8 matches found
CVE-2023-36673
An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while...
RHEL 5 / 6 / 7 : glibc (CVE-2014-9402)
The remote Red Hat Enterprise Linux host has a version of glibc installed that is similar in patching level to version 2.21 of the official glibc library. It is, therefore, potentially affected by a denial of service vulnerability due to improper handling of alias names supplied to the getnetbyna...
RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
CVE-2013-1923
rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...
Command injection
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS...
CVE-2007-6424
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS...
CVE-2007-6424
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS...
CVE-2007-6424
CVE-2007-6424 affects Fonality Trixbox 2.0 PBX; the registry.pl script reads commands from a remote site without proper origin validation, enabling a DNS spoofing vector that lets remote attackers disable Trixbox and execute arbitrary commands. Affected component: registry.pl; root cause: insuffi...