173 matches found
CVE-2019-19708
The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute...
CVE-2014-4156
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability...
Design/Logic Flaw
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability...
CVE-2014-4156
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability...
CVE-2014-4156
Proxmox VE prior to 3.2 has a User Enumeration vulnerability in AccessControl.pm . The issue is described across sources (NVD, RH, CVE registries) as a vulnerability affecting Proxmox VE before version 3.2, named “AccessControl.pm User Enumeration Vulnerability.” Public references note a moderate...
F5 Networks BIG-IP : TMM vulnerability (K92002212)
Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE when using virtio direct descriptors and packets 2 KB or larger. CVE-2019-6676 Impact Some virtio backend implementations send large packets 2 KB or larger even when Large Offload Receive LRO is disabled. If the backend...
CVE-2019-6676
CVE-2019-6676 affects BIG-IP VE TMM: when using virtio direct descriptors with 2 KB or larger packets, TMM may restart and create a core file. Affected versions are BIG-IP VE: 15.0.0–15.0.1, 14.0.0–14.1.2, and 13.1.0–13.1.3.1. The advisory lists fixes in: 15.1.0, 14.1.2.3, and 13.1.3.2. Mitigatio...
Cross site scripting
The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute...
Product update: Virtuozzo Automator 7.0 Update 2 Hotfix 8 (VA MN: 7.0.2-623, VA Agent: 7.0.2-341)
The hotfix for Virtuozzo Automator 7.0.2 provides stability fixes. Vulnerability id: PVA-37429 Need to return userbeancounters stats to VA agent. Vulnerability id: PVA-37434 Unable to reboot VE while changing its RAM/CPU live. Vulnerability id: PVA-37359, PVA-37415, PVA-37438 Other fixes...
Security Bulletin: GNU C library (glibc) vulnerability affects IBM SDN-VE Unified Controller and IBM SDN-VE Service Appliance (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM SDN VE Unified Controller and IBM SDN VE Service Appliance. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. B...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM SDN-VE (CVE-2014-3570, CVE- 2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206)
Summary Security vulnerablities have been discovered in OpenSSL Vulnerability Details CVEID:CVE-2014-3570 DESCRIPTION: An unspecified error in OpenSSL related to the production of incorrect results on some platforms by Bignum squaring BNsqr has an unknown attack vector and impact. CVSS Base Score...
Security Bulletin: Vulnerabilities in Apache Tomcat affect IBM SDN VE (CVE- 2011-4905, CVE-2013-0248,CVE-2014-0050,CVE-2014-3577,CVE-2014-0054,CVE- 2013-7315,CVE-2013-6429,CVE-2014-0119,CVE-2014-0099,CVE-2014-1904)
Summary Security vulnerabilities have been discovered in Apache Tomcat. Vulnerability Details CVEID: CVE-2011-4905 DESCRIPTION: Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM SDN VE (CVE-2014- 3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3509, CVE-2014-3510, CVE-2014- 3511)
Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVEID: CVE-2014-3511 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by the negotiation of TLS 1.0 instead of higher protocol versions by the OpenSSL SSL/TLS server...
Security Bulletin: Vulnerabilities in Bash affect IBM SDN VE (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM SDN VE. Vulnerability Details CVE-ID: CVE-2014-6271 DESCRIPTION: G...
Security Bulletin: IBM SDN for Virtual Environments is affected by a vulnerability in OpenSSL (CVE-2014-0224)
Summary A security vulnerability has been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle...
Security Bulletin: IBM SDN for Virtual Environments is affected by a vulnerability in OpenSSL (CVE-2014-0160)
Summary A security vulnerability has been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability...
catalogo.mp.gob.ve XSS vulnerability
Vulnerable URL: http://catalogo.mp.gob.ve/min-publico/doctrina/php/buscar.php?base=doctri=doctri.par==w=detalle=!IINDEMNIZACION"'--!...
Override Access Vulnerability in Flying Fishstar VE Series Routers
Flyingfish Star VE series router 1021 firmware is a router product developed by Chengdu Flyingfish Star Technology Development Co. An unauthorized access vulnerability exists in the Flying Fish Star VE Series Router 1021 firmware. An attacker could use this vulnerability to remotely change the...
CVE-2017-4986
EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system...
CVE-2017-4986
CVE-2017-4986 affects EMC ESRS VE 3.18 and earlier. The connected CNVD entry for EMC ESRS VE Information Disclosure describes a vulnerability in ESRS VE versions up to 3.18 where an attacker could compromise the affected system through an authentication bypass. The base CVE description from NVD s...