80 matches found
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-20299)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from an affected application failing to properly filter...
Cisco IOS XE Software REST API Authorization Issue Vulnerability
Cisco IOS XE Software is the United States Cisco Cisco company's set of operating system developed for its network equipment. the REST API is one of the support for lightweight REST-style Web scripting API. An authorization issue vulnerability exists in the REST API in Cisco IOS XE Software, whic...
Cisco IOS XE Cross-Site Scripting Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices. A cross-site scripting vulnerability exists in the Web UI in Cisco IOS XE Software, which arises from a program's failure to perform sufficient input validation of parameters sent to the affected software via...
CVE-2018-0196
A vulnerability in the web-based user interface web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web...
CVE-2018-0173
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service DoS...
DSA-4135-1 samba - security update
Bulletin has no description...
Cisco IOS XE Software ANI Certificate Revocation Vulnerability
Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A security vulnerability in the Autonomic Networking feature of Cisco IOS XE Software allows remote attackers to exploit the vulnerability by submitting a special request to revoke a...
CVE-2017-6732
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.22.1PP1 4.23.0PP6 4.30.0PP4 4.31.0PP2. Known Fixed Releases: 4.32...
CVE-2017-6732
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.22.1PP1 4.23.0PP6 4.30.0PP4 4.31.0PP2. Known Fixed Releases: 4.32...
CVE-2017-6732
CVE-2017-6732 affects Cisco Prime Network Software. The issue is a local privilege escalation in the installation procedure, exploitable by an authenticated user to gain root privileges. Affected releases include 4.2(2.1)PP1, 4.2(3.0)PP6, 4.3(0.0)PP4, and 4.3(1.0)PP2. The fixed release is 4.3(2)....
Error session termination mechanisms lead to account hijacking-vulnerability warning-the black bar safety net
Error session termination mechanisms Session termination is to secure the session period in one important aspect. Security implementation session tokens can effectively reduce the session hijacking attack. The session is terminated as the number of attack control mechanisms, such asXSS(cross-site...
CVE-2016-1428
Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S allows remote authenticated users to cause a denial of service device restart via a sequence of crafted SNMP read requests, aka Bug ID CSCux13174...
Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability
Cisco IOS and IOS XE Software are both operating systems developed by Cisco for its network devices. A security vulnerability exists in the IKE version 2 fragmentation code in Cisco IOS and IOS XE Software due to the program failing to properly handle fragmented IKEv2 packets. A remote attacker...
Cisco IOS XR Software Denial of Service Vulnerability (CNVD-2015-02658)
Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A denial of service vulnerability exists in Cisco IOS XR Software. An attacker is allowed to exploit this vulnerability to launch a denial of service attack...
TL-WR340G wireless router denial of service vulnerability-vulnerability warning-the black bar safety net
TL-WR340G TP-Link produced a lightweight wireless router, recently, a foreign hacker found this router on a denial of service vulnerability, just sending a simple malformation of the packet to the router, you can enable the router to stop working, need to manually reboot the router to get back to...
Empire EmpireCMS)6.0 /search/keyword/index.php there are multiple cross-site vulnerabilities-vulnerability warning-the black bar safety net
Empire software is a company focused on network software development technology company, whose main product“Empire website management systemEmpireCMS”is currently the most widely used CMS program. Through years of continuous innovation and improvement, the system sets safe, strong, stable, flexib...
Avahi multiple security vulnerabilities
Buffer overflow, DoS...
Citadel/UX buffer overflow
Stack overflow on oversized USER command to citadel TCP/504 port...
PT-2002-2428 · Cisco · Cisco Ios +2
Name of the Vulnerable Software and Affected Versions: Cisco IOS software versions 11.3 through 12.2 Description: The issue allows remote attackers to modify Data Over Cable Service Interface Specification DOCSIS settings via a DOCSIS file without a Message Integrity Check MIC signature, which is...
APC WEBSNMP Management Card (9606) Firmware 3.0 - Telnet Administration Denial of Service
APC WEBSNMP Management Card 9606 Firmware 3.0 - Telnet Administration Denial of Service source: https://www.securityfocus.com/bid/2430/info Symmetra is an Uninterruptable Power Supply manufactured by American Power Conversation Corporation APC. Symmetra supports network options that allow a remot...