CVE-2015-0718

Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System UCS platforms allows remote attackers to cause a denial of service TCP stack reload by sending crafted TCP packets to a device that has a TIMEWAIT TCP session, aka Bug ID CSCub70579...

Moderate: Red Hat Security Advisory: kubernetes security update

Updated kubernetes packages that fix two security issues are now available for Red Hat OpenShift Enterprise 3.0.2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

SQL Injection Vulnerability in 'infoid' Parameter of Wave Software Government System

Wave software government system is an industry informatization application system built on the basis of cloud computing and big data. A SQL injection vulnerability exists in the parameters of the WaveSoft Government System. The lack of filtering of the 'infoid' parameter allows an attacker to...

Redirecting On the Edge

On the web, every second counts. Service engineers and operations teams are looking for ways to save milliseconds from web pages' load times. One of the simpler ways to squeeze better performance from web pages already using a Content Delivery Network CDN is to move the redirection responses from...

Cisco Unified Computing System Manager and FX-OS for Firepower 9000 Series Remote Code Execution Vulnerability

Cisco Unified Computing System Manager and Cisco FX-OS on Firepower 9000 are both products of the U.S. company Cisco Cisco. The former is a set of embedded device management software, it can be Cisco Unified Computing System as a single, highly usable logical entity, from end to end to manage, th...

Cisco Unified Computing System Manager Remote Command Execution Vulnerability (cisco-sa-20160120-ucsm)

A vulnerability in a CGI script in the Cisco Unified Computing System UCS Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco UCS Manager. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources,...

kingdee EAS系统 V7.5 /plt_iservice/service/findFavList.action 远程命令执行漏洞

0x01 框架介绍 全球第一款融合TOGAF标准SOA架构的企业管理软件，金蝶EAS面向亟待跨越 成长鸿沟的大中型企业，以"创造无边界信息流"为产品设计理念， 支持云计算、SOA 和动态流程管理的整合技术平台，全面覆盖企业战略管理、风险管理、集团财务管 理、战略人力资源管理、跨组织供应链、多工厂制造和外部产业链等管理领域，突破 流程制造、项目制造、供应商协作、客户协作等复杂制造和产业链协同应用，实现业 务的全面管理，支持管理创新与发展，帮助企业敏捷应对日益复杂的商业环境变化， 提升整体运作效率，实现效益最大化。 官方主页：www.kingdee.com 0x02 漏洞细节...

secure-computing.net XSS vulnerability

Vulnerable URL: https://www.secure-computing.net/wiki/thumb.php?f=xssposed%23%3Cbody%09onload=confirm%28String.fromCharCode%2888,83,83,80,79,83,69,68%29%29%3E Details: Description| Value ---|--- Patched:| Yes, at 04.04.2016 Latest check for patch:| 04.04.2016 11:29 GMT Vulnerability type:| XSS...

3 6 0 Marvel Team virtualization vulnerabilities the fourth bomb: CVE-2 0 1 5-8 5 6 7 vulnerability analysis-vulnerability warning-the black bar safety net

2 0 1 5 years is“the cloud leap”year, is also a virtualization vulnerability really is people cognition, attention of a year, unwilling to“like the wind”3 6 0 Marvel Team take the initiative, with practical actions for cloud computing escort. As of today, we accumulated in kvm, xen, vmware platfo...

Seemingly tasteless ESPCMS background injected, can actually be a lot of fun-vulnerability warning-the black bar safety net

Yesterday, the black bar safety net loophole platform exposes a ESPCMS of injection vulnerabilities, Ali cloud computing security attack and defense against a team of friends first time on the vulnerability to do an impact assessment. Did not think need to login to the backend before it can be...

Cisco Unified Computing System (UCS) Denial of Service Vulnerability

Cisco Unified Computing System Manager provides unified, embedded management of all hardware and software components within a unified computing system. A security vulnerability exists in the SSH management interface of the Fabric Interconnect 6200 appliance. A remote attacker could cause a denial...

Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.2.8 security, bug fix, and enhancement update

Red Hat OpenShift Enterprise release 2.2.8, which fixes one security issue, several bugs, and introduces feature enhancements, is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

CVE-2015-6415

Cisco Unified Computing System UCS 2.23fA on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service CPU consumption or device outage via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757...

Moderate: Red Hat Security Advisory: openshift security update

Updated openshift images that fix one security issue are now available for Red Hat OpenShift Enterprise 3.0 and 3.1. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unified Computing System UCS Central Software 1.30.1 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573...

CVE-2015-6387

The CVE-2015-6387 entry refers to a cross-site scripting (XSS) vulnerability in Cisco UCS Central Software (version 1.3(0.1)). The root cause is insufficient input validation in the web interface, allowing an unauthenticated/remote attacker to inject arbitrary script or HTML via a crafted URL. Im...

360MarvelTeam virtualization vulnerability of the third bullet: CVE-2 0 1 5-7 5 0 4 vulnerability analysis-vulnerability warning-the black bar safety net

Recently amazon, Ali cloud and other cloud providers have received the xen official of the vulnerability notification email, in this email, the official statement MarvelTeam found and reported a high-risk vulnerability. Today's protagonist is this gold number CVE-2 0 1 5-7 5 0 4, a gold affects...

Moderate: Red Hat Security Advisory: openshift security update

Updated openshift packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.0 and 3.1. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Cisco WebEx for Android Security Patch

Cisco has been busy the last two days pushing out a patch and security advisories for a number of its products, including a fix for a remotely exploitable vulnerability in its WebEx Meetings mobile application for Android. Cisco said the vulnerability affects versions prior to 8.5.1 of the app, a...

Cisco Unified Computing System Central Software Cross-Site Scripting Vulnerability

A vulnerability in the HTTP web-based management interface of Cisco Unified Computing System UCS Central Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to...