Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal Vulnerability

No description provided by source. Title : Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability Author : Veerendra G.G from SecPod Technologies www.secpod.com Vendor : http://www.avaya.com/usa/product/ip-office Advisory : http://www.avaya.com/usa/product/ip-office...

IBM AIX 5.3 GetShell and GetCommand Partial File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16103/info IBM AIX is prone to a local vulnerability in getShell and getCommand. This vulnerability may let the attacker gain unauthorized read access to shell scripts on the computer. -bash-3.00$ ls -l /tmp/k.sh -rwx----...

.NET Framework EncoderParameter Integer Overflow Vulnerability

No description provided by source. ------------------------------------------------------------------------ .NET Framework EncoderParameter integer overflow vulnerability ------------------------------------------------------------------------ Yorick Koster, September 2011...

Cisco Wide Area Application Services Partial Denial of Service Vulnerability

A vulnerability in Cisco Wide Area Application Services WAAS software, when configured with the SharePoint acceleration feature, could allow an unauthenticated, remote attacker to cause a reload of the application optimization handler. The vulnerability is due to incorrect parsing of SharePoint...

Solaris 9 (x86) : 149074-01

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Print Filter Utility. Supported versions that are affected are 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in...

Juniper Networks Junos OS Stack Exhaustion Denial of Service Vulnerability

Denial of Service vulnerability due to stack exhaustion in glibc used by Junos SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DEBIAN-CVE-2013-6410

nbd-server in Network Block Device nbd before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file...

UBUNTU-CVE-2013-6410

nbd-server in Network Block Device nbd before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file...

Juniper Networks Junos OS GNU libc GLOB_LIMIT DoS Vulnerability

Remote authenticated users can cause a partial denial of service via crafted glob expressions. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Oracle JavaServer Faces contains multiple vulnerabilities

Overview Oracle JavaServer Faces contains multiple vulnerabilities which could allow an attacker to obtain sensitive information. Description Oracle JavaServer Faces contains multiple vulnerabilities which could allow an attacker to obtain sensitive information.Alex Kouzemtchenko and Jon Passki o...

CVE-2013-3836

Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching...

CVE-2013-3836

Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching...

CVE-2013-3836

CVE-2013-3836 affects Oracle Web Cache (Oracle Fusion Middleware 11.1.1.6/11.1.1.7). The vulnerability’s root cause is related to ESI/Partial Page Caching, allowing remote authenticated users to impact confidentiality. The connected documents confirm the affected product and vector but do not pro...

Synology DSM multiple vulnerabilities

Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manager DSM it's a Linux based operating system, use...

BlackBerry < 6.0.0 Browser Partial DoS

Binary data blackberry600check.nbin...

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Synology DiskStation Manager DSM 4.3-3776 - Multiple Vulnerabilities Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched...

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manager DSM it's a Linux based operating system, use...

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Exploit for linux platform in category web applications Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: email protected Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manag...

DEBIAN-CVE-2013-2076

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged t...

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...