Lucene search
K

45 matches found

Kaspersky
Kaspersky
added 2016/09/25 12:0 a.m.64 views

KLA10877 Multiple vulnerabilities in iTunes

Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown...

8.8CVSS9.2AI score0.02185EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2016/08/02 12:0 a.m.26 views

Debian: Security Advisory (DSA-3627-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03109EPSS
Exploits0References3
OSV
OSV
added 2016/07/03 1:59 a.m.9 views

CVE-2016-5701

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...

6.1CVSS6.5AI score0.01549EPSS
Exploits0References7
OSV
OSV
added 2016/07/03 1:59 a.m.4 views

DEBIAN-CVE-2016-5701

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...

6.1CVSS9.3AI score0.01549EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2016/07/03 1:59 a.m.33 views

CVE-2016-5701

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...

6.1CVSS6.9AI score0.01549EPSS
Exploits0References2
Prion
Prion
added 2016/07/03 1:59 a.m.21 views

Code injection

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...

4.3CVSS7.1AI score0.01549EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2016/07/03 1:0 a.m.34 views

CVE-2016-5701

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...

6.1CVSS7.8AI score0.01549EPSS
Exploits0
CVE
CVE
added 2016/07/03 1:0 a.m.83 views

CVE-2016-5701

CVE-2016-5701 affects phpMyAdmin; BBCode injection can be triggered in HTTP sessions via a crafted URI in setup/frames/index.inc.php. Affected versions include 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3. Debian notes the vulnerability among phpMyAdmin fixes and, i...

6.1CVSS7.4AI score0.01549EPSS
Exploits0References7Affected Software1
Exploit DB
Exploit DB
added 2016/02/17 12:0 a.m.75 views

Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers

Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers Vendor: Inductive Automation Product web page: http://www.inductiveautomation.com Affected version: 7.8.1 b2016012216 and 7.8.0 b2015101414 Platform: Java Summary: Ignition is a powerful industrial application platform with full...

7.5CVSS7.6AI score0.74881EPSS
Exploits16
Packet Storm
Packet Storm
added 2016/02/17 12:0 a.m.82 views

Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers

Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers Vendor: Inductive Automation Product web page: http://www.inductiveautomation.com Affected version: 7.8.1 b2016012216 and 7.8.0 b2015101414 Platform: Java Summary: Ignition is a powerful industrial application platform with full...

3.9CVSS0.2AI score0.74881EPSS
Exploits16
exploitpack
exploitpack
added 2016/02/17 12:0 a.m.57 views

Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers

Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers Vendor: Inductive Automation Product web page: http://www.inductiveautomation.com Affected version: 7.8.1 b2016012216 and 7.8.0 b2015101414 Platform: Java...

5CVSS0.2AI score0.74881EPSS
Exploits16
Zero Science Lab
Zero Science Lab
added 2016/02/16 12:0 a.m.119 views

Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers

Summary Ignition is a powerful industrial application platform with fully integrated development tools for building SCADA, MES, and IIoT solutions. Description Remote unauthenticated atackers are able to read arbitrary data from other HTTP sessions because Ignition uses a vulnerable Jetty server...

7.5CVSS7.3AI score0.74881EPSS
Exploits16
Prion
Prion
added 2016/01/22 11:59 a.m.14 views

Hardcoded credentials

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a 1 SSH or 2 HTTP session, a different vulnerability than CVE-2016-1984...

10CVSS7.3AI score0.04674EPSS
Exploits2References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.25 views

FreeBSD : asterisk -- multiple vulnerabilities (f109b02f-f5a4-11e3-82e9-00a098b18457)

The Asterisk project reports : Asterisk Manager User Unauthorized Shell Access. Manager users can execute arbitrary shell commands with the MixMonitor manager action. Asterisk does not require system class authorization for a manager user to use the MixMonitor action, so any manager user who is...

6.5CVSS5.8AI score0.05679EPSS
Exploits0References6
NVD
NVD
added 2012/12/26 6:55 p.m.20 views

CVE-2012-4816

IBM Rational Automation Framework RAF 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard aka Environment Generation Wizard access restrictions by visiting context roots in HTTP sessions on port 8080...

7.5CVSS6.5AI score0.01319EPSS
Exploits0References2
Prion
Prion
added 2012/12/26 6:55 p.m.18 views

Design/Logic Flaw

IBM Rational Automation Framework RAF 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard aka Environment Generation Wizard access restrictions by visiting context roots in HTTP sessions on port 8080...

7.5CVSS7AI score0.01319EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2012/12/26 6:0 p.m.21 views

CVE-2012-4816

IBM Rational Automation Framework RAF 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard aka Environment Generation Wizard access restrictions by visiting context roots in HTTP sessions on port 8080...

6.5AI score0.01319EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2012/05/11 2:35 p.m.15 views

New .Secure Global TLD Proposed

A group of security experts is working to put together a new global TLD that will require companies and individuals applying for domains to adhere to strict security policies and requirements. The proposed .secure TLD is intended to be a known safe group of domains and would include mandatory use...

8.2AI score
Exploits0
NVD
NVD
added 2011/10/14 10:55 a.m.19 views

CVE-2011-3224

The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server...

2.6CVSS7AI score0.0176EPSS
Exploits0References4
Cvelist
Cvelist
added 2011/10/14 10:0 a.m.25 views

CVE-2011-3224

The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server...

8.4AI score0.0176EPSS
Exploits0References4
Rows per page
Query Builder