CVE-2017-1530

IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

CVE-2017-1424

IBM Business Process Manager 8.5.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127477...

[SECURITY] Fedora 26 Update: gnome-shell-3.24.3-2.fc26

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

August 30, 2017—KB4039884

August 30, 2017—KB4039884 Improvements and fixes This update addresses an issue where UI elements, including menu bars, are missing from Windows and Java applications running on computers with multiple monitors multimon. The issue affects console and Remote Desktop logons when the main monitor is...

Design/Logic Flaw

An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login...

A Hardware Privacy Monitor for iPhones

Andrew "bunnie" Huang and Edward Snowden have designed a hardware device that attaches to an iPhone and monitors it for malicious surveillance activities, even in instances where the phone's operating system has been compromised. They call it an Introspection Engine, and their use model is a...

PT-2019-7914 · Bittorrent +1 · Qbittorrent +1

Name of the Vulnerable Software and Affected Versions: qBittorrent version 3.3.15 Description: The issue concerns the UI Lock feature, which can be bypassed by tampering with the config file. An attacker can gain unauthorized access to qBittorrent functions by modifying the locked attribute withi...

IBM Content Navigator Cross-Site Scripting Vulnerability (CNVD-2017-32481)

IBM Content Navigator is a Web client from IBM USA that supports searching and processing documents stored in content servers around the world from a Web browser. A cross-site scripting vulnerability exists in IBM Content Navigator. A remote attacker can exploit this vulnerability to inject...

IWEBSOUL CMS 1.0 SQL Injection Vulnerability

IWEBSOUL CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Title: ======= IWEBSOUL CMS - Multiple SQL Injection Vulnerabilities & Authentication Bypass Introduction: ============== Intrepid Websoul Private Limited - iWebsoul is a rapidly...

CVE-2017-6793

A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit th...

CVE-2017-6793

A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit th...

CVE-2017-12216

CVE-2017-12216 affects Cisco SocialMiner’s web UI. The issue is an XML External Entity (XXE) injection due to improper handling of XXE entries when parsing XML, enabling an unauthenticated, remote attacker to read/write files and potentially execute code within the application via a crafted XML f...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2017-31591)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects an organization internally and externally, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability exists in...

IWEBSOUL CMS 1.0 SQL Injection

Title: ======= IWEBSOUL CMS - Multiple SQL Injection Vulnerabilities & Authentication Bypass Introduction: ============== Intrepid Websoul Private Limited - iWebsoul is a rapidly growing IT Solution provider in India. Team comprehensively works to create a unique business and industry based...

SDX -Memory Showing Less Than Expected on GUI

Memory is showing as 32 GB instead of the expected 48 GB on SVM GUI...

Cisco Prime Collaboration Provisioning Tool Inventory Management Feature Information Disclosure Vulnerability

A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit th...

CVE-2017-1457

IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128376...

NMapGUI - Advanced Graphical User Interface for NMap

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. If you have any questions about NMapGUI usage or want to get in contact with me, please visit: Twitt...

WSSiP - Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa

Short for "WebSocket/Socket.io Proxy", this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server. Upstream proxy support also means you can forward HTTP/HTTPS traffic to an...

The vulnerability of the Android operating system’s user interface from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android operating system’s user interface from the CAF repository is related to errors in pointer arithmetic. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...