Cisco Prime Infrastructure and Evolved Programmable Network Manager API Unauthorized Access Vulnerability

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM are both products of the U.S. Cisco Cisco.PI is a set of solutions for wireless management through Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies; EPNM is a network...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Authenticated Remote Code Execution Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files and execute commands as the prime web user. The prime web user does not have the full privileges of root...

Siemens S7300/400 PLC has a Privilege Bypass Downtime Vulnerability

The Siemens S7300/400 PLC is a modular general-purpose controller from Siemens for the manufacturing industry. A privilege bypass downtime vulnerability exists in the Siemens S7300/400 PLC. An attacker can exploit the vulnerability by sending a specific message to change the PLC from the RUN stat...

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

Design/Logic Flaw

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Privilege Gain Vulnerability

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM are both products of the U.S. Cisco Cisco.PI is a set of solutions for wireless management through Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies; EPNM is a network...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability

A vulnerability in the application programming interface API web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to...

Panasonic FPWIN Pro Buffer Overflow Vulnerability (CNVD-2016-03215)

Panasonic FPWIN Pro is a set of programming software for all FP series PLCs Programmable Logic Controllers from Panasonic. A buffer overflow vulnerability exists in Panasonic FPWIN Pro, which can be exploited by remote attackers to crash the program...

Panasonic FPWIN Pro Buffer Overflow Vulnerability

Panasonic FPWIN Pro is a set of programming software for all FP series PLCs Programmable Logic Controllers from Panasonic. A buffer overflow vulnerability exists in Panasonic FPWIN Pro, which can be exploited by an attacker to overwrite heap memory and crash the program...

Mitsubishi FX3G PLC Denial of Service Vulnerability

FX3G series PLC is specialized in providing customers with more personalized system solutions, which can fully meet the system requirements of customers in different industries. A denial-of-service vulnerability exists in the Mitsubishi FX3G PLC, which allows an attacker to exploit the...

Cisco Prime Infrastructure elevation of privilege vulnerability (CNVD-2016-02072)

Cisco Prime Infrastructure is the United States Cisco Cisco company's set of wireless management through the Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technology solutions. An elevation of privilege vulnerability exists in Cisco Prime Infrastructure 1.2.0...

CVE-2016-1290

The web API in Cisco Prime Infrastructure 1.2.0 through 2.22 and Cisco Evolved Programmable Network Manager EPNM 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input...

Ubuntu: Security Advisory (USN-2887-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2887-1 linux vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2890-3)

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2886-1)

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2887-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2887-1 advisory. It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollc...