9999 matches found
QNAP QTS 4.2.x multiple Vulnerabilities
Exploit for hardware platform in category web applications QNAP QTS 4.2.x multiple vulnerabilities ======================================= The latest version of this advisory is available at: https://sintonen.fi/advisories/qnap-qts-42-multiple-vulnerabilities.txt Overview -------- QNAP QTS firmwa...
EMC RecoverPoint SSL Stripping Security Bypass Vulnerability
EMC RecoverPoint is a set of disaster recovery and data protection software, EMC RecoverPoint for Virtual Machines VMs is a set of disaster recovery solutions for VMware environments. EMC RecoverPoint SSL Stripping security bypass vulnerability. Allows an attacker to perform a man-in-the-middle...
CVE-2017-0321
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges...
CVE-2017-0308
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where untrusted input is used for buffer size calculation leading to denial of service or escalation of privileges...
UBUNTU-CVE-2017-0311
NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where improper access control may lead to denial of service or possible escalation of privileges...
DEBIAN-CVE-2017-0311
NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where improper access control may lead to denial of service or possible escalation of privileges...
DEBIAN-CVE-2017-0310
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service...
UBUNTU-CVE-2017-0310
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service...
DEBIAN-CVE-2017-0321
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges...
CVE-2016-1883
The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors...
Design/Logic Flaw
The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors...
CVE-2016-1880
The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."...
Code injection
The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."...
CVE-2016-1883
The CVE-2016-1883 entry describes a programming error in FreeBSD’s Linux compatibility layer that could cause the issetugid(2) system call to return incorrect information. Impact: if an application relies on that output, a privilege escalation could occur. Affected releases: FreeBSD stable/9 (9.3...
CVE-2016-1880
CVE-2016-1880 concerns FreeBSD’s Linux binary compatibility layer. The issue arises from a programming error in handling Linux futex robust lists, potentially allowing a local user to read portions of kernel memory and escalate privileges on affected systems. Affected: FreeBSD versions with Linux...
CVE-2016-1883
Removed by vendor...
CVE-2016-1880
Removed by vendor...
QNAP QTS 4.2.x XSS / Command Injection / Transport Issues
QNAP QTS 4.2.x multiple vulnerabilities ======================================= The latest version of this advisory is available at: https://sintonen.fi/advisories/qnap-qts-42-multiple-vulnerabilities.txt Overview -------- QNAP QTS firmware contain Missing Transport Layer Security CWE-319, Improp...
CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer SSL session IDs from other sessions. It is possible...
CVE-2016-5900
IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...