24 matches found
CVE-2017-20204
DBLTek GoIP devices models GoIP 1, 4, 8, 16, and 32 contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme which is fundamentally flawed. Because the challenge response ca...
CVE-2017-20204
DBLTek GoIP devices models GoIP 1, 4, 8, 16, and 32 contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme which is fundamentally flawed. Because the challenge response ca...
CVE-2017-20204
CVE-2017-20204 affects DBLTek GoIP voice gateway devices (GoIP 1, 4, 8, 16, 32). The Telnet admin interface contains an undocumented vendor backdoor that enables remote authentication as an undocumented user via a flawed challenge–response scheme. Because the challenge can be derived from itself,...
PT-2025-42215
DBLTek GoIP devices models GoIP 1, 4, 8, 16, and 32 contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme which is fundamentally flawed. Because the challenge response ca...
June 4, 2024, update for Skype for Business 2016 (KB5002567)
June 4, 2024, update for Skype for Business 2016 KB5002567 This article describes update 5002567 for Microsoft Skype for Business 2016 that was released on June 4, 2024. The version number of this update is 16.0.5452.1000.Before you install this update, see the prerequisites. Improvements and fix...
CVE-2016-4644
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials...
CVE-2016-4644
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials...
Authentication flaw
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials...
CVE-2016-4644
In CVE-2016-4644, Apple iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6/ Security Update 2016-004 have a downgrade issue where HTTP authentication credentials saved in Keychain could be compromised. The underlying problem was mitigated by storing the authentication types ...
Command injection vulnerability in WFS-SR01
Overview WFS-SR01 provided by I-O DATA DEVICE, INC. is a portable storage device which provides wireless LAN router function. WFS-SR01 contains command injection vulnerability in "Pocket Router Function". I-O DATA DEVICE, INC. reported this vulnerability to JPCERT/CC to notify users of its soluti...
Mac OS X 10.9.5 and 10.10.5 Multiple Vulnerabilities (Security Update 2016-004)
The remote host is running a version of Mac OS X that is 10.9.5 or 10.10.5 and is missing Security Update 2016-004. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp affects 10.10.5 only - CoreGraphics - ImageIO - libxml2 - libxslt Note that...
About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004
About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 This document describes the security content of OS X El Capitan v10.11.6 and Security Update 2016-004. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm securi...
Security update 2016-04-12
...
Mac OS X Libxslt Function Type Confusion RCE (Security Update 2016-001)
The remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2016-001. It is, therefore, affected by a remote code execution vulnerability due to a type confusion flaw in the bundled libxslt component that is triggered when handling invalid values. A remote...
Update for Microsoft Office 2016 (KB4011666) 32-Bit Edition
Update for Microsoft Office 2016 KB4011666 32-Bit Edition...
Update for Skype for Business 2016 (KB4486710) 32-Bit Edition
Update for Skype for Business 2016 KB4486710 32-Bit Edition...
Update for Microsoft Office 2016 (KB4486746) 64-Bit Edition
Update for Microsoft Office 2016 KB4486746 64-Bit Edition...
Update for Microsoft Office 2016 (KB5002243) 64-Bit Edition
Update for Microsoft Office 2016 KB5002243 64-Bit Edition...
Update for Microsoft Office 2016 (KB5002452) 64-Bit Edition
Update for Microsoft Office 2016 KB5002452 64-Bit Edition...
Update for Microsoft Office 2016 (KB5002243) 32-Bit Edition
Update for Microsoft Office 2016 KB5002243 32-Bit Edition...