CVE-2015-2011

The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors...

CVE-2015-2011

The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO, the 2 src parameter in a none action to index.php, or the 3 "First...

Exponent CMS < 2.3.1 Patch 4 Multiple XSS Vulnerabilities

Exponent CMS is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Release Information for Veeam Backup & Replication 7 Patch 4

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Veeam Backup & Replication Patch 4 Release Notes Cause Please confirm you are running version 7.0.0.690, 7.0.0.715, 7.0.0.764, 7.0.0.771, 7.0.0.833, 7.0.0.83...

Directory traversal

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests...

CVE-2014-0780 InduSoft Web Studio Path Traversal

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests...

CVE-2014-0780

CVE-2014-0780 affects InduSoft Web Studio NTWebServer in version 7.1 prior to SP2 Patch 4. The NTWebServer directory traversal flaw lets remote attackers read APP password files and can lead to remote code execution. Exploitation is described as remote and not requiring authentication, enabling u...

CVE-2011-4188

Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service application crash or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929...

CVE-2012-0399

Multiple cross-site scripting XSS vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0403

EMC RSA enVision 4.x is affected by CVE-2012-0403: a directory traversal vulnerability that enables remote authenticated users to cause an unspecified impact via unknown vectors. Affected product: RSA enVision before 4.1 Patch 4. Root cause and impact are described as directory traversal with a b...

ESA-2012-014: RSA enVision Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-014: RSA enVision Multiple Vulnerabilities EMC Identifier:ESA-2012-014 CVE Identifiers: CVE-2012-0399, CVE-2012-0400, CVE-2012-0401, CVE-2012-0402, CVE-2012-0403 Severity Rating: CVSS Base Score: See below for scores for individual...

CVE-2011-4789

CVE-2011-4789 describes a stack-based buffer overflow in HP LoadRunner 11.00 before patch 4, via a crafted packet size to magentservice.exe, enabling remote code execution. HP notes the vulnerable product is actually LoadRunner (not Diagnostics Server). Public listings and advisories (ZDI-12-016)...

CVE-2011-4789

Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the...

Novell eDirectory Multiple Vulnerabilities (Jun 2010)

Novell eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netiq:edirectory";...

NetIQ eDirectory Detection (LDAP)

LDAP based detection NetIQ eDirectory. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100339";...

Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow

Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Exploit function Check // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u4949%u4949" +...

Code injection

SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...

CVE-2007-6456

Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unknown impact and attack vectors related to MacOS 10.3.9 .odb files. NOTE: it is not clear whether this issue is a vulnerability...

Trend Micro ServerProtect TMregChange buffer overflow

Added: 09/27/2007 CVE: CVE-2007-4731 OSVDB: 45878 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the TMregChange function in the TMreg.dll library allows remote attackers to execute arbitrary commands by sending specially crafted da...