Oracle Application Express Data Reporter component privilege acquisition vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A privilege acquisition vulnerability exists in Oracle Application Express Data Reporte...

IBM API Connect Privilege Acquisition Vulnerability

IBM API Connect aka APIConnect is an integrated solution for managing the API lifecycle from IBM USA. The solution supports creating, running, managing and securing APIs, microservices and more. A security vulnerability exists in the MongoDB connector for the LoopBack framework in IBM API Connect...

IBM Event Streams Privilege Acquisition Vulnerability

IBM Event Streams is a set of event streaming platform based on Apache Kafka project from IBM, USA. The platform is mainly used for Apache Kafka deployment, authentication and encrypted communication and other functions. A security vulnerability exists in IBM Event Streams. A remote attacker can...

Apache Impala Privilege Acquisition Vulnerability

Apache Impala is the United States Apache Apache Software Foundation of a large-scale, distributed parallel processing database query system. The system is able to query the Hadoop big data analytics software stored in HDFS distributed file system and HBase database in the petabyte of big data. A...

Red Hat ovirt-engine API and administration web portal access privilege acquisition vulnerability

Red Hat oVirt Engine is an open source virtualization management platform from Red Hat, an open source version of RHEV Enterprise Virtualization Platform. oVirt-engine API is one of the management interfaces; administration web portal is one of the web-based management portals. The administration...

IBM DB2 GSKit Privilege Acquisition Vulnerability

IBM DB2 is a set of relational database management system of American IBM Company. The system is implemented in UNIX, Linux, IBM i, z/OS, and Windows server versions.GSKit is one of a set of security management tools for IBM products. A security vulnerability exists in GSKit in IBM DB2. An attack...

D-Link DCS-933L and DCS-934L Privilege Acquisition Vulnerability

The D-Link DCS-933L and DCS-934L are both network camera products from Terasic D-Link. mydlink+ is an application for remote access to camera devices such as the DCS-933L and DCS-934L. A security vulnerability exists in mydlink+ version 3.8.5 build 259 in the D-Link DCS-933L version 1.05.04 and...

kamailio Privilege Acquisition Vulnerability

kamailio is an open source GPL-based SIP Session Initiation Protocol, Session Initiation Protocol server developed by the FhG FOKUS Institute in Germany . A security vulnerability exists in kamailio versions prior to 4.3.0. An attacker can exploit this vulnerability to gain privileges...

Multiple PDQ Products Privilege Acquisition Vulnerabilities

PDQ Manufacturing LaserWash G5 and others are automotive automatic cleaning equipment from PDQ Manufacturing, USA. web-server is one of the web servers. A security vulnerability exists in the web-server in several PDQ products due to the program failing to verify that the authentication informati...

TRENDnet WiFi Baby Cam TV-IP743SIC Privilege Acquisition Vulnerability

The TRENDnet WiFi BabyCam TV-IP743SIC is a networked video surveillance device for babies from TRENDnet. A privilege acquisition vulnerability exists in the TRENDnet WiFi BabyCam TV-IP743SIC. An attacker can exploit this vulnerability to gain root access to the operating system...

iBaby M3S Privilege Acquisition Vulnerability

The iBaby M3S is a video monitoring device for babies. A privilege acquisition vulnerability exists in iBaby M3S. An attacker can exploit this vulnerability to gain access to the underlying operating system...

Multiple Moxa Products Privilege Acquisition Vulnerabilities

Moxa OnCell G3100V2 and others are IP gateway products from Moxa. A privilege-acquisition vulnerability exists in multiple Moxa products, where the program fails to properly limit the number of authentication requests. A remote attacker could exploit this vulnerability by performing a brute force...

Android on Nexus Qualcomm Component Privilege Acquisition Vulnerability (CNVD-2016-06231)

Android on Nexus 5 and 7 is an open source Linux-based operating system for the Nexus 5 and 7 smartphones developed by Google and the Open Handset Alliance OHA in the U.S. Qualcomm is one of the U.S.-based companies used in the Qualcomm devices. Qualcomm is a Qualcomm device-specific component us...

Android on Nexus Qualcomm Component Privilege Acquisition Vulnerability (CNVD-2016-06249)

Android on Nexus 5 and 7 is an open source Linux-based operating system for the Nexus 5 and 7 smartphones developed by Google and the Open Handset Alliance OHA in the U.S. Qualcomm is one of the U.S.-based companies used in the Qualcomm devices. Qualcomm is a Qualcomm device-specific component us...

Palo Alto Networks PAN-OS Privilege Acquisition Vulnerability

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A privilege acquisition vulnerability exists in Palo Alto Networks PAN-OS. A local attacker can exploit this vulnerability to gain privileges by filtering rootreboot calls incorrect...

IBM WebSphere Application Server Privilege Acquisition Vulnerability

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. Liberty Profile is a dynamic server profile for WAS. A privilege acquisition vulnerability exists in IBM WAS Liberty Profile version 8.5.5, which can be exploited to gain user...

IBM InfoSphere Streams Privilege Acquisition Vulnerability

IBM InfoSphere Streams is a data analytics platform. A security vulnerability in IBM InfoSphere Streams exists when the program sets the instance runAsUser attribute, which allows a local attacker to exploit the vulnerability to check permissions using the group ID of the root user...

OpenELEC and RasPlex Privilege Acquisition Vulnerability

OpenELEC is a Linux embedded operating system that comes with a home theater.RASPLEX is an open, standalone home entertainment system. A security vulnerability exists in OpenELEC and RasPlex that can be exploited by remote attackers to gain access with the help of an SSH session...

Multiple F5 BIG-IP Products Privilege Acquisition Vulnerabilities

F5 BIG-IP is an equipment product manufactured by F5 Network for application delivery services, mainly used for load balancing, service acceleration optimization and other purposes. A security vulnerability exists in the dcoep of multiple F5 BIG-IP products, which can be exploited by a local...

CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability

Document Title ================ Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability Affected Products =================== Vendor: Tripwire Software/Appliance: IP360 VnE Vulnerability Manager Affected verified versions: v7.2.2 - v7.2.5 CVE =====...