216 matches found
UBUNTU-CVE-2016-1638
extensions/renderer/resources/platformapp.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app...
Red Hat Enterprise Virtualization Hypervisor Local Unauthorized Access Vulnerability
Red Hat Enterprise Virtualization Hypervisor is a virtualization solution hypervisor. The Red Hat Enterprise Virtualization Hypervisor WEB management interface fails to properly handle session timeouts when a VM is selected in the VM Grid view, and local users have access to other WEB interfaces...
GIGAPOD vulnerable to denial-of-service (DoS)
Overview GIGAPOD provided by TripodWorks CO.,LTD. contains a denial-of-service DoS vulnerability. GIGAPOD file servers Appliance model and Software model from TripodWorks CO.,LTD. provide two web interfaces. First, a user web interface via ports 80/443, and a second, an administrative web interfa...
Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ADVISORY NUMBER AID-070611 Advisory 1: TITLE Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces. SUMMARY A persistent Cross Site Scripting vulnerability XSS was discovered where an attacker could plant an AP with...
Fedora Update for roundup FEDORA-2010-12261
Check for the Version of roundup OpenVAS Vulnerability Test Fedora Update for roundup FEDORA-2010-12261 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
cPanel HTTP Response Splitting
Recognize-Security - cPanel HTTP Response Splitting Vulnerability ----------------------------------------------------------------- Security Advisory by Trancer January 21 2010 http://www.rec-sec.com "Hacking, however, is an art, not a science." Vendor ------ cPanel Inc. - http://www.cpanel.net...
CVE-2007-5539
Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise ICME, Unified ICM Hosted ICMH, Unified Contact Center Enterprise UCCE, Unified Contact Center Hosted UCCH, and System Unified Contact Center Enterprise SUCCE 7.15 allows remote authenticated users to gain...
Code injection
Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise ICME, Unified ICM Hosted ICMH, Unified Contact Center Enterprise UCCE, Unified Contact Center Hosted UCCH, and System Unified Contact Center Enterprise SUCCE 7.15 allows remote authenticated users to gain...
CVE-2007-5539
Cisco UC/ICM suite components (ICME, ICMH, UCCE, UCCH, SUCCE) version 7.1(5) contain an unspecified vulnerability that allows remote authenticated users to gain privileges, read reports, or alter SUCCE configuration via certain web interfaces. The exact root cause, affected subcomponents, and exp...
Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service source: https://www.securityfocus.com/bid/25352/info Cisco IOS is prone to a remote denial-of-service vulnerability because the software fails to properly handle certain CLI commands. To issue commands that trigger this vulnerability,...
Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
source: https://www.securityfocus.com/bid/25352/info Cisco IOS is prone to a remote denial-of-service vulnerability because the software fails to properly handle certain CLI commands. To issue commands that trigger this vulnerability, attackers must be able to successfully authenticate to...
PT-2007-2464 · Red Hat · Jboss
Name of the Vulnerable Software and Affected Versions: JBoss affected versions not specified Description: The default configuration of JBoss does not restrict access to the console and web management interfaces, allowing remote attackers to bypass authentication and gain administrative access...
Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability
Computer Terrorism UK :: Incident Response Centre www.computerterrorism.com Security Advisory: CT12-09-2006 ============================================================ Adobe/Macromedia Flash Player - Remote Code Execution ============================================================ Advisory Date...
Cisco CallManager Administration and User Options Web Interfaces Cross-Site Scripting Vulnerability
Cisco CallManager versions prior to 4.31, 4.23, 4.13SR4 and 3.35SR3 contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary script in the user's browser session. The vulnerability exists due to improper input sanitization in the CallManager Administration...
CVE-2004-0672
Multiple cross-site scripting XSS vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via 1 script that starts with %00 in the numOfExpressions parameter or 2 the mobjtype parameter...
CVE-2004-0672
Multiple cross-site scripting XSS vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via 1 script that starts with %00 in the numOfExpressions parameter or 2 the mobjtype parameter...