38 matches found
EUVD-2009-2895
Malware in sbrugna...
EUVD-2011-0547
Malware in sbrugna...
EUVD-2010-1482
Malware in sbrugna...
EUVD-2019-2974
Malware in sbrugna...
CVE-2009-2907
Multiple cross-site scripting XSS vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite AMS before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers t...
CVE-2019-11288
In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker...
CVE-2019-11288
In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker...
Design/Logic Flaw
In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker...
CVE-2019-11288
CVE-2019-11288 affects Pivotal tc Server and Pivotal tc Runtime components. The issue occurs when a tc Runtime has the JMX Socket Listener enabled, allowing a local attacker to manipulate the RMI registry and perform a man-in-the-middle attack to capture usernames and passwords used to access the...
USN-2696-1 OpenJDK 7 Vulnerabilities | Cloud Foundry
USN-2696-1 OpenJDK 7 Vulnerabilities Medium Vendor Canonical Ubuntu Versions Affected openjdk-7 – Open Source Java implementation Description Several security issues were fixed in OpenJDK 7. Affected Products and Versions Severity is medium unless otherwise noted. Ruby buildpack versions 1.6.1 an...
CVE-2014-3566 SSLV3 POODLE | Cloud Foundry
CVE-2014-3566 SSLV3 POODLE Moderate Vendor The SSL protocol 3.0, as used in OpenSSL through 1.0.1i Versions Affected SSLv3 Description SSL 3.0 RFC6101 is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 RFC2246, TLS 1.1 RFC4346 an...
VMware ESXi product updates to third party libraries (VMSA-2014-0008)
VMware has updated vSphere third party libraries. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware Security Updates for vCenter Server (VMSA-2014-0008)
VMware has updated vSphere third party libraries. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:vcenterserver";...
VMSA-2014-0008 : VMware vSphere product updates to third-party libraries
a. vCenter Server Apache Struts Update The Apache Struts library is updated to address a security issue. This issue may lead to remote code execution after authentication. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the identifier CVE-2014-0114 to this issue. b...
Multiple SpringSource Products Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38913/info Multiple SpringSource Products are prone to multiple HTML-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...
VMware vFabric tc Server JMX Authentication Security Bypass Vulnerability
The host is running VMware vFabric tc Server and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodvmwarevfabrictcserversecuritybypassvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ VMware vFabric tc Server JMX Authentication Security Bypass Vulnerability Authors: Soor...
VMware vFabric tc Server 2.x JMX Authentication Security Bypass Vulnerability
VMware vFabric tc Server is prone to a security bypass vulnerability. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
VMware vFabric tc Server weak encryption
Server accepts cleartext password even if it's not allowed for user...
CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass
Severity: Important Versions Affected: 2.0.0.RELEASE to 2.0.5.SR01 2.1.0.RELEASE to 2.1.1.SR01 Description: tc Server allows users to store the passwords used for JMX authentication in an obfuscated form for organizations where storing passwords in plain text is not permitted. The JMX...
CVE-2011-0527
VMware vFabric tc Server aka SpringSource tc Server 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords...