303 matches found
CVE-2019-6013
DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...
CVE-2019-6014
DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...
CVE-2019-6014
DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...
Design/Logic Flaw
DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...
Design/Logic Flaw
DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...
CVE-2019-6014
The CVE-2019-6014 vulnerability affects the D-Link DBA-1510P, specifically in the Web User Interface. The root cause is an OS command injection flaw in the Web UI (and related CLI issue for CVE-2019-6013) that allows an attacker to execute arbitrary commands on the device. Impact is execution of ...
CVE-2019-6013
DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...
CVE-2019-6014
DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...
The vulnerability of the D-Link DBA-1510P network device’s microprogramming software lies in the lack of measures taken to neutralize special elements, allowing a hacker to execute arbitrary commands.
The vulnerability of the microprogrammed network device D-Link DBA-1510P is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
D-Link DBA-1510P OS Command Injection Vulnerability (CNVD-2019-36969)
The D-Link DBA-1510P is a wireless access point device from Taiwan, China-based AUO D-Link. An operating system command injection vulnerability exists in the CLI of D-Link DBA-1510P versions using firmware version 1.70b009 and earlier, which can be exploited by an attacker to execute illegal...
D-Link DBA-1510P OS Command Injection Vulnerability
The D-Link DBA-1510P is a wireless access point device from Taiwan, China-based AUO D-Link. An operating system command injection vulnerability exists in the Web User Interface of the D-Link DBA-1510P using firmware version 1.70b009 and earlier, which can be exploited by an attacker to execute...
JVN#95875796: Multiple OS command injection vulnerabilities in DBA-1510P
DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score...
CVE-2019-2571
Vulnerability in the RDBMS DataPump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise RDB...
Oracle Database Server Multiple Vulnerabilities (Apr 2019 CPU)
The remote Oracle Database Server is missing the April 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An authenticated local Portable Clusterware takeover vulnerability exists in the Oracle RDBMS. An authenticated, local attacker with the Grid...
openSUSE Security Update : php7 (openSUSE-2019-771)
This update for php7 fixes the following issues : This security issue was fixed : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security...
openSUSE Security Update : php7 (openSUSE-2018-1131)
This update for php7 fixes the following issues : This security issue was fixed : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security...
dba-oracle.com XSS vulnerability
Open Bug Bounty ID: OBB-619525 Description| Value ---|--- Affected Website:| dba-oracle.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse
Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators DBAs who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged...
CVE-2018-2580
Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: ADPatch. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...
CVE-2018-2580
Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: ADPatch. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...