Lucene search
K

211 matches found

NVD
NVD
added 2018/11/20 7:29 p.m.29 views

CVE-2018-18864

Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...

9.6CVSS9.1AI score0.0257EPSS
Exploits2References2
OSV
OSV
added 2018/11/20 7:29 p.m.7 views

CVE-2018-18864

Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...

9.6CVSS5.8AI score0.0257EPSS
Exploits2References2
Prion
Prion
added 2018/11/20 7:29 p.m.15 views

Design/Logic Flaw

Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...

9.3CVSS8.8AI score0.0257EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2018/11/20 7:0 p.m.35 views

CVE-2018-18864

Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...

9.1AI score0.0257EPSS
Exploits2References2
CVE
CVE
added 2018/11/20 7:0 p.m.39 views

CVE-2018-18864

Loadbalancer.org Enterprise VA MAX before 8.3.3 is affected by an Unauthenticated Stored XSS in the Apache logs. The PacktStorm entry details two vulnerability paths: (1) input from Basic Auth username stored in the Apache Error Log (HTTPS only), and (2) injected JavaScript via URLs (/?) stored i...

9.6CVSS8.8AI score0.0257EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Storm
added 2018/11/02 12:0 a.m.182 views

Loadbalancer.org Enterprise VA MAX Cross Site Scripting

Title: Loadbalancer.org Enterprise VA MAX - Unauthenticated Stored XSS Author: Jakub Palaczynski Date: 24. July 2018 CVE: CVE-2018-18864 Affected product: ============= Loadbalancer.org Enterprise VA MAX before 8.3.3 Impact: ====== Remote Code Execution with root privileges. Vulnerability -...

0.0257EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:22 p.m.55 views

Security Bulletin: GNU C library (glibc) vulnerability is fixed in IBM Security Access Manager for Enterprise Single Sign-On Virtual Appliance (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM Security Access Manager for Enterprise Single Sign-On Virtual Appliance ISAM ESSO VA Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION: glibc is vulnerable to a heap-based buffer overflow, caused by...

10CVSS1AI score0.94859EPSS
Exploits29Affected Software1
Packet Storm
Packet Storm
added 2018/05/03 12:0 a.m.81 views

Flexense DiskBoss 9.1.16 Cross Site Scripting

Description: URL: l ocalhost/ Affected Component: /?n0ipr0csalert'XSS'n0ipr0cs=1 Vulnerability Type: Cross Site Scripting https://cwe.mitre.org/data/definitions/79.html Vendor of Product: Flexense-DiskBoss Version: v7.4.28 to v9.1.16 Attack Type: Remote Impact: This attack allows an attacker code...

6.4AI score0.00705EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/05/02 12:0 a.m.53 views

Flexense DiskPulse 10.7 Cross Site Scripting

Description: URL: localhost/ Affected Component: /?n0ipr0csalert'XSS'n0ipr0cs=1 Vulnerability Type: Cross Site Scripting https://cwe.mitre.org/data/definitions/79.html Vendor of Product: Flexense DiskPulse Version: from v10.4 to v10.7. Attack Type: Remote Impact: This attack allows an attacker co...

6.4AI score0.00705EPSS
Exploits1
Virtuozzo
Virtuozzo
added 2018/04/28 12:0 a.m.69 views

Kernel update: new kernel 3.10.0-693.21.1.vz7.46.7, Virtuozzo 7.0 Update 7 Hotfix 2 (7.0.7-453)

The Hotfix 2 for Virtuozzo 7.0 Update 7 provides a new kernel 3.10.0-693.21.1.vz7.46.7 that introduces stability and usability bug fixes. In addition, this kernel was recompiled by the updated gcc with retpolines support. Retpolines are a technique used by the kernel to reduce overhead of...

5.6CVSS6.5AI score0.74041EPSS
Exploits9
Virtuozzo
Virtuozzo
added 2018/04/02 12:0 a.m.15 views

Product update: Virtuozzo Automator 7.0 Update 2 Hotfix 5 (VA MN: 7.0.2-597, VA Agent: 7.0.2-320)

This hotfix for Virtuozzo Automator 7.0.2 provides a new feature as well as stability and usability bug fixes. Vulnerability id: PVA-35645 Systemd reported the 'va-agent/va-mn' service as started before it had been initialized. Vulnerability id: PVA-37260 Scheduled backup of a large VM could fail...

0.9AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/03/16 12:25 p.m.47 views

My short review of “IDC Worldwide Security and Vulnerability Management Market Shares 2016”

On February 12 IDC published new report about Security and Vulnerability Management market. You can buy it on the official website for $4500. Or you can simply download free extract on Qualys website Thanks, Qualys!. I've read it and now I want to share my impressions. I think it's better start...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/17 4:3 p.m.9 views

pittsburgh.va.gov XSS vulnerability

Vulnerable URL: https://www.pittsburgh.va.gov/Video//player.swf?tracecall=alert%22OPENBUGBOUNTY%22 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP websi...

6.3AI score
Exploits0
Fedora
Fedora
added 2017/05/14 8:26 p.m.33 views

[SECURITY] Fedora 26 Update: gstreamer1-vaapi-1.12.0-1.fc26

A collection of GStreamer plugins to let you make use of VA API video acceleration from GStreamer applications. Includes elements for video decoding, display, encoding and post-processing using VA API subject to hardware limitations...

7.5CVSS1.8AI score0.04426EPSS
Exploits0
Exploit DB
Exploit DB
added 2017/05/08 12:0 a.m.38 views

Linux/x86 - Disable ASLR Shellcode (80 bytes)

Linux/x86 - Disable ASLR Shellcode 80 bytes. Shellcode exploit for Linx86 platform / Linux/x86 setuid-disable-aslr.c by @abatchy17 - abatchy.com Shellcode size: 80 bytes SLAE-885 section .text global start start: ; ; setruid0,0 ; xor ecx,ecx mov ebx,ecx push 0x46 pop eax int 0x80 ; ;...

0.1AI score
Exploits0
Virtuozzo
Virtuozzo
added 2017/03/06 12:0 a.m.18 views

Product security update: Virtuozzo Automator 6.1 Update 2 Hotfix 3

The new packages for Virtuozzo Automator 6.1 introducing a new feature, a security fix, and usability bug fixes for VA Agent for Linux. Vulnerability id: PVA-27270 In cases when multiple containers were processed in a single task by external tools like 'vzabackup', Power Panel of any container...

3.1AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2016/07/10 4:8 p.m.46 views

Security update for Mozilla Thunderbird (important)

This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed: - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...

10CVSS1.2AI score0.30946EPSS
Exploits9References8
Openbugbounty
Openbugbounty
added 2016/07/03 4:37 p.m.11 views

shirvan-va-chardavol.locopoc.com XSS vulnerability

Vulnerable URL: http://shirvan-va-chardavol.locopoc.com/q-dd524-'-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 21106 VIP website status:| Yes Check...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/02/03 12:0 a.m.47 views

openSUSE Security Update : Chromium (openSUSE-2016-109)

Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...

9.3CVSS6.9AI score0.01662EPSS
Exploits1References18
OPENSUSE Linux
OPENSUSE Linux
added 2016/01/27 10:11 p.m.39 views

Security update for Chromium (important)

Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...

9.3CVSS0.7AI score0.01662EPSS
Exploits1References9
Rows per page
Query Builder