15 matches found
CVE-2026-28773
The CVE-2026-28773 entry concerns the IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface (version 101). Affected component: the web-based Ping diagnostic utility at /IDC_Ping/main.cgi. Root cause: insecure parsing of the IPaddr parameter enables OS command injection by bypassing ...
EUVD-2004-0915
Malware in sbrugna...
CVE-2021-27702
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard...
CVE-2021-27702
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard...
CVE-2021-27702
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard...
CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager LTM module to conduct reconnaissance of target networks. It said the module is being used to...
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability 3/6/2013 Larry W. Cashdollar @larry0 The infiniband diagnostic utiltiy handles files in /tmp insecurely. A malicious user can clobber root owned files with common symlink attacks. http://www.openfabrics.org/downloads/ibutils/ nobody@exdb01...
OpenFabrics ibutils 1.5.7 /tmp File Clobber
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability 3/6/2013 Larry W. Cashdollar @larry0 The infiniband diagnostic utiltiy handles files in /tmp insecurely. A malicious user can clobber root owned files with common symlink attacks. http://www.openfabrics.org/downloads/ibutils/ nobody@exdb01...
FreeBSD Security Advisory (FreeBSD-SA-07:06.tcpdump.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:06.tcpdump.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CentOS 3 / 4 : sysreport (CESA-2005:598)
An updated sysreport package that fixes an insecure temporary file flaw is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Sysreport is a utility that gathers information about a system's hardware and configuration. The information ca...
RHEL 2.1 / 3 / 4 : sysreport (RHSA-2005:598)
An updated sysreport package that fixes an insecure temporary file flaw is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Sysreport is a utility that gathers information about a system's hardware and configuration. The information ca...
CVE-2004-0917
The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag...
CVE-2004-0917
The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag...
[VulnWatch] Vignette Application Portal Unauthenticate Diagnostics
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Vignette Application Portal Unauthenticated Diagnostics Release Date: 09-28-2004 Application: Vignette Application Portal Platform: Multiple Severity: Unauthenticated diagnostic functionali...
Vignette Application Portal Diagnostic Utility Information Disclosure
The remote host is running Vignette Application Portal, a commercially available portal suite. There is an information disclosure vulnerability in the remote version of this software. An attacker can request the diagnostic utility which will disclose information about the remote site by requestin...