428 matches found
PT-2018-2660 · Linksys · Linksys E2500 +2
Name of the Vulnerable Software and Affected Versions: Linksys E1200 version 2.0.09 Linksys E2500 version 3.0.04 Description: An operating system command injection exists in the Linksys E-Series line of routers. Specially crafted entries to network configuration information can cause execution of...
Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection
Summary The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security vulnerabilities have been discovered in libcurl used with IBM Security Network Protection. Vulnerability Details CVEID:...
Cisco Prime Infrastructure Elevation of Privilege Vulnerability (CNVD-2018-02043)
Cisco Prime Infrastructure PI is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies for wireless management. solution. An elevation of privilege vulnerability exists in Role-Based Access Control RBAC in Cisco Prime Infrastructure, which stems...
Password Disclosure In Logs
Sentry is vulnerable to password disclosure. If there is an error on authenticated request, the user's username and password are printed to the logs. This is due to the version of Django is used...
CVE-2015-5913
Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request...
Cross site request forgery (csrf)
Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request...
CVE-2015-5913
The CVE-2015-5913 entry affects Heimdal Kerberos as used by Apple OS X before 10.11. The underlying issue allows remote attackers to perform replay attacks against the SMB server by sending packet data that corresponds to a Kerberos-authenticated request. Affected environment is OS X prior to 10....
Oracle XML DB SID Discovery
This module simply makes an authenticated request to retrieve the sid from the Oracle XML DB httpd server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle XML DB SID Discovery',...