1190 matches found
CVE-2018-0120
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct an SQL injection attack against an affected system. The vulnerability exists because the affected software fails to validate user-supplied input in certain SQL...
Design/Logic Flaw
admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin wp-splashing-images before 2.1.1 for WordPress allows authenticated administrator, editor, or author remote attackers to conduct PHP Object Injection attacks via crafted serialized data in the 'session' HTTP GET parameter t...
Security Advisory - Memory Leak Vulnerability in Some Huawei FireWall Products
Some Huawei FireWall products have a memory leak vulnerability due to memory don't be released when an local authenticated attacker execute special commands many times. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.Vulnerability ID:...
CVE-2017-1487
IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626...
CVE-2017-12331
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local attacker could exploit th...
Information disclosure
A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product. An attacker could execute a query on an Event Center site to view scheduled meetings. A successful query would...
UBUNTU-CVE-2017-16651
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid...
Directory traversal
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to...
CVE-2017-12227
CVE-2017-12227 corresponds to a blind SQL injection in the Cisco Emergency Responder SQL database interface. The vulnerability arises from failure to validate user-supplied input used in SQL queries, allowing an authenticated, remote attacker to craft URLs containing SQL statements and potentiall...
CVE-2017-6738
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these...
Microsoft Security Advisory 4033453: Vulnerability in Azure AD Connect Could Allow Elevation of Privilege
The version of Azure Active Directory AD Connect installed on the remote Windows host is prior to 1.1.553.0, and the password writeback setting is enabled. It is, therefore, affected by an elevation of privilege vulnerability due to improper permissions being granted when enabling the password...
Trend Micro SafeSync for Enterprise license Command Injection
A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameter sent to the license end point. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to the...
Information disclosure
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka...
CVE-2016-4908
CVE-2016-4908 affects Cybozu Garoon 3.0.0–4.2.2, where an access restriction flaw in the RSS settings allows remote authenticated attackers to bypass protections and alter or delete another user’s private RSS settings via unspecified vectors. The OpenVAS/JVN entries and CVE records corroborate an...
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface of PAN-OS, that could allow for Information Disclosure. The Management Web Interface does not properly validate certain permissions which could allow for Information Disclosure. Ref PAN-70541 / CVE-2017-7644 Successfully exploiting this issue...
CVE-2016-9461
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a read-only share to...
Windows SMB Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most...
DEBIAN-CVE-2017-5595
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...
Cross site scripting
XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter...
CVE-2017-5875
XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter...