EUVD-2010-0187

Malware in sbrugna...

EUVD-2014-3074

Malware in sbrugna...

EUVD-2010-0184

Malware in sbrugna...

EUVD-2015-5035

Malware in sbrugna...

Cisco UCS Manager Software Operating System Command Injection Vulnerability

The Cisco UCS 6400 Series Fabric Interconnects is a 6400 series switching matrix device from Cisco USA. An operating system command injection vulnerability exists in the local management CLI in Cisco UCS Manager Software, which stems from the program's failure to perform sufficient input validati...

CVE-2020-3173

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS on an affected device. The vulnerability is due to insufficient input validation of command...

Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in bash (CVE-2016-9401, CVE-2016-7543, CVE-2016-0634)

Summary IBM QRadar Network Security has addressed vulnerabilities in bash. Vulnerability Details CVEID: CVE-2016-9401 DESCRIPTION: GNU Bash could allow a local attacker to bypass security restrictions, caused by a use-after-free error. An attacker could exploit this vulnerability using a speciall...

Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)

Summary Pluggable Authentication Modules PAM provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. A security vulnerability has been discovered in PAM used with IBM Security Network Protection. Vulnerability Detai...

IBM Security Access Manager for Web and Security Access Manager Command Injection Vulnerabilities

IBM Security Access Manager ISAM for Web formerly known as IBM Tivoli Access Manager for e-business and Security Access Manager ISAM are both products of IBM Corporation. The former is a set of products for user authentication, authorization and Web single sign-on solutions in the product, which...

CVE-2015-5018

IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface LMI access...

Design/Logic Flaw

IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface LMI access...

Cisco Meraki Local Management Interface Firmware Installation Vulnerability

A vulnerability in the local management interface of devices running Cisco Meraki firmware could allow an authenticated, remote attacker on an adjacent network to access a deprecated HTTP handler to install firmware. An authenticated, remote attacker could exploit this vulnerability by...

Cross site scripting

Cross-site scripting XSS vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 change settings o...

Directory traversal

Directory traversal vulnerability in sla/index.php in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. dot dot in the l parameter, related to an "Insecur...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via 1 the date1 parameter to pvmmessagestore.php, 2...

CVE-2010-0155

The CVE-2010-0155 issue affects IBM Proventia Network Mail Security System (PNMSS) with firmware older than 2.5, specifically the Local Management Interface (LMI). A CRLF injection vulnerability exists in load.php that is exploitable by remote authenticated users via the javaVersion parameter, en...

CVE-2010-0153

Multiple cross-site request forgery CSRF vulnerabilities in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 change settings o...

CVE-2001-0711

Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface ILMI SNMP community string...