PT-2016-5018 · Red Hat · Red Hat Satellite

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite 5 affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the list...

ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities

ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities Systems Affected Product : ManageEngine Password Manager Pro Company : ZOHO Corp. Build Number : 8.1 to 8.3 and probably earlier versions Affected Versions : 8102 to 8302 and probably earlier versions Product Description...

madclient.uimserv.net Open Redirect vulnerability

Vulnerable URL: http://madclient.uimserv.net/cl/lid=6252346019218587835/sid=2573743/kid=276287/bid=620503/c=26666/keyword=/sr=175/bidp=594372/cp=38522/kidp=266866/lidp=6252346019218260155/sidp=2573718/clickurl=https://www.xssposed.org Details: Description| Value ---|--- Patched:| No Latest check...

loft-design.org XSS vulnerability

Vulnerable URL: http://loft-design.org/flashdetection.swf?flashContentURL=javascript:alert/XSSPOSED/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google...

odkrywamyinterior.pl Open Redirect vulnerability

Vulnerable URL: http://www.odkrywamyinterior.pl/wp-content/themes/prostore/go.php?https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 8968129 Google...

digilib.bsu.edu.ph Open Redirect vulnerability

Vulnerable URL: http://digilib.bsu.edu.ph/greenstone/cgi-bin/library.cgi?e=d-01000-00---off-0undergra-masterth%2Cundergra%2Cdisserta-01-1----0-10-0---0---0direct-10----4-------0-1l--11-en-50---20-about---00-3-1-00-00--4--0--0-0-11-10-0utfZz-8-00=extlink=0=https://www.xssposed.org/ Details:...

refer.ccbill.com Open Redirect vulnerability

Vulnerable URL: http://refer.ccbill.com/cgi-bin/clicks.cgi?CA=https://www.xssposed.org/=https://www.xssposed.org/=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly...

Microsoft Windows Kernel CVE-2015-2550 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...

BOA Web Server 0.94.8.2 - Arbitrary File Access Vulnerability

Exploit for linux platform in category web applications Title: Vulnerability in BOA web server v0.94.8.2 Date: 03/10/2000 Status: Vendor contacted, patch available Scope: Arbitrary file access Author: llmora Release: Public S 2 1 S E C http://www.s21sec.com Vulnerability in BOA web server v0.94.8...

HP ArcSight contains multiple vulnerabilities

Overview HP ArcSight Logger and ESM contains multiple vulnerabilities. Description CWE-434: Unrestricted Upload of File with Dangerous Type - CVE PendingHP ArcSight Logger 5.3.1.6838.0 configuration import file upload capability does not sanitize file names, which allows a remote, authenticated...

MS15-006: Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)

The remote Windows host is affected by a vulnerability in the Windows Error Reporting service component that allows bypassing the 'Protected Process Light' security feature. A remote attacker can exploit this vulnerability to gain access to the memory of a running process. C Tenable Network...

PT-2015-4270 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.18.2 Description: A race condition in the key gc unused keys function allows local users to cause a denial of service, potentially resulting in memory corruption or panic, via keyctl commands that trigger acces...

PT-2014-7163

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Description The issue allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size...

OpenAM vulnerable to denial-of-service (DoS)

Overview OpenAM provided by ForgeRock is an open source access management software. OpenAM contains a denial-of-service DoS vulnerability due to a flaw in processing Cookies CWE-400. Yasushi IWAKATA of Open Source Solution Technology Corporation reported this vulnerability to IPA. JPCERT/CC...

Ecava IntegraXor Buffer Overflow Vulnerability

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-14-015-01 Ecava IntegraXor Buffer Overflow Vulnerability that was published January 15, 2014, on the NCCIC/ICS-CERT Web site. Independent researcher Luigi Auriemma identified a buffer overflow vulnerability in the Ecava IntegraXo...

Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities

Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier - · Issue Type: SQL injection and information disclosure - ·...

Mpay24 Payment Module 1.5 Information Disclosure / SQL Injection Mpay24 Payment Module 1.5 Informat

Mpay24 Payment Module versions 1.5 and below suffer from information disclosure and remote SQL injection vulnerabilities. Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier - ·...

PT-2014-1863 · Red Hat +1 · 389-Ds-Base-Debuginfo +5

Name of the Vulnerable Software and Affected Versions: 389-ds-base versions 1.3.1.6 389-ds-base-debuginfo versions 1.3.1.6 389-ds-base-devel versions 1.3.1.6 389-ds-base-libs versions 1.3.1.6 Description: The issue allows remote attackers to obtain sensitive replicated metadata by searching the...

ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability

ESA-2014-074.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability EMC Identifier: ESA-2014-074 CVE Identifier: CVE-2014-2519 Severity Rating: CVSS v2 Base Score: 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P Affected products: • EMC...

TikiWiki <= 1.9.8.1 - Local File Inclusion Vulnerabilities

No description provided by source. ====================================================================== TikiWiki = 1.9.8.1 Local File Inclusion ====================================================================== Author: L4teral l4teral 4t gmail com Impact: Local File Inclusion Status: patch...