548 matches found
Authentication flaw
An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network based, unauthenticated attacker to perform privileged actions to gain complete control over the environment...
Information disclosure
An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future...
CVE-2016-5590
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL subcomponent: Monitoring: Agent. Supported versions that are affected are 3.1.3.7856 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via TLS to compromise MySQL Enterprise...
Iris ID IrisAccess iCAM4000iCAM7000 - Hard-Coded Credentials Remote Shell Access
Iris ID IrisAccess iCAM4000iCAM7000 - Hard-Coded Credentials Remote Shell Access Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Credentials Remote Shell Access Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/irisaccesssystem/irisaccess4000/...
F5 BIG-IP - TCP vulnerability CVE-2015-8099
Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge HSB on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies are configured for use and...
F5 Networks BIG-IP : TCP vulnerability (K35358312)
Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge HSB on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies are configured for use and...
Cisco's 'High Severity' Flaw Lets Malware Bypass FirePower Firewall
Technology vendor Cisco is pushing out security updates to customers to address a critical vulnerability found in its recently introduced line of FirePower firewall products. The vulnerability, according to Cisco, allows attackers to slip malware onto critical systems without detection. The flaw...
Juniper Networks Junos OS SRX RTSP DoS Vulnerability
Junos OS on SRX Series is prone to a Denial of Service vulnerability in flowd. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Juniper Networks Junos OS Embedthis Appweb Server DoS Vulnerability
Junos OS is prone to a Denial of Service vulnerability with J-Web enabled. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Juniper Networks Junos OS Bind Denial of Service Vulnerability
Denial of Service vulnerability in Junos ISC Bind version. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...
iOS Vulnerability Could Force Devices Into Endless Reboot Loop
Researchers stumbled upon a vulnerability recently that can force any iPhone or iPad into a perpetual reboot loop. The issue stems from what researchers are calling an SSL certificate parsing vulnerability in iOS 8.0, something Apple is apparently aware of and in the process of fixing. Yair Amit,...
CVE-2015-0586
The Network-Based Application Recognition NBAR protocol implementation in Cisco IOS 15.3100M and earlier on Cisco 2900 Integrated Services Router aka Cisco Internet Router devices allows remote attackers to cause a denial of service NBAR process hang via IPv4 packets, aka Bug ID CSCuo73682...
Cisco 2900 Series Integrated Services Router Network-Based Application Recognition Denial of Service Vulnerability
A vulnerability in the Network-Based Application Recognition NBAR protocol process of the Cisco 2900 Series Integrated Services Router could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability occurs when the NBAR process locks. An attacker coul...
Re: [oss-security] CVE-2014-6271: remote code execution through bash
Florian Weimer: Chet Ramey, the GNU bash upstream maintainer, will soon release official upstream patches. http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-017 http://ftp.gnu.org/pub/gnu/bash/bash-3.1-patches/bash31-018 http://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052...
Cisco 871 Integrated Services Router - Cross-Site Request Forgery Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/31218/info The Cisco 871 Integrated Services Router is prone to a cross-site request-forgery vulnerability. Successful exploits can run arbitrary commands on affected devices. This may lead to further network-based attack...
LANDesk Management Gateway 4.x Multiple Security Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38119/info LANDesk Management Gateway is prone to a cross-site request-forgery vulnerability and a cross-site scripting vulnerability. An attacker can exploit the cross-site request forgery issue to alter the settings on...
Cisco 871 Integrated Services Router - Cross-Site Request Forgery Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/31218/info The Cisco 871 Integrated Services Router is prone to a cross-site request-forgery vulnerability. Successful exploits can run arbitrary commands on affected devices. This may lead to further network-based attack...
Gkrellmd 2.1 - Remote Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/8022/info GKrellMd has been reported prone to a remote buffer overflow vulnerability, arbitrary code execution is possible. The issue presents itself due to a lack of sufficient bounds checking performed on network-based...
Check Point Software Firewall-1 4.0/1.4.1 Resource Exhaustion Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1416/info The Check Point Firewall-1 SMTP Security Server in Firewall-1 4.0 and 4.1 on Windows NT is vulnerable to a simple network-based attack which can increase the firewall's CPU utilization to 100%. Sending a stream ...
Google Play Store Update Allows Apps to Silently Gain Control of Your Device
Google just made a huge change to the way application permissions work on Android devices which has left a potential door open to malicious app developers and hackers. Google narrows down Android's 145 permissions into 13 broad categories and groups app permissions into 'groups of related...