EUVD-2017-15222

Malware in sbrugna...

CVE-2024-31964

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication control. A successful...

CVE-2022-28866

Multiple Improper Access Control was discovered in Nokia AirFrame BMC Web GUI R18 Firmware v4.13.00. It does not properly validate requests for access to or editing of data and functionality in all endpoints under /settings/ and /api/settings/. By not verifying the permissions for access to...

CVE-2025-1731

An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting...

Mitel 6800 SIP 和 6900 SIP 安全漏洞

Mitel 6800 SIP and Mitel 6900 SIP are both products of Mitel Canada.Mitel 6800 SIP is a 6800 SIP series IP phone.Mitel 6900 SIP is a 6900 SIP series IP phone. A security vulnerability exists in the Mitel 6800 SIP and 6900 SIP that stems from insufficient boundary checking, and successful...

CVE-2024-31966

The CVE-2024-31966 issue affects Mitel 6800 Series and 6900 Series SIP Phones (through 6.3 SP3 HF4), Mitel 6900w Series SIP Phone (through 6.3.3), and Mitel 6970 Conference Unit (through 5.1.1 SP8). The root cause is insufficient parameter sanitization, allowing an authenticated attacker with adm...

CVE-2019-6649

CVE-2019-6649 affects F5 BIG-IP (and Enterprise Manager) configurations using non-default ConfigSync settings. Affected versions include BIG-IP 12.1.x, 11.5.x–11.6.x, 13.0.x–13.1.x, 14.0.x, 14.1.x, 15.0.0 and Enterprise Manager 3.1.1. The issue allows exposure of sensitive information and the abi...

CVE-2017-6157

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an...

Command injection

F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature...

XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability

Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...

Sun Java System Identity Manager多个安全漏洞

BUGTRAQ ID: 34191 Sun Java System Identity Manager是一个完整的端到端的保护敏感数据和管理标识配置文件与许可的解决方案。 Sun Java System Identity Manager（IdM）受多个安全漏洞影响，具体如下： 由于没有使用SSL加密某些连接，远程非特权用户可以非授权访问客户端与IdM服务器之间所传输的数据（17763）。 本地或远程非特权用户可以判断是否存在有效的IdM帐号名（18052，18104）。 在IdM服务器上拥有帐号的用户可以更改其他IdM帐号的口令（18578）。...

CVE-2004-2739

The setup routine setup.php in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors...