41 matches found
Apache Tomcat 5.5.x < 5.5.32, 7.0.x < 7.0.6 XSS Vulnerability - Linux
Apache Tomcat is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
in phpservermon/phpservermon
✍️ Description The program creates a cookie without setting the secure flag to true. Modern web browsers support a secure flag for each cookie. If the flag is set, the browser will only send the cookie over HTTPS. Sending cookies over an unencrypted channel can expose them to network sniffing...
Emerson Rosemount X-STREAM Gas Analyzer 跨站脚本漏洞
The Emerson Rosemount X-STREAM Gas Analyzer is an Emerson gas analyzer for industrial environments. The device supports up to five component gas analyzers and features NDIR/UV/VIS photometry, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors. A cross-site scripting...
Unspecified Vulnerability in IBM Jazz Team Server (CNVD-2021-29110)
IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A security vulnerability exists in IBM Jazz...
CVE-2020-5905
In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...
CVE-2020-5905
In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...
SQL injection relating to data display
More info at https://www.phpmyadmin.net/security/PMASA-2020-4/...
PT-2019-13634 · Shapeshift · Keepkey
Name of the Vulnerable Software and Affected Versions: ShapeShift KeepKey devices affected versions not specified Description: A side channel vulnerability was discovered related to the row-based OLED display on ShapeShift KeepKey devices. The power consumption of each display cycle varies based ...
IBM QRadar SIEM Content Spoofing Vulnerability
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...
Red Hat FreeIPA Design Vulnerability
Red Hat FreeIPA is an integrated security information management solution from Red Hat, Inc. The solution provides an easy-to-manage identity, policy and audit IPA suite for Linux and Unix computer networks. A security vulnerability exists in Red Hat FreeIPA. An attacker could exploit this...
CVE-2015-5179
FreeIPA might display user data improperly via vectors involving non-printable characters...
CVE-2015-5179
FreeIPA might display user data improperly via vectors involving non-printable characters...
Zoho ManageEngine Event Log Analyzer Cross-Site Scripting Vulnerability (CNVD-2017-26266)
Zoho ManageEngine Event Log Analyzer is the United States ZhuoHao Zoho company's set of systems, event log analysis software. A cross-site scripting vulnerability exists in the search and display of event data in Zoho ManageEngine Event Log Analyzer versions 11.4 and 11.5. A remote attacker can...
CVE-2017-1000012
MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying the data in the database to the user...
CVE-2017-5341
Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode without -w which...
How to Troubleshoot Citrix ADC(NetScaler) Reporting Tab Related Issues
This article describes how to troubleshoot NetScaler Reporting tab related issues. An example scenario used in this article is when users go to Reporting tab on NetScaler and it does show any data or reports...
[SECURITY] Fedora 19 Update: rrdtool-1.4.8-2.fc19
RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data i.e. network bandwidth, machine-room temperature, server load average. It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data t...
CentOS Update for firefox CESA-2008:0549 centos3 i386
Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2008:0549 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CVE-2006-6753
Event Viewer eventvwr.exe in Microsoft Windows does not properly display log data that contains '%' percent characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not properly handled by certain...
CVE-2006-6753
Event Viewer (eventvwr.exe) in Microsoft Windows is affected by a parsing issue when log data contains '%' characters. The vulnerability, as described in the CVE-2006-6753 entry, states that logs with '%' may not be displayed correctly, potentially preventing users from determining the actual dat...