2829 matches found
Amazon Linux 2 : libssh2 (ALAS-2023-2046)
The version of libssh2 installed on the remote host is prior to 1.4.3-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2046 advisory. An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev...
CVE-2021-33974
Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Chrome https://browser.360.cn/ee/ is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: This is a set of vulnerabilities affecting popular software, and the installation...
Buffer overflow
Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Chrome https://browser.360.cn/ee/ is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: This is a set of vulnerabilities affecting popular software, and the installation...
Debian: Security Advisory (DSA-2089-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1424-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-2115-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-2104-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1751-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Remote Vulnerabilities in Automobiles
This group has found a ton of remote vulnerabilities in all sorts of automobiles. Its enough to make you want to buy a car that is not Internet-connected. Unfortunately, that seems to be impossible...
HPESBNW04396 rev.2 - Aruba EdgeConnect Enterprise Orchestrator, Multiple Vulnerabilities
Potential Security Impact: Remote: Arbitrary Code Execution, Authentication Bypass, Cross-Site Scripting XSS, Escalation of Privilege, SQL Injection, Session Reuse SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba EdgeConnect Enterprise Orchestration Software see details in...
JM-DATA ONU JF511-TV 1.0.67 / 1.0.62 / 1.0.55 XSS / CSRF / Open Redirect
JM-DATA ONU JF511-TV Multiple Remote Vulnerabilities Vendor: JM-DATA GmbH Product web page: https://www.jm-data.at Affected version: 1.0.67 1.0.62 1.0.55 Summary: This ONU is the perfect GEPON home and business gateway. It is an all-rounder in perfection. It can BRIDGE/NAT/RIP ROUTEND and COMBINE...
Command injection
In Belkin N300 Firmware 1.00.08, the script located at /settinghidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The following parameters in the form name form; list vulnerable parameters, are not properly sanitize...
EulerOS 2.0 SP8 : krb5 (EulerOS-SA-2021-2466)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2 allows remote...
HPESBST04141 rev.3 - HPE Fibre Channel and SAN Switches with Brocade Fabric OS (FOS) Prior to v8.2.3a, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Authentication Bypass, Denial of Service DoS, Disclosure of Sensitive Information, User Validation Failure SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Brocade 16Gb Fibre Channel SAN Switch for HPE Synergy - Prior to 8.2.3a Brocade 16Gb SAN...
HPESBHF04144 rev.1 - HPE StoreOnce Systems using HPE Integrated Lights-Out 4 (iLO 4), Multiple Remote and Local Vulnerabilities
Potential Security Impact: Local: Buffer Overflow; Remote: Cross-Site Scripting XSS, Carriage Return Line Feed CRLF Injection SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreOnce 2700 8TB Backup - Prior to 3.18.20 HPE StoreOnce 2900 24TB Backup - Prior to 3.18.20 HPE...
Debian DLA-2552-1 : connman security update
A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code. For Debian 9 stretch, these problems have been fixed in version...
Vulnerability Spotlight: Accusoft ImageGear vulnerabilities could lead to code execution
Marcin Towalski, Emmanuel Tacheau and another Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Accusoft ImageGear contains two remote code execution vulnerabilities. ImageGear is a document and imaging library from Accusoft that developers can use to build their...
[SECURITY] [DSA 4847-1] connman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4847-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 08, 2021 https://www.debian.org/security/faq -...
HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities
Exploit Title: HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTXf62aaafe780a496dad6d28621a Software Link:...
HPE Edgeline Infrastructure Manager Improper Authorization
!/usr/bin/python -- coding: UTF-8 -- billhader.py HPE Edgeline Infrastructure Manager Multiple Remote Vulnerabilities Jeremy Brown jbrown3264/gmail Dec 2020 In \opt\hpe\eim\containers\api\eim\api\urls.py, some private paths are defined which are intended to only be accessible via the local consol...