Xen grant-table feature denial-of-service vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability in the Xen grant-table feature allows an attacker to exploit the vulnerability by submitting a special request to crash the system...

Broadcom BCM43xx Wi-Fi chips arbitrary code execution vulnerability

The Broadcom BCM43xx Wi-Fi chips are a combo chip for use in 5G Wi-Fi. A security vulnerability exists in the Broadcom BCM43xx Wi-Fi chips that allows remote attackers to exploit the vulnerability to submit a special request to execute arbitrary code...

Sierra Wireless GX440 Elevation of Privilege Vulnerability

The Sierra Wireless GX440 is a gateway device from Sierra Wireless Canada. An elevation of privilege vulnerability exists in the Sierra Wireless GX440, which can be exploited by a remote attacker to submit a special request to elevate privileges...

TP-Link C2 and C20i Security Bypass Vulnerability

The TP-Link C2 and C20i are router devices from China P&L. A security bypass vulnerability exists in the TP-Link C2 and C20i, which can be exploited by remote attackers to submit a special request to bypass security restrictions and perform unauthorized operations...

BLF-Tech LLC VisualView HMI Local Code Execution Vulnerability

BLF-Tech LLC VisualView HMI is a human-machine interface interaction program from BLF-Tech LLC. BLF-Tech LLC VisualView HMI has a security vulnerability that allows a local attacker to exploit the vulnerability special request to execute arbitrary code and elevate privileges...

Google gRPC Heap Buffer Overflow Vulnerability

gRPC is an open source RPC framework . A heap buffer overflow vulnerability exists in the gprfree function within Google gRPC core/lib/support/alloc.c, which allows remote attackers to exploit the vulnerability to submit a special request to execute arbitrary code...

GNU Binutils GNU linker (ld) Buffer Overflow Vulnerability

GNU Binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers and other tools for target files and archives. A heap buffer overflow vulnerability exists in GNU Binutils GNU linker ld. A...

Multiple VMware Workstation Product Denial of Service Vulnerabilities

VMware Workstation is a virtual machine software product from VMware. A denial of service vulnerability exists in multiple VMware Workstation products. A remote attacker could exploit the vulnerability to submit a special request that would crash the application...

Microsoft windows graphics component remote code execution vulnerability (CNVD-2017-03687)

Microsoft windows is a popular operating system. A security vulnerability exists in the Microsoft windows graphics component that allows an attacker to exploit the vulnerability by submitting a special request to execute arbitrary code...

Local Elevation of Privilege Vulnerability in Multiple Veritas Products

Veritas NetBackup Appliance is an enterprise-class backup management appliance; NetBackup Server is a set of enterprise-class backup management servers that can run on multiple operating systems. A local elevation of privilege vulnerability exists in multiple Veritas products, which can be...

IBM WebSphere MQ Data Transformation Denial of Service Vulnerability

IBM WebSphere MQ is a messaging middleware product from IBM, USA. IBM WebSphere MQ fails to properly handle data transformations, allowing remote attackers to exploit the vulnerability by submitting a special request that could crash the application...

IBM WebSphere MQ Denial of Service Vulnerability (CNVD-2017-02457)

IBM WebSphere MQ is a messaging middleware product from IBM, USA. A security vulnerability exists in IBM WebSphere MQ version 8.0, which can be exploited by remote attackers to submit a special request and conduct a denial-of-service attack...

IBM WebSphere MQ Denial of Service Vulnerability (CNVD-2017-02480)

IBM WebSphere MQ is the messaging integration middleware product. A denial of service vulnerability exists in IBM WebSphere MQ 8.0, which can be exploited by a remote attacker to submit a special HTTP request for a denial of service attack...

Denial of Service Vulnerability in Multiple F5 BIG-IP Products (CNVD-2017-01192)

F5 BIG-IP is the popular load balancer. An unspecified security vulnerability exists in F5 BIG-IP, where submitting a special request can cause TMM to restart when TCP FAST OPEN is enabled...

SAP TREX RCE

Application: SAP TREX Versions Affected: SAP TREX 7.10 Vendor URL: SAP Bugs: RCE Reported: 23.01.2017 Vendor response: 24.01.2017 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2419592 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Missing Authentication for...

IBM Maximo Asset Management Information Disclosure Vulnerability (CNVD-2016-10463)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution. A security vulnerability exists in IBM Maximo Asset Management, which allows remote attackers to submit a special request to obtain sensitive information...

SAP Adaptive Server Enterprise 16 - Denial of Service

''' Application: SAP Adaptive Server Enterprise Versions Affected: SAP Adaptive Server Enterprise 16 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2330839 Author...

Cisco Unified Intelligence Center Security Mechanism Bypass Vulnerability

Cisco Unified Intelligence Center is the management center for Cisco's Unified Communications system. A security mechanism bypass vulnerability exists in Cisco Unified Intelligence Center that could be exploited by a remote attacker to create user accounts by submitting a special request...

Buffer Overflow Vulnerability in Multiple Huawei USG Products

Huawei USG2100 is a unified security gateway product from Huawei, China. A buffer overflow vulnerability exists in multiple Huawei USG products, allowing remote attackers to exploit the vulnerability by submitting a special request to crash an application...

Drupal Features Module Remote Denial of Service Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A remote denial of service vulnerability exists in the Drupal Features module, which could be exploited by remote attackers to submit a special request for a denial of...