Liferay Portal CE Cross-Site Scripting Vulnerability (CNVD-2017-20983)

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses EJB as well as JMS and other technologies , and can be used as a Web publishing and sharing workspaces , enterprise collaboration platforms , social networks and so on. A cross-site scripting vulnerability exists ...

Cross site scripting

XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL...

Cross site scripting

XSS exists in Liferay Portal before 7.0 CE GA4 via a login name, password, or e-mail address...

CVE-2017-12648

XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL...

CVE-2016-10404

XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp...

CVE-2017-1000009

Akeneo PIM CE and EE are affected by a shell injection vulnerability in the mass edition feature for versions < 1.6.6, < 1.5.15, and

CVE-2017-6648

A vulnerability in the Session Initiation Protocol SIP of the Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerabili...

Cisco TelePresence CE and TC Software 'SIP' DoS Vulnerability (cisco-sa-20170607-tele)

Cisco TelePresence Endpoint is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-3825

A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to...

CVE-2017-3825

A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to...

CVE-2017-3825

CVE-2017-3825 affects Cisco TelePresence CE software via ICMP ingress packet processing. The issue arises from incomplete validation of the ICMP packet size, enabling an unauthenticated, remote attacker to trigger a reload of the TelePresence endpoint and cause DoS, potentially dropping calls. Af...

CURL-CVE-2016-9952 Win CE Schannel cert wildcard matches too much

curl's TLS server certificate checks are flawed on Windows CE. This vulnerability occurs in the verify certificate function when comparing a wildcard certificate name as returned by the Windows API function CertGetNameString to the hostname used to make the connection to the server. The...

Win CE Schannel cert wildcard matches too much

curl's TLS server certificate checks are flawed on Windows CE. This vulnerability occurs in the verify certificate function when comparing a wildcard certificate name as returned by the Windows API function CertGetNameString to the hostname used to make the connection to the server. The...

CURL-CVE-2016-9953 Win CE Schannel cert name out of buffer read

curl's TLS server certificate checks are flawed on Windows CE. This vulnerability occurs in the verify certificate function when comparing a wildcard certificate name as returned by the Windows API function CertGetNameString to the hostname used to make the connection to the server. The pattern...

OsiriX DICOM Viewer 8.0.1 - Memory Corruption

OsiriX DICOM Viewer 8.0.1 - Memory Corruption !/usr/bin/env python -- coding: utf8 -- OsiriX DICOM Viewer 8.0.1 dulparse.cc Remote Memory Corruption Vulnerability Vendor: Pixmeo Sarl Product web page: http://www.osirix-viewer.com Affected version: OsiriX 8.0.1 Summary: With high performance and a...

CVE-2016-7488

Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr, enabling a local user to modify its contents and execute commands as root. The issue originates from insecure permissions in the /etc/luminex directory (pkgmgr file). Public references indicate...

Magento Community Edition 2.1.x < 2.1.2 Multiple Vulnerabilities

Binary data 8965.prm...

CVE-2014-5415

Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification ADS TwinCAT components might allow remote attackers to obtain access via the 1 Windows CE Remote Configuration Tool, 2 CE Remote Display service, or 3 TELNET service...

Design/Logic Flaw

Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification ADS TwinCAT components might allow remote attackers to obtain access via the 1 Windows CE Remote Configuration Tool, 2 CE Remote Display service, or 3 TELNET service...

CVE-2014-5415 Beckhoff Embedded PC Images and TwinCAT Components Exposed Dangerous Method or Function

Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification ADS TwinCAT components might allow remote attackers to obtain access via the 1 Windows CE Remote Configuration Tool, 2 CE Remote Display service, or 3 TELNET service...