Cisco NX-OS System Software Command Injection Vulnerability in Multiple Cisco Products (CNVD-2017-36141)

Cisco Nexus 5000 Series Switches are the Cisco Nexus series of data center-class switches from Cisco, Inc.Cisco NX-OS System Software is the data center operating system that runs on them. A command injection vulnerability exists in the CLI of Cisco NX-OS System Software in multiple Cisco product...

Cisco Jabber for Windows Client Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input- and validation-checking mechanism...

Western Digital My Cloud Buffer Overflow

------------------------------------------------------------------------ Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution ------------------------------------------------------------------------ Remco Vermeulen, January 2017...

WinSCP ftp client memory corruption vulnerability

WinSCP is a Windows environment using SSH open source graphical SFTP client . It also supports the SCP protocol. Its main function is to securely copy files between local and remote computers. A memory corruption vulnerability exists in WinSCP ftp client due to the software's lax input checking...

libndp Denial of Service Vulnerability

libndp is a Neighbor Discovery Protocol library that contains libraries for IPv6 Neighbor Discovery Protocol wrappers and ndptool for sending and receiving NDP Neighbor Discovery Protocol messages. A security vulnerability exists in libndp that stems from the program's failure to properly perform...

Amazon Linux: Security Advisory (ALAS-2013-235)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

datawizards ftpxq 2.0.93 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2426/info FtpQX is a ftp daemon designed to provide ftp services for Microsoft Operating Systems. It is maintained and distributed by Datawizard Technologies. A problem in the software could allow access to restricted...

whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2452/info SlimServ FTPd is a free ftp server distributed and maintained by WhitSoft Development. SlimServe FTPd is designed to offer ftp services to the Microsoft Windows platform. A problem with the SlimSoft FTP daemon...

WEBgais 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2058/info WEBgais is a script that provides a web interface to the gais Global Area Intelligent Search search engine tool. All versions up to 1.0B2 are vulnerable. The vulnerable script is /cgi-bin/webgais: due to imprope...

Daniel Beckham The Finger Server 0.82 BETA Pipe Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/974/info 'The Finger Server' is a perl script for providing .plan-like functionality through a website. Due to insufficient input checking it is possible for remote unauthenticated users to execute shell commands on the...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-235)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

MGASA-2013-0323 Updated java-1.6.0-openjdk package fixes multiple vulnerabilities

Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...

Updated java-1.6.0-openjdk package fixes multiple vulnerabilities

Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...

CentOS Update for java CESA-2013:1505 centos6

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2013:1505 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for java-1.6.0-openjdk RHSA-2013:1505-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for java-1.7.0-openjdk RHSA-2013:1447-01

Check for the Version of java-1.7.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.7.0-openjdk RHSA-2013:1447-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

CentOS 6 : java-1.7.0-openjdk (CESA-2013:1451)

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Critical: java-1.7.0-openjdk

Issue Overview: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual...

JVN#39699406: EC-CUBE vulnerable to information disclosure as a result of improper input checking

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an issue with checking input values, which may result in information disclosure. Impact A remote, unauthenticated attacker may obtain information stored in the product. Solution Apply the update...

PRTG V8.1.2.1809 XSS Bugs in login.htm and error.htm

XSS Reflected Bugs in login.htm and error.htm ================================================================ PRTG V8.1.2.1809 All OS Versions: http://www.paessler.com/ I have discovered two XSS bugs within PRTG version 8.1.2.1809. These bugs are in the login.htm and error.htm documents. These...