KLA10755 Multiple vulnerabilities in Microsoft Edge

Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code or bypass security features. Below is a complete list of vulnerabilities 1. An improper HTTP responses parsing can be exploited...

The vulnerabilities of the microprogramming software in the access control system for the virtual environment NetScaler Gateway and the NetScaler Application Delivery Controller allow a perpetrator to enhance their privileges.

The multiple vulnerabilities of the microprogramming software for access control systems in the NetScaler Gateway and the NetScaler Application Delivery Controller are related to code errors. Exploiting these vulnerabilities could allow a malicious actor to enhance their privileges by manipulatin...

Cisco Small Business 500 Device Web GUI Denial of Service Vulnerability

The Cisco Small Business 500 Device is a 500 series stackable managed switch product from Cisco. A security vulnerability in the Web GUI of the Cisco Small Business 500 Device allows a remote attacker to perform a denial of service by sending a specially crafted HTTP request...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Customer Interaction History User GUI Component (CNVD-2016-00615)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Customer Interaction History User GUI component of Oracle E-Business Suite, which allows remote attackers to exploit the vulnerability by submitting special...

Oracle Supply Chain Configurator UI Servlet Component Data Access Vulnerability (CNVD-2016-00561)

Oracle Supply Chain Products Suite is a suite of supply chain solutions that provides value chain planning, value chain execution, and product lifecycle management. An unspecified vulnerability exists in the Oracle Supply Chain Configurator UI Servlet component, which allows remote attackers to...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Customer Interaction History User GUI Component (CNVD-2016-00617)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Customer Interaction History User GUI component of Oracle E-Business Suite, which allows remote attackers to exploit the vulnerability by submitting special...

KLA10736 Spoofing vulnerability in Microsoft Exchange Server

Improper web requests handling was found in Microsoft Exchange Server at Outlook Web Access. By exploiting this vulnerability malicious users can spoof user interface. This vulnerability can be exploited remotely via a specially designed email with malicious link. Original advisories CVE-2016-003...

IBM TSM for Virtual Environments 6.3.x < 6.3.2.5 / 6.4.x < 6.4.3.1 / 7.1.x < 7.1.4.0 RCE

The version of IBM Tivoli Storage Manager TSM for Virtual Environments installed on the remote host is 6.3.x prior to 6.3.2.5, 6.4.x prior to 6.4.3.1, or 7.1.x prior to 7.1.4.0. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the user interface that allows...

[SECURITY] Fedora 21 Update: ProDy-1.7.1-1.fc21

ProDy is a free and open-source Python package for protein structure, dynam ics, and sequence analysis. It allows for comparative analysis and modeling of protein structural dynamics and sequence co-evolution. Fast and flexible P roDy API is for interactive usage as well as application developmen...

[SECURITY] Fedora 22 Update: ProDy-1.7.1-1.fc22

ProDy is a free and open-source Python package for protein structure, dynam ics, and sequence analysis. It allows for comparative analysis and modeling of protein structural dynamics and sequence co-evolution. Fast and flexible P roDy API is for interactive usage as well as application developmen...

KLA10696 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via...

Tor Messenger

Tor Project launched its first beta version of Tor Messenger – its long-in-the-works, open source instant messenger client based on Instantbird. The Messenger is designed for both simplicity and privacy by default: It integrates the “Off-the-Record” OTR protocol to encrypt messages and routes the...

Cisco FireSIGHT Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco FireSIGHT Management Center MC could allow an authenticated, remote attacker to execute a stored cross-site scripting XSS attack against the user of the web interface. The vulnerability is due to improper sanitization of parameter values. An attacker...

LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability

Document Title: =============== LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1585 Release Date: ============= 2015-08-26 Vulnerability Laboratory ID VL-ID: ==================================== 15...

xpshop网店系统sql注入(官网demo演示)

简要描述： 详细说明： 漏洞位置：xpshop.webui.MyRefund protected void PageLoadobject sender, EventArgs e if base.CurrentUser == null string str = "Login.aspx?ReturnUrl=/" + WebUIBase.ShopFolder + "MyRefund.aspx"; base.Response.Redirect"/" + WebUIBase.ShopFolder + str; else if base.CurrentUser.Name == "anonymous"...

KLA10675 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...

APPLE-SA-2015-09-30-2 Safari 9

APPLE-SA-2015-09-30-2 Safari 9 Safari 9 is now available and addresses the following: Safari Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11 Impact: Visiting a malicious website may lead to user interface spoofing Description: Multiple user interface...

NeoKylin: China's Linux OS that Seriously Looks Like Windows XP

Do You Know: China has planned to eliminate all foreign Technologies and Services by 2020, just like Google and Facebook. And it seems China in some years would be an entirely independent IT economy; building homegrown Mobile and computer devices, Operating Systems, Applications, Browsers and...

Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: Information Exposure via SNMP on Thomson CableHome Gateway MODEL: DWG849 Cable Modem Gateway Google Dork: n/a Date: 09/18/2015 Exploit Author: Matt Dunlap Vendor Homepage:...

Apple iOS Safari User Interface Forgery Vulnerability (CNVD-2015-06199)

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in Apple iOS Safari, which allows attackers to exploit a vulnerability to build malicious web pages that can be tricked into parsing, which can spoof the user interface...