1199 matches found
Huawei UMA Security Bypass Vulnerability
Huawei UMA Unified Maintenance and Audit is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. Huawei UMA suffers from a security bypass vulnerability, as the program fails t...
CVE-2016-3855
drivers/thermal/supplylmcore.c in the Qualcomm components in Android before 2016-08-05 does not validate a certain count parameter, which allows attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted application, aka Qualcomm...
The vulnerability of Juniper SRX 240 router microprogramming software, allowing a hacker to execute arbitrary commands
The Juniper SRX 240 router software contains a vulnerability in the Sajax AJAX library, allowing an attacker to execute any commands due to the lack of validation of request parameters by the sajaxhandleclient function...
SUSE-SU-2016:1559-1 Security update for spice
spice was updated to fix four security issues. These security issues were fixed: - CVE-2016-2150: Guest escape using crafted primary surface parameters bsc982386. - CVE-2016-0749: Heap-based buffer overflow in smartcard interaction bsc982385. - CVE-2015-5260: Insufficient validation of surfaceid...
CVE-2016-2480
The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...
ESF pfSense status_rrd_graph_img.php Command Injection
A Command Injection vulnerability has been reported in ESF pfSense. This vulnerability is due to statusrrdgraphimg.php incorrectly validating the graph HTTP parameter. A remote, authenticated attacker can exploit this vulnerability by sending crafted requests to the statusrrdgraphimg.php URI...
Apache Jetspeed Multiple Vulnerabilities (Mar 2016)
Apache Jetspeed is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:jetspeed"; if...
Comodo - PackMan Unpacker Insufficient Parameter Validation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=764 Packman is an obscure opensource executable packer that Comodo Antivirus attempts to unpack during scanning. The code is available online here: http://packmanpacker.sourceforge.net/ If the compression method is set to algorithm...
New Relic: [login.newrelic.com] XSS via return_to
The returnto parameter is not validated properly, which allows an attacker to execute javascript via the data: protocol: https://login.newrelic.com/login?returnto=data:text/html%3Bbase64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg%3D%3D Despite being executed not in the newrelic domain, the script still c...
Vulnerabilities in Graphite 2 — Mozilla
Security researcher Holger Fuhrmannek reported that a malicious Graphite "smart font" could circumvent the validation of internal instruction parameters in the Graphite 2 library using special CNTXTITEM instructions. This could result in arbitrary code execution...
Design/Logic Flaw
examples/consumer/common.php in JanRain PHP OpenID library aka php-openid improperly checks the openid.realm parameter against the SERVERNAME element in the SERVER superglobal array, which might allow remote attackers to hijack the authentication of arbitrary users via vectors involving a crafted...
Cisco Emergency Responder Web Framework Arbitrary File Upload Vulnerability
Cisco Emergency Responder's real-time location-address tracking database and enhanced routing capabilities can transfer emergency calls directly to the appropriate Public Safety Answering Point PASP based on the caller's location. Cisco Emergency Responder 10.5 3.10000.9 fails to validate...
Cisco Emergency Responder Web Framework Arbitrary File Upload Vulnerability
A vulnerability in the web framework of Cisco Emergency Responder CER could allow an unauthenticated, remote attacker to upload arbitrary files to a restricted location on the filesystem. The vulnerability is due to insufficient parameter validation. An attacker could exploit this vulnerability b...
SUSE-SU-2015:1733-1 Security update for spice
Spice was updated to fix three security issues. The following vulnerabilities were fixed: CVE-2015-3247: heap corruption in the spice server bsc944460 CVE-2015-5261: Guest could have accessed host memory using crafted images bsc948976 CVE-2015-5260: Insufficient validation of surfaceid parameter...
Cisco Finesse Cross-Site Scripting Vulnerability
Cisco Finesse is a set of call center management software from the U.S. company Cisco Cisco. The software enhances call center service quality, improves customer experience, and increases agent satisfaction. A cross-site scripting vulnerability exists in Cisco Finesse version 10.51, which...
JCE: missing EC parameter validation in ECDH_Derive() (OpenJDK JCE, 8075833)
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE...
jre7-openjdk: multiple issues
CVE-2015-2590 deserialization issue in ObjectInputStream.readSerialData: ObjectInputStream's readSerialData could, in certain cases, incorrectly perform deserialization of data from serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...
JCE: missing EC parameter validation in ECDH_Derive() (OpenJDK JCE, 8075833)
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE...
JCE: missing EC parameter validation in ECDH_Derive() (OpenJDK JCE, 8075833)
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE...
VK.com: API: Bug in method auth.validatePhone
The bug is that auth.validatePhone does not validate the parameter "sid". In theory he should be in the format "2fa$userId$appId$hash", but to get the correct result send SMS/make call enough only "2fa$userId$anyText". For example, these requests will send a SMS:...