CVE-2014-6114

The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operational Decision Manager 8.0 before MP1 FP2 IF34, 8.5 before MP1 FP1 IF43, and 8.6 before IF8 allows...

CVE-2014-6114

The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operational Decision Manager 8.0 before MP1 FP2 IF34, 8.5 before MP1 FP1 IF43, and 8.6 before IF8 allows...

ISPConfig 3.0.54p1 - Authenticated Admin Local root Vulnerability

Exploit for linux platform in category web applications While logged in as admin user: 1 add a shell user 2 under option set gid to ispconfig 3 log in as that user 4 edit /usr/local/ispconfig/interface/lib/lang/en.lng with system$GET'cmd'; 5 browse to: http://server:8080/index.php?cmd=echo...

Cross site scripting

Cross-site scripting XSS vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert...

CVE-2014-0945

Cross-site scripting XSS vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

CVE-2014-0946

The RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 does not send appropriate Cache-Control HTTP headers, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation...

CVE-2013-0398

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server in.rexecd...

Design/Logic Flaw

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server in.rexecd...

CVE-2013-0398

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server in.rexecd...

Solaris 10 (sparc) : 148975-01 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Utility/Remote Execution Serverin.rexecd. Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via TCP/IP. Successf...

Solaris 10 (x86) : 148976-01 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Utility/Remote Execution Serverin.rexecd. Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via TCP/IP. Successf...

SimpleServer remote execution

By sending a specially encoded string to the remote server, it is possible to execute remote commands with the privileges of the server. OpenVAS Vulnerability Test $Id: simplewww.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: SimpleServer remote execution Authors: Mathieu Meadele Script aud...

Interactive Studio GamePort 3.03.14.0 - Arbitrary Application Execution

Interactive Studio GamePort 3.03.14.0 - Arbitrary Application Execution source: https://www.securityfocus.com/bid/12006/info Gameport is reported prone to multiple vulnerabilities in the client and server. These issues may allow an attacker to gain unauthorized access to a vulnerable server and...

Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String

Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String source: https://www.securityfocus.com/bid/9840/info A format string vulnerability has been reported to exists in the Unreal Tournament server engine. This issue is due to a failure of the server application to properly saniti...

Дырка в mailman

Недостаточная проверка ввода пользователя на наличие shell-символов дает возможность администраторам списков выполнять команды на сервере...

Переполнение буфера в Statistics Server

Переполнение буфера в одном из CGI-компонентов позволяет выполнение кода с привилегией сервера...

Fujitsu Chocoa 1.0 beta7R - Topic Remote Buffer Overflow

Fujitsu Chocoa 1.0 beta7R - Topic Remote Buffer Overflow // source: https://www.securityfocus.com/bid/573/info The Chocoa IRC client has an unchecked buffer in the code that processes channel topics. If the server returns a topic that overwrites the client's buffer and contains exploit code...