7 matches found
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via improper access control in the getValue for objects. An attacker can gain unauthorized access to, create, edit, or relate data and object entries or definitions across different virtu...
Cisco ASR ASR9K Security Bypass Vulnerability
The Cisco ASR 9000 Series is Cisco's integrated services router solution that uses the IOS XR Software modular operating system to provide carrier-class reliability. A security vulnerability exists in the Object-ACL matching process of the Cisco Aggregation Services Router 9000 ASR9K, which can b...
IBM WebSphere Service Registry and Repository 7.5 < 7.5.0.4 Multiple Vulnerabilities
The version of IBM WebSphere Service Registry and Repository WSRR is version 7.5 prior to 7.5.0.4. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...
IBM WebSphere Service Registry and Repository 6.3 < 6.3.0.5 Multiple Vulnerabilities
The version of IBM WebSphere Service Registry and Repository WSRR is version 6.3 prior to 6.3.0.5. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...
IBM WebSphere Service Registry and Repository 8.0 < 8.0.0.3 Multiple Vulnerabilities
The version of IBM WebSphere Service Registry and Repository WSRR is version 8.0 prior to 8.0.0.3. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...
CVE-2014-4685
Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control...
Debian Security Advisory DSA 043-1 (zope)
The remote host is missing an update to zope announced via advisory DSA 043-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...