120 matches found
Security Bulletin: BigInsights is affected by multiple vulnerabilities in BigSheets and Data Server Manager (CVE-2017-1552, CVE-2017-1553, CVE-2017-1554)
Summary BigInsights is affected by multiple UI vulnerabilities in BigSheets and Data Server Manager DSM Vulnerability Details CVEID: CVE-2017-1552 DESCRIPTION: IBM Infosphere BigInsights is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote...
The vulnerability of the Cockpit server manager, caused by an operation going beyond buffer boundaries in memory, allows a attacker to trigger a service failure.
The vulnerability of the Cockpit server administrator arises from an operation that occurs outside the buffer boundaries of memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause a service failure by sending a specially crafted request along with a specially...
InfoSphere Information Server Manager and the istool command may encounter errors after applying JR55455
Problem After applying JR55455, you might find that the istool command does not work correctly and that you cannot login to the Information Server Manager. Details of the fix for JR55455 can be found in the security bulletin http://www-01.ibm.com/support/docview.wss?uid=swg21982420 Symptom The...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Data Server Manager (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Data Server Manager. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...
Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities
Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities history.pushState'', '', '/' ::: default.asp ::: confirm0' / confirm1' / confirm2' / ::: action.asp ::: confirm3' / ::: query.asp ::: input type="hidden" name="query" value="RepQuerya xmlns:a='http://www.w3.org/1999/x...
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting
Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities history.pushState'', '', '/' ::: default.asp ::: confirm0' / input type="hidden" name="SessionID" va...
Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities
Summary The Allworx phone system enables users to manage voicemails in the Allworx Message Center and customize the personal phone system configurations using My Allworx Manager. Description Allworx server manager interface suffers from multiple reflected XSS vulnerabilities when input passed via...
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting Vulnerability
Allworx Server Manager versions 6x, 6x12, and 48x suffer from multiple cross site scripting vulnerabilities. Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities history.pushState'', '', '/' ::: default.asp ::: input type="hidden" name="Tab" v...
Nitrado Server Manager - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities
HackApp vulnerability scanner discovered that application Nitrado Server Manager published at the 'play' market has multiple vulnerabilities...
Unspecified Vulnerability in Oracle E-Business Suite Oracle Mobile Application Servlet MWA Server Manager Component
Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Mobile Application Servlet MWA Server Manager component, which could be exploited by a remote attacker to submit a special request to...
CVE-2016-0454
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager...
CVE-2016-0454
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager...
CVE-2016-0454
The CVE targets Oracle E-Business Suite (12.1/12.2) via the Oracle Mobile Application Servlet (MWA) Server Manager component. The vulnerability is described as unspecified and allows local users to affect confidentiality through vectors related to MWA Server Manager. The connected CNVD/NVD entrie...
CVE-2016-0454
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager...
Red Hat VDSM Module Security Bypass Vulnerability
Red Hat VDSM Module is a Virtual Desktop Server Manager module from Red Hat, Inc. A security bypass vulnerability exists in Red Hat VDSM Module. An attacker could exploit this vulnerability to bypass security restrictions and conduct further attacks...
ncube server manager 1.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9004/info nCUBE Server Manager has been reported prone to a directory traversal vulnerability. The issue presents itself likely due to a lack of sufficient sanitization performed on URI parameters. A remote attacker may...
FlexNet License Server Manager Stack Overflow In lmgrd
No description provided by source. Luigi Auriemma Application: FlexNet License Server Manager http://www.flexerasoftware.com/products/flexnet-publisher.htm http://www.globes.com/support/fnputilitiesdownload.htm Versions: = 11.9.1 and others earlier this version number was written when I found the...
Voipnow Local File Inclusion
/ + Application : Voipnow | Version , Perior to 2.4 | Download : http://4psa.com/ | By Faris , AKA i-Hmx | [email protected] + sec4ever.com , 1337s.cc / VoipNow is commercial web GUI voip server manager, it's affected by local file inclusion vuln File :...
Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339]
Overview =============== Cerberus FTP Server http://www.cerberusftp.com/ is a secure and reliable FTP server with many features and available functionality. It was discovered that the Web Administration interface has multiple persistent Cross Site Scripting XSS vulnerabilities. In the log viewer...