OpenDaylight odl-mdsal-xsql component resource management error vulnerability (CNVD-2017-16999)

OpenDaylight, a project of the Linux Foundation, is a community-driven, open-source software-defined networking framework that includes a collection of modules to perform networking tasks that need to be done quickly.OpenDaylight odl-mdsal-xsql is one of the XML-based query components used to...

[SECURITY] Fedora 26 Update: openvas-manager-7.0.2-1.fc26

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

XXE VIA DOCTYPE in PeopleSoft

Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor: Oracle Bugs: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Nadya Krivdyuk ERPScan VULNERABILITY INFORMATION Class:...

[SECURITY] Fedora 23 Update: openvas-manager-6.0.9-1.fc23

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 22 Update: openvas-manager-6.0.8-2.fc22

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 23 Update: openvas-manager-6.0.8-2.fc23

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution (PoC)

Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution PoC Autonics DAQMaster 1.7.3 DQP Parsing Buffer Overflow Code Execution Vendor: Autonics Corporation Product web page: https://www.autonics.com Affected version: 1.7.3 build 2454 1.7.0 build 2333 1.5.0 build 2117 Summary:...

[SECURITY] Fedora 22 Update: openvas-manager-6.0.3-4.fc22

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 21 Update: openvas-manager-6.0.3-3.fc21

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

WS-Attacker - Modular Framework for Web Services Penetration Testing

XML-based SOAP Web Services are a widely used technology, which allows the users to execute remote operations and transport arbitrary data. It is currently adapted in Service Oriented Architectures, cloud interfaces, management of federated identities, eGovernment, or millitary services. The wide...

[SECURITY] Fedora 21 Update: openvas-manager-5.0.7-1.fc21

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

bytes interactive web shopper 1.0/2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1776/info Bytes Interactive Web Shopper is a XML based shopping cart application. The newpage variable does not properly check for insecure relative paths such as the double dot ... The following URL request:...

Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow

This module exploits a vulnerability found in Lattice Semiconductor PAC-Designer 6.21. As a .pac file, when supplying a long string of data to the 'value' field under the 'SymbolicSchematicData' tag, it is possible to cause a memory corruption on the stack, which results in arbitrary code executi...

Lattice Semiconductor PAC-Designer 6.21 - .PAC Local Overflow

Lattice Semiconductor PAC-Designer 6.21 - .PAC Local Overflow !/usr/bin/python -w ------------------------------------------------------------------------------------ Exploit: Lattice Semiconductor PAC-Designer 6.21 possibly all versions CVE: CVE-2012-2915 Author: b33f Ruben Boonen -...

GetSimple CMS v3.1 - Multiple Web Vulnerabilities

Document Title: =============== GetSimple CMS v3.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=521 Release Date: ============= 2012-05-03 Vulnerability Laboratory ID VL-ID: ==================================== 521 Commo...

Gentoo Security Advisory GLSA 201110-17 (avahi)

The remote host is missing updates announced in advisory GLSA 201110-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Exploit Pack - An open source security framework

Exploit Pack - An open source security framework Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant searc...

Debian DSA-2267-1 : perl - restriction bypass

It was discovered that Perl's Safe module - a module to compile and execute code in restricted compartments - could be bypassed. Please note that this update is known to break Petal, an XML-based templating engine shipped with Debian 6.0/Squeeze in the package libpetal-perl, see bug 582805 for...

ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability

ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-061 February 7, 2011 -- CVE ID: CVE-2011-0647 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC Replication Manager ...

(0Day) EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The Replication Manager client installs a service binds the irccd.exe process to TCP port 6542. Thi...