10 matches found
TrendNet AUTHORIZED_GROUP Information Disclosure Vulnerability
Exploit for hardware platform in category web applications TrendNet AUTHORIZEDGROUP Information Disclosure Full report: https://blogs.securiteam.com/index.php/archives/3627 Twitter: @SecuriTeamSSD Weibo: SecuriTeamSSD Vulnerability Summary The following advisory describes an information disclosur...
iBall WRA150N - Multiple Vulnerabilities
Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in iB-WRA150N devices, firmware 1.2.6 build 110401 Rel.47776n. iB-WRA150N is “a powerful solution to Internet connectivity at home, small offices and work stations. The key is if you are using an ADSL2+ connectio...
Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 3.03p2-1146 - Remote Code Execution
Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 3.03p2-1146 - Remote Code Execution Vulnerability Summary The following advisory describes a buffer overflow that leads to remote code execution found in Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 ...
Linux Kernel (Ubuntu 17.04) - 'XFRM' Local Privilege Escalation
Vulnerability Summary The following advisory describes a Use-after-free vulnerability found in Linux kernel that can lead to privilege escalation. The vulnerability found in Netlink socket subsystem – XFRM. Netlink is used to transfer information between the kernel and user-space processes. It...
DblTek - Multiple Vulnerabilities
Vulnerabilities summary The following advisory describes 2 two vulnerabilities found in DblTek webserver. DBL is “specialized in VoIP products, especially GoIPs. We design, develop, manufacture, and sell our products directly and via distributors to customers. Our GoIP models now cover 1, 4, 8, 1...
Fedora 25 : php-horde-Horde-Mime-Viewer (2016-f5fda29032)
HordeMimeViewer 2.2.1 - jan SECURITY: Don't render SVG images in the browser to avoid XSS attacks Reported by Dawid Gounski via Beyond Security's SecuriTeam Secure Disclosure program. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...
Oracle Linux 5 / 6 : rdesktop (ELSA-2011-0506)
The remote Oracle Linux 5 / 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-0506 advisory. 1.6.0-8.1 - Prevent remote file access 676252 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure
Multiple vulnerabilities were discovered in Drupal core. Arbitrary PHP code execution A bug in the installer code was identified that allows an attacker to re-install Drupal using an external database server under certain transient conditions. This could allow the attacker to execute arbitrary PH...
Fedora 13 : rdesktop-1.6.0-10.fc13 (2011-7694)
This update fixes a security issue in rdesktop 1.6.0. A directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local...
Fedora 14 : rdesktop-1.6.0-11.fc14 (2011-7697)
This update fixes a security issue in rdesktop 1.6.0. A directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local...