55 matches found
SUSE SLES15 Security Update : gvfs (SUSE-SU-2026:0923-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0923-1 advisory. - CVE-2026-28295: Fix ftp use control connection address for PASV data bsc1258953. - CVE-2026-28296: Fix ftp reject paths containin...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004754)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004754 advisory. An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the rdsconncreate function in net/rds/connection.c in a certain combination of...
EUVD-2010-0018
Malware in sbrugna...
Workspace on Android Errors with Error Code 548
An error has occurred while connecting. Check your server address and data connection. Error Code 548...
CVE-2023-3373
Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000 and prior allows a remote unauthenticated attacker to hijack data connections session hijacking ...
CVE-2023-3373
Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000 and prior allows a remote unauthenticated attacker to hijack data connections session hijacking ...
Mitsubishi Electric GOT2000 Security Feature Issue Vulnerability
Mitsubishi Electric GOT2000 is a GOT2000 series graphical operator terminal from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric GOT2000. An unauthenticated remote attacker can hijack a data connection session hijacking or prevent a legitimate user from...
SUSE CVE-2019-9499
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
IBM Cognos Analytics Information Disclosure Vulnerability (CNVD-2022-34804)
IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards and scorecards, and can help companies adjust their decisions by analyzing key factors and key people, etc. IBM Cognos Analytics has an information disclosure...
IBM Cognos Analytics 安全漏洞
IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards and scorecards, and can help companies adjust their decisions by analyzing key factors and key people, etc. IBM Cognos Analytics has an information disclosure...
Server-Side Request Forgery in ftp-srv
Background The FTP protocol creates two connections, one for commands and one for transferring data. This second data connection can be created in two ways, on the server by sending the PASV command, or on the client by sending the PORT command. The PORT command sends the IP and port for the serv...
Workspace App Android "restoring data connection" message when EDT is enabled
On the GUI we see a "restoring data connection" message but the connection is not restored. This happens when EDT is enabled viaHDXoverUDP=preferred Studio Policy and NetScaler DTLS enabled setting if connecting from outside the network. On the logs we might see similar messages as the following:...
DEBIAN-CVE-2019-9499
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
CVE-2019-9499
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
Authentication flaw
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
CVE-2019-9499
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
CVE-2019-9499
The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...
How to Load Balance Trivial File Transfer Protocol Servers
This article describes how to load balance a Trivial File Transfer Protocol TFTP server using Reverse Network Address Translation RNAT and Use Source IP USIP. TFTP is simple file transport protocol. It uses User Datagram Protocol UDP port 69 as a transport protocol and is typically implemented on...
CVE-2014-10062
The CVE-2014-10062 issue concerns Android on Qualcomm Snapdragon mobile/wear devices where LocationService is exported, enabling other services to import and call its methods to bring up a data connection. This could allow a nearby or malicious service to trigger data-connection initiation if it ...
WinSCP 5.9.4 LIST Denial Of Service
Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim [email protected] E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link: https://winscp.net/download/WinSCP-5.9.4-Setup.exe...