32 matches found
PbootCMS Remote Code Execution Vulnerability
PbootCMS is an open source enterprise building content management system CMS developed using the PHP language. PbootCMS has a security vulnerability, the vulnerability stems from the platform's message board function does not validate the data, an attacker can exploit the vulnerability to execute...
Huawei CloudEngine 缓冲区错误漏洞
Huawei CloudEngine 12800 and others are products of Huawei, China.Huawei CloudEngine 12800 is a 12800 series data center switch.Huawei Cloudengine 5800 is a 5800 series data center switch.Huawei Cloudengine 6800 is a 6800 series data center switch. Huawei CloudEngine has a buffer error...
Inductive Automation Ignition Code Issue Vulnerability (CNVD-2020-34643)
Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. A code issue vulnerability exists in Inductive Automation Ignition...
Denial of Service Vulnerability in Micropoint Active Defense Personal Edition
Micropoint Active Defense System Personal Edition is a new-generation anti-virus product with completely independent intellectual property rights developed by Micropoint Baihui Beijing Information Security Technology Company Limited hereinafter referred to as Micropoint. A denial-of-service...
Delta Industrial Automation WPLSoft Stack Buffer Overflow Vulnerability
Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in Delta Industrial Automation WPLSoft. Due to a failure to properly validate...
Unspecified Cross-Site Scripting Vulnerability in Trend Micro ServerProtect for Linux
Trend Micro ServerProtect for Linux is an enterprise-grade anti-virus program that runs on Linux. An unspecified cross-site scripting vulnerability exists in Trend Micro ServerProtect for Linux, which is caused by a failure to validate user-submitted data. The vulnerability can be exploited to...
Multiple Command Injection Vulnerabilities in Ubiquiti Networking Products
Ubiquiti Networks TS-8-PRO and others are products developed by Ubiquiti Networks USA.TS-8-PRO is a switch. Multiple command injection vulnerabilities exist in Ubiquiti Networking products due to a failure to validate user-submitted data. The vulnerabilities can be exploited to inject arbitrary...
Multiple Products NCTAudioFile2 ActiveX Control Buffer Overflow (CVE-2007-0018)
A remote code execution vulnerability has been reported in the NCTAudioFile2 ActiveX control. The vulnerability is due to a data validation failure by the NCTAudioFile2 ActiveX control. A remote attacker may exploit this vulnerability by enticing an affected user to open a specially crafted...
Multiple Products IASystemInfo.DLL ActiveX Control Buffer Overflow (CVE-2007-0348)
A remote code execution vulnerability has been reported in multiple products containing the IASystemInfo.DLL ActiveX control. The vulnerability is due to a data validation failure by the ActiveX control. A remote attacker may exploit this vulnerability by enticing an affected user to open a...
Zenturi ProgramChecker ActiveX Components ActiveX Controls Buffer Overflows (CVE-2007-2987)
Multiple buffer overflow vulnerabilities have been reported in Zenturi ProgramChecker. The vulnerabilities are due to a data validation failure, resulting in a buffer overflow. A remote attacker may exploit these vulnerabilities by enticing a target user to open a specially crafted HTML file...
[HV-HIGH] Microsoft Jet DB engine vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Microsoft Jet DB engine vulnerabilities Classification: =============== Level: low-med-HIGH-crit ID: HEXVIEW200503311 URL: http://www.hexview.com/docs/20050331-1.txt Overview: ========= Microsoft Jet database is a lightweight database widely used by M...
E-Zone Media FuzeTalk 2.0 - 'AddUser.cfm' Administrator Command Execution
source: https://www.securityfocus.com/bid/10276/info It has been reported that FuseTalk is affected by an administrator command execution vulnerability in the adduser.cfm script. This issue is due to a failure of the application to properly validate the origin of user supplied data. This issue...