Lucene search
+L

33 matches found

securityvulns
securityvulns
added 2015/02/23 12:0 a.m.43 views

LG On Screen Phone authentication bypass (CVE-2014-8757)

LG On Screen Phone authentication bypass vulnerability ------------------------------------------------------ SEARCH-LAB Ltd. discovered a serious security vulnerability in the On Screen Phone protocol used by LG Smart Phones. A malicious attacker is able to bypass the authentication phase of the...

8.3CVSS6.4AI score0.0451EPSS
Exploits1
NVD
NVD
added 2015/02/17 3:59 p.m.13 views

CVE-2014-8757

LG On-Screen Phone OSP before 4.3.010 allows remote attackers to bypass authorization via a crafted request...

8.3CVSS6.6AI score0.0451EPSS
Exploits1References6
CVE
CVE
added 2015/02/17 3:0 p.m.48 views

CVE-2014-8757

LG On Screen Phone (OSP) before 4.3.010 is vulnerable to an authentication bypass via crafted requests. The issue is implemented in the OSP component listening on 0.0.0.0:8382, where an attacker on the same local network can bypass the confirmation dialog and gain full control of the phone withou...

8.3CVSS6.8AI score0.0451EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2014/06/02 3:0 p.m.26 views

CVE-2014-0041

OpenStack Heat Templates heat-templates, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors...

6.5AI score0.01374EPSS
Exploits0References4
securityvulns
securityvulns
added 2008/09/29 12:0 a.m.65 views

Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet Advisory ID: cisco-sa-20080924-ssl http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml Revision 1.0 For Public Release 2008 September 24 1600 UTC GMT -...

7.8CVSS0.4AI score0.03165EPSS
Exploits1
CVE
CVE
added 2007/04/22 7:0 p.m.41 views

CVE-2007-2166

OpenSurveyPilot (osp) 1.2.1 and earlier is affected by CVE-2007-2166: a PHP remote file inclusion in administration/user/lib/group.inc.php allows an attacker to execute arbitrary PHP code via a URL in the cfgPathToProjectAdmin parameter. The issue is tied to osp versions before or equal to 1.2.1....

6.8CVSS7.6AI score0.03222EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.53 views

osp <= 1.2.1 (cfgPathToProjectAdmin) Remote File Include Vulnerablities

osp = 1.2.1 cfgPathToProjectAdmin Remote File Include Vulnerablities D.Script: http://nlcac.internationalstudents.asn.au/osp1.01RC1.tar http://sourceforge.net/projects/osp/ latest Discovered by: Alkomandoz Hacker Homepage: http://www.asb-may.net & TrYaG.CoM & MoHaNdKo.CoM Exploit:...

1AI score
Exploits0
CVE
CVE
added 2007/01/05 2:0 a.m.45 views

CVE-2006-6875

CVE-2006-6875 affects OpenSER 1.1.0 and earlier, with a buffer overflow in the validateospheader function of the Open Settlement Protocol (OSP) module that enables remote code execution via a crafted OSP header. No exploitation details are provided in the connected documents. No remediation is st...

7.5CVSS8.2AI score0.02872EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2007/01/01 11:0 p.m.17 views

CVE-2006-6836

Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing...

6.9AI score0.01495EPSS
Exploits0References4
CVE
CVE
added 2007/01/01 11:0 p.m.48 views

CVE-2006-6836

CVE-2006-6836 concerns multiple unspecified vulnerabilities in osp-cert for IBM OS/400 V5R3M0, tied to ASN.1 parsing. Connected sources reference ASN.1 parsing as the underlying issue and describe unspecified impact and attack vectors, with no detailed affected components, versions, or a remediat...

10CVSS7.2AI score0.01495EPSS
Exploits0References4Affected Software1
seebug.org
seebug.org
added 2006/12/31 12:0 a.m.55 views

OpenSER OSP模块Validateospheader函数缓冲区溢出漏洞

OpenSER是一款开放源码的SIP服务器。 OpenSER的开放结算协议(OSP)模块中Validateospheader函数在处理特制报文时存在缓冲区溢出,远程攻击者可能利用此漏洞在服务器上执行任意指令。 漏洞相关的代码如下: int validateospheader struct sipmsg msg, char ignore1, char ignore2 如果攻击者向服务器发送了恶意报文的话就可能触发这个漏洞,导致远程执行任意指令。 OpenSER OpenSER = 1.1.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/30 12:0 a.m.51 views

Multiple OpenSER vulnerabilities

Memory corruption on SMS parsing, buffer overflow on OSP parsing, on QuickCAM objects parsing...

4.5AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2006/12/29 12:0 a.m.34 views

OpenSER OSP Module remote code execution

Synopsis: OpenSER OSP Module remote code execution Product: OpenSER Version: =1.1.0 Issue: ====== A critical security vulnerability has been found in OpenSER Open Settlement Protocol OSP module. OSP is an ETSI defined standard for Inter-Domain VoIP pricing,authorization and usage exchange. Detail...

2.4AI score
Exploits0
Rows per page
Query Builder