. The SICK FX0-GPNT00000 and SICK FX0-GENT00000 are vulnerable to a buffer overflow by exploiting the available resources with U...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0203
An update of 'python2', 'binutils', 'httpd', 'systemd', 'net-snmp', 'curl', 'strongswan' packages of Photon OS has been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0184
An update of 'linux-esx', 'linux' packages of Photon OS has been released...
Photon OS 2.0: Binutils / Linux / Wget PHSA-2017-2.0-0008 (deprecated)
An update of 'binutils', 'linux', 'wget' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-2.0-0008. The text itself is copyright...
WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability Advisory ID: DC-2018-05-008 Advisory Title: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Gwolle Guestbook...
WordPress Strong Testimonials 2.31.4 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory: WordPress Strong Testimonials Plugin Multiple XSS Security Vulnerabilities Advisory ID: DC-2018-05-007 Advisory Title: WordPress Strong Testimonials Plugin Multiple XSS Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPre...
WordPress Clean Up Optimizer 4.0.0 SQL Injection Vulnerability
WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability. Advisory Title: WordPress Clean Up Optimizer Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Clean Up Optimizer plugin Language:...
WordPress Simple Login Log 1.1.1 SQL Injection
A A A A A A A A A A A A DefenseCode ThunderScan SAST Advisory A A A A WordPress Simple Login Log Plugin Multiple SQL Injection A A A A A A A A A A A A A A A A A Security Vulnerabilities Advisory ID:A A A DC-2017-01-013 Advisory Title: WordPress Simple Login Log Plugin Multiple SQL A Injection...