HPE Sizer for Microsoft Skype for Business Server Remote Arbitrary Code Execution Vulnerability

HPE Sizer for Microsoft Skype for Business Server is prone to a remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Ruby on Rails Action Pack RCE Vulnerability (Feb 2016) - Windows

Ruby on Rails is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Ruby on Rails Action View 'render' Directory Traversal Vulnerability (Feb 2016) - Linux

Ruby on Rails is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails"...

Drupal 'User' Module Privilege Escalation Vulnerability - Windows

Drupal is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...

SugarCRM REST deserialization vulnerability

Added: 09/23/2016 BID: 91413 Background SugarCRM is customer relationship management software written in PHP. Problem Improper use of the unserialize function inside the SugarRestSerialize.php script allows remote attackers to inject PHP objects, leading to arbitrary command execution. Resolution...

Microsoft Windows PDF Library Multiple Information Disclosure Vulnerabilities (3188733)

This host is missing an important security update according to Microsoft Bulletin MS16-115 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CPython Man in Middle Attack and Code Execution Vulnerabilities - Windows

CPython is prone to a man in middle attack and an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Core Ajax handlers CSRF and Directory Traversal Vulnerabilities - Linux

WordPress is prone to CSRF and directory traversal vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Ocomon 2.0 - SQL Injection

Exploit for php platform in category web applications Exploit Title: Ocomon 2.0: Acess administrative Bypass / Multiple Sql Injection Google Dork: inurl:ocomon/index.php or intitle:Ocomon 2.0-RC6 Date: 2016.08.18 Exploit Author: Jonatas Fil a.k.a pwx Vendor Homepage: ninj4c0d3r.github.io Version:...

PHP < 5.5.36, 5.6.x < 5.6.22 Multiple Vulnerabilities (Aug 2016) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Microsoft ActiveSyncProvider Universal Outlook Information Disclosure Vulnerability (3182332)

This host is missing an important security update according to Microsoft Bulletin MS16-103. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PHP 7.x < 7.0.4 Multiple Vulnerabilities (Jul 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP < 5.5.32, 5.6.x < 5.6.18, 7.x < 7.0.3 Multiple Vulnerabilities (Jul 2016) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Symantec Workspace Streaming and Workspace Virtualization Path Traversal and Arbitrary File Read

SUMMARY Symantec Workspace Streaming SWS and Workspace Virtualization SWV management consoles were susceptible to a path traversal in a file download configuration file that could allow a malicious user who could access the vulnerable file to view unauthorized application files of specific file...

GraphicsMagick Code Execution And Denial of Service Vulnerabilities (Jul 2016) - Windows

GraphicsMagick is prone to arbitrary code execution and denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

op5 Monitor Nacoma command execution

Added: 07/01/2016 Background op5 Monitor is an open-source monitoring solution written in PHP. Problem The commandtest.php script in the Nacoma component of op5 Monitor can be used to execute arbitrary operating system commands. Resolution Upgrade to op5 Monitor 7.2.0 or higher. References...

ImageMagick Multiple Unspecified Vulnerabilities - Windows

ImageMagick is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

IBM WebSphere Application Server Privilege Escalation Vulnerability (Apr 2016)

IBM WebSphere Application Server is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Symantec Encryption Management Server Multiple Security Issues

SUMMARY The management console for Symantec Encryption Management Server SEMS is susceptible to potential OS command execution, local access elevation of privilege, a heap-based memory corruption resulting in a service crash and potential information disclosure of management console logon/account...

Oracle MySQL Server <= 5.5.46 / 5.6 <= 5.6.27 Security Update (cpujan2016) - Windows

Oracle MySQL Server is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...