120 matches found
Cisco Unified Intelligence Center (CUIC) Software Unauthenticated User Account Creation Vulnerability
A vulnerability in the jspringsecurityswitchuser function of Cisco Unified Intelligence Center CUIC Software could allow an unauthenticated, remote attacker to make certain changes to the system. The vulnerability is due to improper implementation of authorization controls when accessing certain...
Nagios Log Server 1.4.1 - Multiple Vulnerabilities
Nagios Log Server 1.4.1 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Log Server Multiple Vulnerabilities Affected versions: Nagios Log Server = 1.4.1 PDF:...
Nagios Log Server 1.4.1 - Multiple Vulnerabilities
, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Log Server Multiple Vulnerabilities Affected versions: Nagios Log Server = 1.4.1 PDF:...
Nagios Log Server 1.4.1 XSS / Authentication Bypass
, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Log Server Multiple Vulnerabilities Affected versions: Nagios Log Server = 1.4.1 PDF:...
Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability
A vulnerability in the Representational State Transfer REST interface of Cisco Spark could allow an unauthenticated, remote attacker to make changes to an affected system system. The vulnerability is due to improper implementation of authorization controls when accessing certain web pages of the...
ZTE ADSL ZXV10 W300 Authorization / Disclosure / Backdoor
Exploit Title: ZTE ADSL ZXV10 W300 modems - Multiple vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.zte.com.cn Versions Reported: W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 CVE-ID: CVE-2015-7257 CVE-2015-7258 CVE-2015-7259 Note: Large deployment size, primarily in Peru, used b...
ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities
ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities Exploit Title: ZTE ADSL ZXV10 W300 modems - Multiple vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.zte.com.cn Versions Reported: W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 CVE-ID: CVE-2015-7257 CVE-2015-7258 CVE-2015-7259...
ZTE ADSL Authorization Bypass / Information Disclosure
ZTE ADSL modems - Multiple vulnerabilities Confirmed on 2 of multiple software versions - W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 1 Insufficient authorization controls CVE-ID: CVE-2015-7257 Observed in Password Change functionality. Other functions may be vulnerable as well. Expected behavior...
Cisco Connected Grid Network Management System Privilege Escalation Vulnerability
A vulnerability in the web GUI of Cisco Connected Grid Network Management System could allow an authenticated, remote attacker to perform limited configuration changes while logged in as a user having the Monitor-Only role. The vulnerability is due to insufficient authorization controls. An...
Atlassian JIRA < 5.0.7 Privilege Escalation
According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is prior to 5.0.7. It is, therefore, potentially affected by a privilege escalation vulnerability. A remote attacker, using a crafted URL, can exploit this to bypass administrator-only...
X (Formerly Twitter): Creating Unauthorized Audience Lists
While creating a new audience list at the URL https://ads.twitter.com/accounts//audiencemanager/createlistaudience, under Data security and privacy it is clearly mentioned that When creating a list audience, the information in your data file is always hashed before it is sent to Twitter, and...
Cisco Transport Gateway for Smart Call Home Unauthorized Configuration Change Vulnerability
A vulnerability in the web framework code of Cisco Transport Gateway for Smart Call Home TG-SCH could allow an unauthenticated, remote attacker to make certain changes to the system. The vulnerability is due to improper implementation of authorization controls when accessing certain administrativ...
Cisco MediaSense Search and Play Authorization Vulnerability
A vulnerability in the Search and Play interface of Cisco MediaSense could allow an authenticated, remote attacker to access recordings in the Search and Play interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the...
Important: Red Hat Security Advisory: tomcat5 security update
An update for the Apache Tomcat 5 component for JBoss Enterprise Web Server 1.0.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...
Important: Red Hat Security Advisory: tomcat5 security update
Updated tomcat5 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score,...
Important: Red Hat Security Advisory: jbossweb security update
Updated jbossweb packages that fix one security issue are now available for JBoss Enterprise Application Platform 6.0.1 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS ba...
Important: Red Hat Security Advisory: jbossweb security update
An update for JBoss Enterprise Application Platform 6.0.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
Important: Red Hat Security Advisory: JBoss Enterprise Portal Platform 4.3 CP07 security update
An update for JBoss Enterprise Portal Platform 4.3 CP07 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives...
Important: Red Hat Security Advisory: jbossas security update
Updated jbossas packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3.0 CP10 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVS...
Important: Red Hat Security Advisory: jbossweb security update
An update for JBoss Enterprise Application Platform 4.3.0 CP10 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whic...