174 matches found
CVE-2017-11498
Buffer overflow in hasplms in Gemalto ACC Admin Control Center, all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process a denial of service via a language pack ZIP file with invalid HTML files...
Oracle Primavera Gateway Multiple Vulnerabilities (July 2017 CPU)
According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is prior to 14.2.3, 15.x prior to 15.2.12, or 16.x prior to 16.2.4. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exist...
Palo Alto Networks PAN-OS 7.0.x < 7.0.8 Multiple Vulnerabilities (PAN-SA-2016-0008 / PAN-SA-2016-0009)
The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.x prior to 7.0.8. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists in the API hosted on the management interface, specifically in the panUserLogin function within...
HP UCMDB Server Java Deserialization RCE
The HP Universal Configuration Management Database UCMDB Server running on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can...
CVE-2016-3642
Summary: CVE-2016-3642 affects SolarWinds Virtualization Manager; the RMI service (port 1099/TCP) can be exploited via a crafted serialized Java object to achieve remote code execution, due to insecure deserialization tied to Apache Commons Collections (ACC). The vulnerability is present in 6.3.1...
CVE-2016-4368
CVE-2016-4368 affects HPE Universal CMDB products (UCMDB Server/Configuration Manager/Universal Discovery) versions 10.0–10.21. The root cause is unsafe deserialization of unauthenticated Java objects to the Apache Commons Collections (ACC) library, enabling remote code execution. Impact is remot...
CVE-2016-2003
Summary: CVE-2016-2003 affects HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00. Root cause: remote code execution via crafted serialized Java objects, related to the Apache Commons Collections library, due to insecure de...
McAfee ePolicy Orchestrator Java Object Deserialization RCE
The McAfee ePolicy Orchestrator ePO installed on the remote Windows host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this to...
CVE-2015-8765
CVE-2015-8765 affects Intel McAfee ePolicy Orchestrator (ePO) with remote code execution via crafted serialized Java objects in the Apache Commons Collections library. Affected versions include ePO 4.6.9 and earlier; 5.0.x; 5.1.x before 5.1.3 Hotfix 1106041; and 5.3.x before 5.3.1 Hotfix 1106041....
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider;...
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider;...
Avigilon Control Center is vulnerable to path traversal
Overview The Avigilon Control Center ACC is a server software for security and surveillance systems. The ACC Server is vulnerable to a path traversal attack, allowing an attacker to access any file on the server. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Pat...
CVE-2014-7387
The ACC Advocacy Action aka com.acc.app.android.ui application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7387
The ACC Advocacy Action (com.acc.app.android.ui) 2.0 for Android is affected: it does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via crafted certificates. Root cause is missing/incorrect certificate valida...
Acc PHP eMail 1.1 - CSRF
No description provided by source. /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111 ---------------------------------------------------------------- + Acc PHP eMail v1.1 - CSRF // Author Info x Author: bi0 x Contact: [email protected] x Homepage :...
ACC IMoveis 4.0 - SQL Injection Vulnerability
No description provided by source. Exploit Title : iMoveis SQL Injection Vulnerability Date : 26/10/2010 Author : EraGoN Software link : http://baixar7.com/download/acc-imoveis-script-php.rar/3d1e7bf4b9 Version : 1.1 Tested on : Linux / Windows XP Dork : inurl:imoveis.php?id= Error You have an...
Mybb All Version Denial of Service Vulnerability
Mybb All Version Denial of Service Vulnerability !/usr/bin/perl @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@...
SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference
SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference IOActive Security Advisory Title: SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference Severity: Critical Discovered by: Lucas Apa Date Reported: 09/11/12 CVE: TBD Siemens Advisory: SSA-938777...
Important: Red Hat Security Advisory: jbossas-web and jboss-naming security update
Updated jbossas-web and jboss-naming packages that fix two security issues are now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...
Moderate: Red Hat Security Advisory: jbossas security update
An update for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which give...