33 matches found
Barco ClickShare Button R9861500D01 Credential Management Error Vulnerability
The Barco ClickShare Button R9861500D01 is a wireless control device for presentation systems from Barco Belgium. A credential management error vulnerability exists in Barco ClickShare Button R9861500D01 versions prior to 1.9.0, which can be exploited by an attacker to forge arbitrary software...
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering www.ncp-e.com. The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows...
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering www.ncp-e.com. The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows...
Cache Side-Channel Attack
libgcrypt.so is vulnerable to cache side-channel attack. The attack is possible when an attacker can run arbitrary software on the hardware where the private RSA key is used...
CVE-2017-7526
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This...
Snom SIP Phone Denial Of Service
Snom SIP phones www.snom.com have a builtin HTTP/HTTPS configuration interface, which is enabled by default. By making a single HTTP POST request all available memory and CPU can be exhausted, resulting in a reboot of the phone. This even works if the HTTP/HTTPS interface is protected by username...
CVE-2013-1651
OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof update servers and install arbitrary software via a crafted certificate...
Open redirect
OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof update servers and install arbitrary software via a crafted certificate...
CVE-2003-0237
CVE-2003-0237 affects Mirabilis ICQ Pro 2003a via the ICQ Features on Demand spoofing vulnerability. The hard-coded DataURL for downloaded features in Packages.ini is not authenticated, allowing an attacker to impersonate the package repository and install malicious software, potentially enabling...
CVE-2002-0317
Gator ActiveX component IEGator.dll 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file setup.ex in the src parameter...
CVE-2002-0317
CVE-2002-0317 involves the Gator ActiveX component (IEGator.dll) 3.0.6.1. The vulnerability allows remote websites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter, enabling a remote-initiated installation via the ActiveX control. This ...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...