EUVD-2014-2600

Malware in sbrugna...

[SECURITY] Fedora 42 Update: golang-x-perf-0-0.28.20250326git02a15fd.fc42

This package holds the source for various tools related to performance measurement, storage, and analysis. - cmd/benchstat contains a command-line tool that computes and 7 compares statistics about benchmarks. - cmd/benchsave contains a command-line tool for publishing benchmark results. - storag...

SAS Studio 安全漏洞

SAS Studio is a Web browser-based programming environment from SAS. A security vulnerability exists in SAS Studio version 9.4. A remote attacker could exploit the vulnerability to access internal files by manipulating the default path during file download...

SICK APU Security Vulnerability

SICK APU is a railroad analysis system from SICK Germany. A security vulnerability exists in the SICK APU RDT400 that stems from a lack of authorization checks. An attacker could exploit the vulnerability to modify data via an HTTP request...

SICK APU RDT400 Security Vulnerability

SICK APU is a railroad analysis system from SICK, Germany. A security vulnerability exists in the SICK APU RDT400 that stems from insufficient control flow management of the device, which allows an attacker to enable hidden functionality via an HTTP request...

SICK APU Security Vulnerability

SICK APU is a railroad analysis system from SICK, Germany. A security vulnerability exists in the SICK APU RDT400, which originates from the plaintext transmission of sensitive information, allowing a remote attacker to retrieve sensitive information by intercepting unencrypted network traffic...

Fluent Bit Code Issue Vulnerability

Fluent Bit is an open source log processing and analysis system written in C. A code issue vulnerability exists in Fluent Bit that arises from improper design or implementation during code development of a networked system or product. No detailed vulnerability details are provided at this time...

Heat Measurement and Temperature Control Integration Analysis System of Shandong Lichuang Technology Co.

Shandong Lichuang Technology Co., Ltd. heating measurement and temperature control integrated analysis system is a data analysis system designed with energy saving, consumption reduction and cost saving as the starting point according to the current guiding direction of energy saving and emission...

SAS Visual Analytics Cross-Site Scripting Vulnerability

SAS Visual Analytics is data visualization software that helps build and design interactive Web dashboards. A cross-site scripting vulnerability exists in the graph generator in SAS Visual Analytics 8.5. An attacker can exploit this vulnerability to execute malicious Javascript in a user's browse...

Memory Corruption Vulnerability in Packet Processing by Kolai Packet Player

Kelai Packet Player is a packet playback tool provided by Kelai Network Analysis System, which can play back the packet file and the original packet file from Kelai Network Analysis System to reproduce the communication of the network. A memory corruption vulnerability exists in the packet...

CVE-2016-9091

Blue Coat Advanced Secure Gateway ASG 6.6 before 6.6.5.4 and Content Analysis System CAS 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges...

Command injection

Blue Coat Advanced Secure Gateway ASG 6.6 before 6.6.5.4 and Content Analysis System CAS 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges...

CVE-2016-9091

Blue Coat Advanced Secure Gateway ASG 6.6 before 6.6.5.4 and Content Analysis System CAS 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges...

Bluecoat ASG 6.6/CAS OS Command Injection Vulnerability Vulnerability

Blue Coat Advanced Secure Gateway ASG and Content Analysis System CAS are both products of Blue Coat Systems, Inc. ASG is a secure Web gateway appliance; CAS is a malware analysis system that integrates application whitelisting and dual anti-malware signature databases. CAS is a malware analysis...

SQL Injection Vulnerability in the Online Data Analysis System of Jinan Angliwan Software Development Co.

Online data analysis system of Jinan Onlivan Software Development Co. Online Data Analysis System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SA123 : OpenSSL Vulnerabilities 3-May-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to intercept and decrypt TLS sessions, obtain arbitrary data from the target's memory stack, or execute arbitrary code through buffer...

SA119 : Multiple NSS Vulnerabilities

SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to trigger arbitrary code execution. The attacker can also cause denial of service through application crashes and memory corruption...

SA117 : OpenSSL Vulnerabilities 1-Mar-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to decrypt live and recorded SSL sessions, cause denial of service through application crashes, and possibly execute arbitrary code. A...

SA114 : GNU C Library (glibc) Remote Code Execution February 2016

SUMMARY Blue Coat products using an affected version of the GNU C Library glibc are susceptible to a remote execution attack. A remote attacker can send a crafted DNS response to the glibc DNS resolver and cause the resolver to crash or execute arbitrary code. AFFECTED PRODUCTS The following...

SA111 : OpenSSL Vulnerabilities 28-Jan-2016

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, and 0.9.8 are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to obtain ephemeral Diffie-Hellman DHE private key information and perform man-in-the-middle attacks on SSL/TLS...