CVE-2020-5143

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...

CVE-2020-5134

A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0...

IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP Request Smuggling (533835)

The version of IBM HTTP Server running on the remote host is affected by an HTTP request smuggling vulnerability related to Apache HTTP Server. The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers t...

IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.7 Information Disclosure (304539)

The version of IBM HTTP Server running on the remote host is affected by an information disclosure vulnerability. When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in...

Buffer overflow

A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service DoS in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...

CVE-2020-5135

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service DoS and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 versio...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2016 CPU (CVE-2016-3426, CVE-2016-3427) shipped with Tivoli Netcool Performance Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the Oracle April 2016 Critical Patch Update, plus four additional vulnerabilities. These may affect some configurations of IBM...

Security Bulletin: Potential security vulnerability with IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2016-0360)

Summary IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Potential security...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2016-0306)

Summary IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Potential security...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2016 CPU (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as "SLOTH". These may affect...

Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server January 2014 CPU

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server Vulnerability Details The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released January 2014 critical...

Design/Logic Flaw

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation...

Design/Logic Flaw

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm...

BlazeDVD Pro Player 7.0 - .plf Local Buffer Overflow (SEH)

BlazeDVD Pro Player 7.0 - .plf Local Buffer Overflow SEH BlazeDVD Pro v7.0 - .plf Buffer Overflow SEH Date: 19.08.2014 Exploit Author: metacom Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested on: Win 7 EN, W...

BlazeDVD Pro Player 7.0 - &#039;.plf&#039; Local Buffer Overflow (SEH)

BlazeDVD Pro v7.0 - .plf Buffer Overflow SEH Date: 19.08.2014 Exploit Author: metacom Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested on: Win 7 EN, Win 8.1 !/usr/bin/python from struct import pack buffer=...

BlazeDVD Pro v7.0 - (.plf) Buffer Overflow (SEH) Exploit

BlazeDVD Pro version 7.0 SEH buffer overflow exploit written in python. BlazeDVD Pro v7.0 - .plf Buffer Overflow SEH Date: 19.08.2014 Exploit Author: metacom Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested...

IBM Rational ClearQuest Web Login Bypass SQL Injection Vulnerability

No description provided by source. +==============================================================+ + IBM Rational ClearQuest Web Login Bypass SQL Injection + +==============================================================+ DISCOVERED BY: ============== SecureState sasquatch -...

IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection

+==============================================================+ + IBM Rational ClearQuest Web Login Bypass SQL Injection + +==============================================================+ DISCOVERED BY: ============== SecureState sasquatch - [email protected] rel1k - [email protected]...