8752 matches found
Command Execution Vulnerability in Damon Database Management System (DM8) Kirin Version
Wuhan Damon Database Co., Ltd. is a database product development service provider. A command execution vulnerability exists in Damon Database Management System DM8 Kirin Edition, which can be exploited by attackers to execute arbitrary commands...
SUSE: Security Advisory (SUSE-SU-2023:0076-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Kotlin app development company – How to choose
By Owais Sultan Find out what Kotlin app development will bring to your company, which global giants have already taken advantage… This is a post from HackRead.com Read the original post: Kotlin app development company – How to choose...
SUSE: Security Advisory (SUSE-SU-2023:0058-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Server-Side Request Forgery in Lexmark B2236_Firmware
Lexmark printer stuff This repository contains all the work r...
SUSE: Security Advisory (SUSE-SU-2023:0032-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K95313044: Multiple Java vulnerabilities
Security Advisory Description CVE-2013-3829 Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentialit...
K55347921: Linux kernel vulnerability CVE-2017-7477
Security Advisory Description Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAXSKBFRAGS+1 size in conjunction with the...
K53244431: SSL Intercept iApp HTTP Explicit Proxy vulnerability CVE-2017-0305
SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus...
K19784568: TMM vulnerability CVE-2016-5023
Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...
K92859602: BIG-IP TMM iRules vulnerability CVE-2016-5024
Security Advisory Description Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network traffic...
K82851041: TMM vulnerability CVE-2017-6137
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection i...
K91229003: Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754
Security Advisory Description The following three side-channel attacks were publicly disclosed on January 3, 2018: CVE-2017-5715 Spectre-BTB previously known as Spectre Variant 2 Branch target injection Systems with microprocessors utilizing speculative execution and indirect branch prediction ma...
K14652952: yurex USB driver vulnerability CVE-2018-16276
Security Advisory Description An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...
K58523202: PHP vulnerabilities CVE-2018-19395 and CVE-2018-19396
Security Advisory Description CVE-2018-19395 ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service NULL pointer dereference and application crash because com and comsafearrayproxy return NULL in compropertiesget in ext/comdotnet/comhandlers.c, as...
aEnrich a+HRD 路径遍历漏洞
aEnrich a+HRD is a full-service human resources development solution from aEnrich, Inc. A security vulnerability exists in aEnrich a+HRD, which stems from a log reading feature in a+HRD that allows an unauthenticated, remote attacker to implement path traversal leading to bypassing authentication...
Centralized Salesforce Development Framework 注入漏洞
Centralized Salesforce Development Framework is a centralized development framework on the Force.com platform by Scott Covert, an individual developer. An injection vulnerability exists in the Centralized Salesforce Development Framework that stems from an incorrect manipulation of the parameter...
K68151373: IP Intelligence Feed List TMUI vulnerability CVE-2019-6636
Security Advisory Description On BIG-IP AFM, ASM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. Th...
K48351130: Linux kernel vulnerability CVE-2019-16714
Security Advisory Description In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. CVE-2019-16714 Impact This vulnerability may allow attackers to obtain...
K98008862: OpenLDAP vulnerability CVE-2019-13565
Security Advisory Description An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any...