Lucene search
K

9863 matches found

OpenVAS
OpenVAS
added 2011/09/28 12:0 a.m.20 views

IBM WebSphere Application Server 7.x < 7.0.0.19 OpenSAML XML Signature Wrapping Vulnerability

IBM WebSphere Application Server ships a OpenSAML implementation which is prone to a security vulnerability involving XML signature wrapping. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

5.8CVSS6.1AI score0.02291EPSS
Exploits0References3
securityvulns
securityvulns
added 2011/09/20 12:0 a.m.108 views

[Onapsis Security Advisory 2011-015] SAP WebAS webrfc Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-015: SAP WebAS webrfc Cross-Site Scripting This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.47 views

Уязвимости в JBoss Application Server

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Information Leakage и Brute Force уязвимостях в JBoss Application Server. Information Leakage WASC-13: http://site/status http://site/status?full=true Публично доступная статистика работы сервера с перечнем всех его сервисов. Brute Force WASC-11:...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/09/09 12:0 a.m.30 views

IBM WebSphere Application Server Administration Directory Traversal Vulnerability

The host is running IBM WebSphere Application Server and is prone to directory traversal vulnerability. OpenVAS Vulnerability Test $Id: gbibmwasadminconsoledirtravvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ IBM WebSphere Application Server Administration Directory Traversal Vulnerability Authors...

5CVSS0.1AI score0.0178EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/09/09 12:0 a.m.27 views

IBM WebSphere Application Server Directory Traversal Vulnerability (Sep 2011)

IBM WebSphere Application Server is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.2AI score0.0178EPSS
Exploits0References5
CVE
CVE
added 2011/09/06 3:0 p.m.78 views

CVE-2011-1359

CVE-2011-1359 describes a directory traversal vulnerability in the IBM WebSphere Application Server administration console. An unauthenticated remote attacker can read arbitrary files by using a .. in the URI. Affected versions: WAS 6.1 before 6.1.0.41, WAS 7.0 before 7.0.0.19, and WAS 8.0 before...

5CVSS6.4AI score0.0178EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.39 views

NGS00054 Technical Advisory: : Lumension Device Control &#40;formerly Sanctuary&#41; remote memory corruption

======= Summary ======= Name: Lumension Device Control formerly Sanctuary remote memory corruption Release Date: 24 August 2011 Reference: NGS00054 Discoverer: Andy Davis [email protected] Vendor: Lumension Vendor Reference: Systems Affected: Lumension Device Control v4.4 SR6 Risk: High...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.54 views

ZDI-11-260: Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability

ZDI-11-260: Nortel Media Application Server cstore.exe csanams Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-260 August 16, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Nortel -- Affected Products: Nortel Media Application Server --...

1.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2011/08/16 12:0 a.m.23 views

Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Nortel Media Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the cstore.exe component which listens by default on TCP port 52005. When...

10CVSS7.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/08/16 12:0 a.m.271 views

Oracle GlassFish HTTP Server Version

The remote host is running an Oracle GlassFish HTTP Server, a Java EE application server. It was possible to read the version number from the HTTP response headers. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55930; scriptversion"1.13";...

5.5AI score
Exploits0References1
Symantec
Symantec
added 2011/08/09 12:0 a.m.21 views

Microsoft Internet Explorer XSLT Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
added 2011/08/09 12:0 a.m.19 views

Microsoft Windows Data Access Component DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Windows is prone to an arbitrary-code-execution vulnerability that affects the Data Access Component. Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. Technologies Affected Avaya Aura Conferenci...

7.8AI score
Exploits0References6Affected Software6
Symantec
Symantec
added 2011/08/09 12:0 a.m.12 views

Microsoft .NET Framework 'System.Net.Sockets' Namespace Security Bypass Vulnerability

Description The Microsoft .NET Framework is prone to a security-bypass vulnerability. Attackers can exploit this issue to perform denial-of-service attacks, scan network resources, and obtain potentially sensitive information that was not intended to be disclosed. Technologies Affected Avaya Aura...

0.3AI score
Exploits0Affected Software5
Symantec
Symantec
added 2011/08/09 12:0 a.m.42 views

Microsoft Remote Desktop Protocol CVE-2011-1968 Denial of Service Vulnerability

Description Microsoft Remote Desktop Protocol is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to shut down or restart the affected system, therefore denying service to legitimate users. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 5.0 Avaya...

7.1CVSS6.5AI score0.25708EPSS
Exploits1Affected Software6
OpenVAS
OpenVAS
added 2011/07/27 12:0 a.m.26 views

IBM WebSphere Application Multiple Vulnerabilities Jul-11

The host is running IBM WebSphere Application Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmwasmultiplevulnjul11.nasl 7019 2017-08-29 11:51:27Z teissa $ IBM WebSphere Application Multiple Vulnerabilities Jul-11 Authors: Antu sanadi Copyright: Copyright ...

5.8CVSS0.5AI score0.01867EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/07/27 12:0 a.m.25 views

IBM WebSphere Application Multiple Vulnerabilities (Jul 2011)

IBM WebSphere Application Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.8CVSS6.3AI score0.01867EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/07/22 12:0 a.m.38 views

IBM WebSphere Application Server 6.1 < 6.1.0.39 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 39 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - Use of an insecure XML encryption algorithm could allow for decryption of JAX-RPC or JAX-WS Web Services requests. PM34841 - A...

5.8CVSS5.6AI score0.01867EPSS
Exploits1References6
seebug.org
seebug.org
added 2011/07/20 12:0 a.m.34 views

IBM WebSphere Application Server 'logoutExitPage'参数安全绕过漏洞

Bugtraq ID: 48710 CVE ID:CVE-2011-1355 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 WebSphere Application Server对logoutExitPage参数缺少正确校验,允许远程攻击者绕过安全限制。攻击者可以利用此漏洞重定向应阻拦的域上面。 IBM Websphere Application Server 7.0 IBM Websphere Application Server 6.1 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息:...

5.8CVSS6.4AI score0.01867EPSS
Exploits1
Prion
Prion
added 2011/07/19 8:55 p.m.21 views

Open redirect

Open redirect vulnerability in IBM WebSphere Application Server WAS 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage parameter...

5.8CVSS6.8AI score0.01867EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2011/07/19 8:55 p.m.18 views

Design/Logic Flaw

IBM WebSphere Application Server WAS 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request...

2.1CVSS6AI score0.00358EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder