5907 matches found
CORE-2013-0708 - Hikvision IP Cameras Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Hikvision IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Hikvision IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0708 Advisory URL:...
CVE-2013-2796
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an...
Xxe
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an...
CVE-2013-2796
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an...
FluxBB 1.5.3 Multiple Remote Vulnerabilities
No description provided by source. !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-site scripting,...
FluxBB 1.5.3 - Multiple Vulnerabilities
Exploit for php platform in category web applications !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-si...
FluxBB 1.5.3 XSS / CSRF / URL Redirection
...
FluxBB 1.5.3 - Multiple Vulnerabilities
FluxBB 1.5.3 - Multiple Vulnerabilities !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-site scripting,...
FluxBB 1.5.3 - Multiple Vulnerabilities
!-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-site scripting, cross-site request forgery and URL...
Windu CMS 2.2 Cross Site Request Forgery Vulnerability
Windu CMS version 2.2 suffers from a cross site request forgery vulnerability. Windu CMS 2.2 CSRF Add Admin Exploit form method="POST" action="http://localhost/winducms/a...
Mandriva Linux Security Advisory : squid (MDVSA-2013:199)
Multiple vulnerabilities has been discovered and corrected in squid : Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger...
Cisco Unified MeetingPlace Web Conferencing Authorization Bypass Vulnerability
A vulnerability in the web framework of Cisco Unified MeetingPlace Web Conferencing Server could allow an unauthenticated, remote attacker to bypass certain access-control settings which may lead to the disclosure of information due to the attacker accessing restricted pages. The vulnerability is...
Updated squid packages fix security vulnerabilities
Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid...
MGASA-2013-0228 Updated squid packages fix security vulnerabilities
Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid...
Updated squid packages fix security vulnerability
Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid...
FreeBSD : squid -- denial of service (30a04ab4-ed7b-11e2-8643-8c705af55518)
Squid project reports : Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted HTTP requests This problem allows any client who can generate HTTP requests to perform a denial of service attack on the Squid service. %NASLMINLEVEL 70300 ...
Cisco Unified Communications Domain Manager Memory Exhaustion Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Domain Manager could allow an authenticated, remote attacker to exhaust available memory and crash several critical processes. The vulnerability is due to improper memory allocation when the affected system receives crafted HTTP...
squid -- denial of service
Squid project reports: Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted HTTP requests This problem allows any client who can generate HTTP requests to perform a denial of service attack on the Squid service...
CVE-2013-4685
Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 8491...
Buffer overflow
Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 8491...