CVE-2013-0669

The HMI web application in Siemens WinCC TIA Portal 11 allows remote authenticated users to cause a denial of service daemon crash via a crafted HTTP request...

CVE-2013-1653

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code v...

Heap overflow

Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request...

CVE-2012-2560

CVE-2012-2560 affects WellinTech KingView 6.53. A directory traversal vulnerability allows remote attackers to read arbitrary files by sending a crafted HTTP request to port 8001. The issue originates from a path traversal weakness in KingView, with the potential for file disclosure. Red Hat/NVD ...

CVE-2012-2560

Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001...

SpecView Web Server Directory Traversal Vulnerability (Jul 2012) - Active Check

SpecView is prone to a directory traversal vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2011-4880

Directory traversal vulnerability in the web server in Certec atvise webMI2ADS aka webMI before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request...

D-Link DSL-2650U - Denial of Service (PoC)

D-Link DSL-2650U - Denial of Service PoC Exploit Title: Dlink DSL-2650U DoS/PoC Date: July 6th, 2011 Author: Li'el Fridman Software Link: ftp://ftp.dlink.ru/pub/ADSL/DSL-2650UBRUD/Firmware/RU1.20/DSL-2650UBRUD1RU1.2006222011.zip Version: 1.20 Tested on: Default firmware - Linux 2.6.8.1...

CVE-2011-1688

Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote attackers to read arbitrary files via a crafted HTTP request...

Directory traversal

Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote attackers to read arbitrary files via a crafted HTTP request...

HP OpenView Network Node Manager ovutil.dll stringToSeconds Buffer Overflow (CVE-2011-0262)

The Network Node Manager NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. A buffer overflow vulnerability has been reported in HP OpenView Network...

IBM Rational Quality Manager and Test Lab Manager Policy Bypass

Added: 11/05/2010 CVE: CVE-2010-4094 BID: 44172 Background IBM Rational Quality Manager is a web-based centralized test management environment for test planning, workflow control, tracking and metrics reporting. IBM Rational Quality Manager incorporates Apache Tomcat 5 to help serve custom web...

IBM Rational Quality Manager and Test Lab Manager Policy Bypass

Added: 11/05/2010 CVE: CVE-2010-4094 BID: 44172 Background IBM Rational Quality Manager is a web-based centralized test management environment for test planning, workflow control, tracking and metrics reporting. IBM Rational Quality Manager incorporates Apache Tomcat 5 to help serve custom web...

HP Performance Manager Apache Tomcat Policy Bypass

Added: 11/05/2010 CVE: CVE-2009-3548 BID: 36954 OSVDB: 60176 Background HP Performance Manager Software is a web-based analysis and visualization tool that analyzes performance trends of applications, systems, and services. HP Performance Manager incorporates Apache Tomcat 5 to help serve custom...

httpdx - 'tolog()' Format String (Metasploit) (2)

$Id: httpdxtologformat.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

HP OpenView Network Node Manager OvJavaLocale Buffer Overflow (CVE-2010-2709)

HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes several optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, and OpenView Network Node Manager. A buffer overflow vulnerability h...

CVE-2010-2493

The default configuration of the deployment descriptor aka web.xml in picketlink-sts.war in 1 the securitysaml quickstart, 2 the webserviceproxysecurity quickstart, 3 the web-console application, 4 the http-invoker application, 5 the gpd-deployer application, 6 the jbpm-console application, 7 the...

Default configuration

The default configuration of the deployment descriptor aka web.xml in picketlink-sts.war in 1 the securitysaml quickstart, 2 the webserviceproxysecurity quickstart, 3 the web-console application, 4 the http-invoker application, 5 the gpd-deployer application, 6 the jbpm-console application, 7 the...

HP OpenView Network Node Manager ovet_demandpoll.exe Code Execution (CVE-2010-1550)

HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes several optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, and OpenView Network Node Manager. A remote code execution...

JBoss EAP jmx authentication bypass with crafted HTTP request

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET...