Amazon Linux: Security Advisory (ALAS-2016-741)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2016-725)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-0239

IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...

CVE-2016-0239

IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...

Code injection

IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...

CVE-2016-0239

CVE-2016-0239 affects IBM Security Guardium Database Activity Monitor (versions 9.0, 9.1, 9.5 before p700; 10.0, 10.0.1 before p100). A remote authenticated attacker can issue an HTTP request with administrator privileges due to an improper authorization vulnerability. IBM’s bulletin lists remedi...

CVE-2016-0239

IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...

OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)

It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...

CVE-2016-5573

It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...

Atlassian Confluence Server < 5.2 Multiple Vulnerabilities

Binary data 9639.prm...

Cisco Cloud Services Platform 2.x < 2.1.0 Multiple Vulnerabilities

According to its self-reported version number, the remote Cisco Cloud Services Platform CSP device is 2.x prior to 2.1.0. It is, therefore, affected by the following vulnerabilities : - A command injection vulnerability exists in the web-based GUI due to improper sanitization of user-supplied...

Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability

The Cisco Unified Communications Manager CUCM may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. Protection mechanisms should be used to prevent this type of attack. The vulnerability is due to a lack of proper...

Updated python-twisted-web packages fix a security vulnerability

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...

MGASA-2016-0340 Updated python-twisted-web packages fix a security vulnerability

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...

Cisco Prime Infrastructure Authentication Bypass API Vulnerability (cisco-sa-20160629-piauthbypass) - Active Check

A vulnerability in the application programming interface API of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to access and control the API resources. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and ar...

CentOS Update for python-twisted-web CESA-2016:1978 centos6

Check the version of python-twisted-web SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882570";...

CentOS 6 / 7 : python-twisted-web (CESA-2016:1978)

An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: python-twisted-web security update

An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

IBM Security Guardium Database Activity Monitor Privilege Gain Vulnerability

IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. A security vulnerability exists in IBM Security Guardium Database Activity Monitor, which can be exploited by remote attackers to send HTTP requests with administrator privileges...

Unspecified Vulnerability in IBM Tealeaf Customer Experience Replay Serve

IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...