1592 matches found
CVE-2013-4930
The dissectdvbcitpduhdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service assertion failure and...
Updated wireshark package fixes security vulnerabilities
The Bluetooth SDP dissector could go into a large loop CVE-2013-4927. The DIS dissector could go into a large loop CVE-2013-4929. The DVB-CI dissector could crash CVE-2013-4930. The GSM RR dissector and possibly others could go into a large loop CVE-2013-4931. The GSM A Common dissector could cra...
MGASA-2013-0236 Updated wireshark package fixes security vulnerabilities
The Bluetooth SDP dissector could go into a large loop CVE-2013-4927. The DIS dissector could go into a large loop CVE-2013-4929. The DVB-CI dissector could crash CVE-2013-4930. The GSM RR dissector and possibly others could go into a large loop CVE-2013-4931. The GSM A Common dissector could cra...
Wireshark 1.8.x < 1.8.9 Multiple Vulnerabilities
The installed version of Wireshark 1.8 is earlier than 1.8.9. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - ASN.1 PER Bug 8722 - Bluetooth SDP Bug 8831 - DIS Bug 8911 - DVB-CI Bug 8916 - GSM A Common Bug 8940 - GSM RR Bug 8923 - Netmon file parser...
JVN#79950061: Jenkins vulnerable to cross-site scripting
Jenkins is a continuous integration CI tool. Jenkins contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN14791558. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according...
KLA10394 Multiple vulnerabilities in Siemens
Multiple critical vulnerabilities have been found in Siemens products. Malicious users can exploit these vulnerabilities to read & modify arbitrary files, cause denial of service, execute arbitrary code, bypass authentication, obtain access and inject arbitrary HTTP headers. Below is a complete...
KLA10386 Multiple vulnerabilities in VMware
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities 1. Insecure file...
KLA10240 CI vulnerability in Kontiki DMS
An XSS vulnerability was found in Kontiki DMS. By exploiting this vulnerability malicious users can inject arbitrary web script. This vulnerability can be exploited remotely via a specially designed call. Original advisories - Related products Kontiki-Delivery-Management-System CVE list...
CVE-2006-6247
Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to 1 slideshow.asp or 2 thumbnails.asp...
[SA17621] Check Point Firewall/VPN ISAKMP IKE Message Processing Denial of Service
TITLE: Check Point Firewall/VPN ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17621 VERIFY ADVISORY: http://secunia.com/advisories/17621/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote OPERATING SYSTEM: Check Point NGX http://secunia.com/product/6010/ SOFTWARE:...
KLA10185 Multiple vulnerabilities in Groove
Multiple serious vulnerabilities have been found in Groove products. Malicious users can exploit these vulnerabilities to obtain sensitive information, inject web scripts, bypass security restrictions and spoof filenames. Below is a complete list of vulnerabilities 1. Improper file extension...
CVE-2024-33849
ci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-coded Cryptographic Key...