PT-2019-18195 · F5 · F5 Big-Ip

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 13.0.0 through 13.1.1.4 F5 BIG-IP versions 12.1.0 through 12.1.4 F5 BIG-IP versions 11.6.1 through 11.6.3.4 F5 BIG-IP versions 11.5.2 through 11.5.8 Description: The issue allows sensitive configuration objects to be expose...

Citrix Product Customer Success Services Eligibility Dates

This article lists Customer Success ServicesEligibility dates for Citrix products formerly known asSubscription Advantage Citrix Product Customer Success Services When you purchase a new Citrix product, your purchase includes a one-year membership in the Customer Success Servicesprogram,...

ruby: OpenSSL::X509:: Name equality check does not work correctly

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

[SECURITY] Fedora 27 Update: nikto-2.1.6-1.fc27

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be...

CVE-2017-2699

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and trick users into...

CVE-2016-2958

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading an "archaic" e-mail address in a response...

CVE-2016-5730

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...

DEBIAN-CVE-2016-2043

Cross-site scripting XSS vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weak...

tomcat: large number of parameters DoS

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service CPU consumption via a request that contains many parameters and parameter values, a different vulnerability...

PT-2010-4309 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 7.2 before 7.25 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.0 before 8.05.15 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.1...

DEBIAN-CVE-2009-1888

The aclgroupoverride function in smbd/posixacls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory...

COWON America jetCast 2.0.4.1109 (.mp3) Local Overflow Exploit

Exploit for unknown platform in category local exploits ============================================================== COWON America jetCast 2.0.4.1109 .mp3 Local Overflow Exploit ============================================================== ?php / COWON America jetCast 2.0.4.1109 .mp3 local hea...

MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Expl (meta)

Exploit for unknown platform in category remote exploits =================================================================== MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Exploit meta =================================================================== This file is part of the Metasploit...