Cacti aggregate_graphs.php file cross-site scripting vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in the...

Cross site scripting

Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable...

DEBIAN-CVE-2017-11163

Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable...

UBUNTU-CVE-2017-11163

Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable...

Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privilege Escalation

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1107 Windows: COM Aggregate Marshaler/IRemUnknown2 Type Confusion EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: When accessing an OOP COM object using IRemUnknown2 the local...

CVE-2017-0213

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a speciall...

Privilege escalation

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a speciall...

CVE-2017-0213

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a speciall...

CVE-2017-0213

CVE-2017-0213 is a Windows privilege-escalation flaw in the COM Aggregate Marshaler that can be triggered by a specially crafted application to gain elevated privileges locally. Public documentation confirms affected OS ranges including Windows 7 SP1, Windows Server 2008 SP2/R2 SP1, Windows 8.1, ...

CVE-2017-0213

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a speciall...

KB4019472: Windows 10 Version 1607 and Windows Server 2016 May 2017 Cumulative Update

The remote Windows host is missing security update KB4019472. It is, therefore, affected by multiple vulnerabilities : - A security bypass vulnerability exists in Internet Explorer due to an unspecified flaw. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a...

Nine Years of Better Broadband

One of the questions I am frequently asked about the State of the Internet is how things are changing - what are the trends we see in the data? As we've just closed out the ninth year of publication of the Connectivity report, I thought that it would be a good time to take look back and see just...

PostgreSQL 9.1.x < 9.1.24 / 9.2.x < 9.2.19 / 9.3.x < 9.3.15 / 9.4.x < 9.4.10 / 9.5.x < 9.5.5 / 9.6.x < 9.6.1 Aggregate Functions Use-after-free DoS

The version of PostgreSQL installed on the remote host is 9.1.x prior to 9.1.24, 9.2.x prior to 9.2.19, 9.3.x prior to 9.3.15, 9.4.x prior to 9.4.10, 9.5.x prior to 9.5.5, or 9.6.x prior to 9.6.1. It is, therefore, affected by a denial of service vulnerability due to a use-after-free error when...

The vulnerability of the integration platform Tibbo AggreGate, which allows a hacker to load and execute arbitrary Java code.

The vulnerability of the agserverservice.exe module in the Tibbo AggreGate integration platform is related to the lack of restrictions on file downloads. Exploiting this vulnerability allows a malicious actor to download and execute arbitrary Java code using a specially crafted XML document...

Greenbone Networks Greenbone Security Assistant charts module cross-site scripting vulnerability

Greenbone Networks Greenbone Security Assistant GSA is a web interface that provides access to the OpenVAS service layer. charts is one of the charting modules. The charts module/opm URI in the Greenbone Networks GSA fails to adequately filter the 'aggregatetype' parameter in the getaggregat...

CVE-2016-1926

Cross-site scripting XSS vulnerability in the charts module in Greenbone Security Assistant GSA 6.x before 6.0.8 allows remote attackers to inject arbitrary web script or HTML via the aggregatetype parameter in a getaggregate command to omp...

Tibbo Technology AggreGate权限提升漏洞

No description provided by source...

Tibbo Technology AggreGate远程代码执行漏洞

No description provided by source...

Tibbo Technology AggreGate Remote Code Execution Vulnerability

Tibbo Technology AggreGate is Tibbo Technology's integrated IoT platform for controlling, configuring, monitoring and servicing different electronic devices through advanced networking technologies. A security vulnerability exists in the Ice Faces servlet in the agserverservice.exe file in the...

Tibbo Technology AggreGate Elevation of Privilege Vulnerability

Tibbo Technology AggreGate is Tibbo Technology's integrated IoT platform for controlling, configuring, monitoring and servicing different electronic devices through advanced networking technologies. A security vulnerability exists in the agserverservice.exe file in the AggreGate Server Service of...