356 matches found
Apple iOS/OS X/watchOS Memory Corruption Vulnerability
OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. iOS is an operating system developed by Apple for mobile devices. Apple iOS versions prior to 9.1, Apple OS X versions prior to 10.11.1, and watchOS versions prior to 2.0.1 IOHIDFamily...
Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability
Cisco Prime Collaboration Provisioning is the United States of America Cisco Cisco a set of Web-based next-generation communications services solutions. A security vulnerability exists in the Web framework of Cisco Prime Collaboration Assurance. A remote attacker could exploit the vulnerability b...
Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05953)
Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure NET Framework is a comprehensive and consistent programming model...
The vulnerability of the microprogramming software of the Cisco TelePresence Supervisor MSE 8050 allows a intruder to execute arbitrary code with privileges of the root user.
The vulnerability of the web-based framework of the microprogramming software for the Cisco TelePresence Supervisor MSE 8050 relates to deficiencies in access control for files. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code with...
The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a intruder to execute arbitrary code with privileges of the root user.
The vulnerability of the web-based framework of the microprogramming software for Cisco TelePresence Server lies in the lack of access control for files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of a root user...
CVE-2015-0369
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to AX/HI Web UI...
DEBIAN-CVE-2014-8549
libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted On2 data...
SpringSource Spring Framework XML External Entity Information Disclosure (CVE-2013-4152)
An information disclosure vulnerability exists in SpringSource Spring Framework...
Command injection
The web framework in Cisco Prime Central for Hosted Collaboration Solution HCS Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, ak...
Framework: Information (internal server information, classpath, local working directories, session IDs) disclosure
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language EL, evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a 1 name attribute in a a spring:hasBindErrors ta...
CVE-2007-5712
The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...
MS05-004: ASP.NET Path Validation Vulnerability (887219)
The remote host is running a version of the ASP.NET framework that could allow an attacker to bypass the security of an ASP.NET website and obtain unauthorized access. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid16333; scriptversion"1.36"; scriptcvsdate"Date:...
Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2008 SP2 for Itanium-based Systems (KB2804580)
A security issue has been identified that could allow an attacker to misrepresent a system action or behavior without the knowledge of the user. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)
A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you m...
Security Update for Microsoft .NET Framework 4 on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 for Itanium-based Systems (KB2518870)
A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you m...
Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you m...