3083 matches found
CVE-2018-2929
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2018-2907
Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion subcomponent: Security Models. The supported version that is affected is 11.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Financial Reporting...
HTTP+TLS and IPV6-Enablement Both in the Majority for World Cup Streaming
The underlying protocols of the Internet continue to evolve, and massive events such as the World Cup are a great opportunity to see this in action...
CVE-2018-0383
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...
PT-2018-8802 · Cisco · Cisco Firesight System
Name of the Vulnerable Software and Affected Versions: Cisco FireSIGHT System Software affected versions not specified Description: A vulnerability exists in the detection engine of the software, allowing an unauthenticated, remote attacker to bypass a file policy configured to block file transfe...
CVE-2016-9499
Accellion FTP server prior to version FTA912220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them...
Junos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a...
CVE-2018-0025
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a...
ALPINE-CVE-2018-0500
Curlsmtpescapeeob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings i.e., use of a nonstandard --limit-rate argument or CURLOPTBUFFERSIZE...
CVE-2018-8206
A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol FTP connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...
SEL AcSELerator Architect Denial of Service Vulnerability
SEL AcSELerator Architect is a Schweitzer Engineering Laboratories SEL system for communicating with, configuring, and managing substations. A denial of service vulnerability exists in SEL AcSELerator Architect 2.2.24.0 and prior versions, which can be exploited by an attacker to cause a denial o...
Microsoft Windows Multiple Vulnerabilities (KB4338818)
This host is missing a critical security update according to Microsoft KB4338818 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4338815)
This host is missing a critical security update according to Microsoft KB4338815 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KB4338826: Windows 10 Version 1703 July 2018 Security Update
The remote Windows host is missing security update 4338826. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A remote code execution...
KB4338814: Windows 10 Version 1607 and Windows Server 2016 July 2018 Security Update
The remote Windows host is missing security update 4338814. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A remote code execution...
KB4338824: Windows 8.1 and Windows Server 2012 R2 July 2018 Security Update
The remote Windows host is missing security update 4338824 or cumulative update 4338815. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A...
CVE-2018-7779
In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access...
CVE-2018-13000
An XSS issue was discovered in Advanced Electron Forum AEF v1.0.9. A persistent XSS vulnerability is located in the FTP Link element of the Private Message module. The editor of the private message module allows inserting links without sanitizing the content. This allows remote attackers to injec...
Multiple Cisco Products FXOS and UCS Fabric Interconnect Software Input Validation Vulnerabilities
Cisco Firepower 4100 Series Next-Generation Firewall and so on are the products of the American Cisco Cisco company.Cisco Firepower 4100 Series Next-Generation Firewall is a firewall product.UCS 6200 Cisco Firepower 4100 Series Next-Generation Firewall is a firewall product. UCS 6200 Series Fabri...
Eclipse Jetty Elevation of Privilege Vulnerability
Jetty is a pure Java-based web server and Java Servlet container . An elevation of privilege vulnerability exists in Eclipse Jetty versions 9.4.0 through 9.4.8. An attacker can use this vulnerability to access/hijack other HttpSessions and delete mismatched HttpSessions...