PT-2021-4664 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Analog Telephone Adapter Software affected versions not specified Description: The issue is related to multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software. These vulnerabilities could...

IBM QRadar SIEM 跨站脚本漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A cross-site...

Cisco SD-WAN vManage 操作系统命令注入漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage has an operating system command injection vulnerability that can be exploited by a local attacker to inject arbitrary...

CVE-2021-1457

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

[SECURITY] [DSA 4781-1] blueman security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2020 https://www.debian.org/security/faq -...

NETGEAR SRR60 and SRS60 Cross-Site Scripting Vulnerability

The NETGEAR SRR60 and NETGEAR SRS60 are both wireless routers from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR SRR60 prior to version 2.2.1.210 and the SRS60 prior to version 2.2.1.210, which stems from a lack of proper validation of client-side data by the WEB application...

Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerability (CNVD-2019-39613)

The Cisco SPA100 Series Analog Telephone Adapters ATAs are an SPA100 series analog telephone adapter. A remote code execution vulnerability exists in the Cisco SPA100 Series Analog Telephone Adapters that stems from not properly validating user input submitted to the web-based management interfac...

CVE-2019-15251

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...

Huawei PC Manager Authorization Issues Vulnerability

Huawei PC Manager is a computer management application from Huawei China. An authorization issue vulnerability exists in Huawei PC Manager version 9.1.3.1, which arises from the driver's interface not adequately validating data from the userland. An attacker could exploit the vulnerability to...

The vulnerability of the Elastic Services Controller’s network management mechanism, related to errors in API request validation, allows a perpetrator to bypass authentication procedures and execute arbitrary code.

The vulnerability of the Elastic Services Controller’s network management interface is related to errors in checking API requests. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures and execute arbitrary code by sending a specially crafted request to the RE...

CVE-2017-13994

A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link...

CVE-2016-2060

server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attackers to bypass intended access restrictions via a...

Cisco Security Agent Management Center Code Execution

Added: 03/17/2011 CVE: CVE-2011-0364 BID: 65436 OSVDB: 70884 Background Cisco Security Agent Management Center is the server component of Cisco's Security Agent endpoint IPS solution. It is responsible for collecting event log information from endpoints and distributing rules updates. Problem The...

PT-2010-4059 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue is related to the L2TP implementation in the Linux kernel, specifically the pppol2tp xmit function in drivers/net/pppol2tp.c. It does not properly validate certain values associated...