Secure Computing SnapGear Management Console SG560 v3.1.5 CSRF Add Super User

Summary The SG gateway appliance range provides Internet security and privacy of communications for small and medium enterprises, and branch offices. It simply and securely connects your office to the Internet, and with its robust stateful firewall, shields your computers from external threats...

Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read

Title: Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read Author:LiquidWorm Date: 2020-06-04 Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write Vendor: Secure Computing Corp. Product web...

QEMU: seccomp: blacklist is not applied to all threads

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...

Google Releases Open Source Tool For Computational Privacy

Google is releasing a new open-source cryptographic tool aimed at boosting privacy around sensitive data sets. The tool, called Private Join and Compute, is designed to help companies who are working together with confidential data sets. Private Join and Compute, allows companies to share data in...

UBUNTU-CVE-2017-18367

libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument...

secure-computing.net XSS vulnerability

Vulnerable URL: https://www.secure-computing.net/wiki/thumb.php?f=xssposed%23%3Cbody%09onload=confirm%28String.fromCharCode%2888,83,83,80,79,83,69,68%29%29%3E Details: Description| Value ---|--- Patched:| Yes, at 04.04.2016 Latest check for patch:| 04.04.2016 11:29 GMT Vulnerability type:| XSS...

SSH 1.2.x CRC-32 Compensation Attack Detector Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2347/info Secure Shell, or SSH, is an encrypted remote access protocol. SSH or code based on SSH is used by many systems all over the world and in a wide variety of commercial applications. An integer-overflow bug in the...

Secure Computing e.iD Authenticator for Palm 2.0 PIN Brute-Force Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2105/info Summary: An attacker that obtains access to the sceiddb.pdb file, part of Secure Computing's e.iD Authenticator for Palm, can determine the user's PIN. Problem Description: Secure Computing's SafeWord is a syste...

McAfee SmartFilter信息泄漏漏洞

Bugraq ID: 35756 CVE ID：CVE-2009-2312 CVE-2009-2429 CNCVE ID：CNCVE-20092312 CNCVE-20092429 McAfee SmartFilter是一款网站过滤解决方案。 McAfee SmartFilter存在设计问题，本地攻击者可以利用漏洞获得敏感信息。 用于proxy服务器验证的SmartFilter user ID的用户名和明文文本密码保存在c:\Program Files\Secure Computing\Smartfilter...

CVE-2008-5540

Secure Computing Secure Web Gateway aka Webwasher, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3...

Design/Logic Flaw

Secure Computing Secure Web Gateway aka Webwasher, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3...

CVE-2008-5540

Secure Computing Secure Web Gateway aka Webwasher, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3...

CVE-2008-5540

CVE-2008-5540 describes a bypass of malware detection in Secure Computing Secure Web Gateway (Webwasher) when using Internet Explorer 6/7. An attacker can place an MZ header at the start of an HTML document and modify the filename to have no extension, .txt, or .jpg, enabling the document to evad...

CVE-2008-1797

Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service freeze via a crafted URL...

Design/Logic Flaw

Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service freeze via a crafted URL...

CVE-2008-1797

Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service freeze via a crafted URL...

CVE-2008-1797

The CVE-2008-1797 entry affects Secure Computing Webwasher; affected versions are 5.30 before build 3159 and 6.3.0 before build 3150. The issue is described as an unspecified vulnerability that allows remote attackers to cause a denial of service (freeze) via a crafted URL. No root-cause details,...

Webwasher Denial of Service Vulnerability

Credit: The disclosure of this issue has been credited to National Australia Bank Security Assurance. Vulnerable: Secure Computing Webwasher 6.6.3 build 3102 and older versions running on CGLinux 4/5, RHEL 4, Debian 4, SLES10 Not vulnerable: Secure Computing Webwasher Builds 3150 and newer all...

CVE-2007-4043

file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files...

CVE-2007-4043

file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files...