38 matches found
Buffer Overflow Vulnerability in Cisco RV110W Products (CNVD-2021-05413)
The Cisco RV110W Wireless-N VPN Firewall is an enterprise-class router from Cisco USA. The Cisco RV110W product suffers from a buffer overflow vulnerability that originates from a program's failure to properly validate user data, which can be exploited by a remote attacker to execute arbitrary co...
Buffer Overflow Vulnerability in Cisco RV110W Products (CNVD-2021-05411)
The Cisco RV110W Wireless-N VPN Firewall is an enterprise-class router from Cisco USA. The Cisco RV110W product suffers from a buffer overflow vulnerability that originates from a program's failure to properly validate user data, which can be exploited by a remote attacker to execute arbitrary co...
Buffer Overflow Vulnerability in Cisco RV110W Products (CNVD-2021-05418)
The Cisco RV110W Wireless-N VPN Firewall is an enterprise-class router from Cisco USA. The Cisco RV110W product suffers from a buffer overflow vulnerability that originates from a program's failure to properly validate user data, which can be exploited by a remote attacker to execute arbitrary co...
Arbitrary Code Execution
lighttpd is vulnerable to arbitrary code execution. A signed integer overflow allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code on the host OS malicious HTTP GET request due to mishandling of /%2F? in burlnormalize2Ftoslashfix in burl.c...
Trend Micro Control Manager TreeUserControl_process_tree_event Information Disclosure
An XML external entity XXE processing vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation of user-supplied input prior to executing an XML query in TreeUserControlprocesstreeevent.aspx. A remote, authenticated attacker could exploit this...
Netmechanica NetDecision HTTP Server Denial of Service Vulnerability
No description provided by source. Title : Netmechanica NetDecision HTTP Server Denial Of Service Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netmechanica.com Advisory : http://secpod.org/blog/?p=484...
McAfee Firewall Reporter isValidClient Remote Code Execution
An authentication bypass vulnerability has been reported in McAfee Firewall Reporter. The vulnerability is due to a design flaw in the way that McAfee Firewall Reporter validates session IDs while authenticating users. Remote attackers could trigger this flaw by connecting to a vulnerable McAfee...
Novell eDirectory Multiple Vulnerabilities - Jul09 (Windows)
This host is running Novell eDirectory and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnovelledirmultvulnjul09win.nasl 8201 2017-12-20 14:28:50Z cfischer $ Novell eDirectory Multiple Vulnerabilities - Jul09 Windows Authors: Nikita MR Copyright: Copyright c 2009...
Web Crossing Web Server 4.05.0 Component - Remote Denial of Service
Web Crossing Web Server 4.05.0 Component - Remote Denial of Service source: https://www.securityfocus.com/bid/9576/info The Web Crossing Web Server component has been reported prone to a remote denial of service vulnerability. It has been reported that the issue will present itself when the...
PostMaster 3.16/3.17 Proxy Service - Cross-Site Scripting
source: https://www.securityfocus.com/bid/9055/info PostMaster has been reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization that is performed by the proxy service on user-supplied data. An attacker may construct a malicious HT...
PostMaster 3.163.17 Proxy Service - Cross-Site Scripting
PostMaster 3.163.17 Proxy Service - Cross-Site Scripting source: https://www.securityfocus.com/bid/9055/info PostMaster has been reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization that is performed by the proxy service on...
NullLogic Null HTTPd 0.5 - Remote Denial of Service
NullLogic Null HTTPd 0.5 - Remote Denial of Service source: https://www.securityfocus.com/bid/8697/info Null HTTPd has been reported prone to a remotely triggered denial of service vulnerability. The issue has been reported to present itself in the HTTP POST handling routines within the Null HTTP...
Axis Print Server 6.156.20 - Web Interface Denial of Service
Axis Print Server 6.156.20 - Web Interface Denial of Service source: https://www.securityfocus.com/bid/8096/info Axis Print Server web interface could expose the device to a denial of service vulnerability. It has been reported that an attacker may make a malicious HTTP request that will trigger ...
Webchat 2.0 Module - Full Path Disclosure
Webchat 2.0 Module - Full Path Disclosure source: https://www.securityfocus.com/bid/7774/info Webchat has been reported prone to a path disclosure weakness. Reportedly an attacker may make a malicious HTTP request for several Webchat PHP scripts to trigger the condition. Under some circumstances...
M-TECH P-Synch 6.2.5 - Full Path Disclosure
source: https://www.securityfocus.com/bid/7740/info Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request will cause P-Sync to display an error message...
M-TECH P-Synch 6.2.5 - Full Path Disclosure
M-TECH P-Synch 6.2.5 - Full Path Disclosure source: https://www.securityfocus.com/bid/7740/info Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request wi...
TW-WebServer 1.0 - Denial of Service (2)
TW-WebServer 1.0 - Denial of Service 2 // source: https://www.securityfocus.com/bid/7368/info It has been reported that TW-WebServer is prone to a denial of service vulnerability. Reportedly when an excessive quantity of data is sent to the TW-Webserver as part of a malicious HTTP GET request the...
Killer Protection 1.0 - Information Disclosure
Killer Protection 1.0 - Information Disclosure source: https://www.securityfocus.com/bid/5905/info The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP...