605 matches found
IBM Tealeaf Customer Experience Hardcoded Certificate Vulnerability
IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...
CVE-2016-2983
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999...
Mobotap Dolphin Browser for Android URI Scheme Resolution Vulnerability
Mobotap Dolphin Browser for Android is a web browser for the Android platform from MoboTap. A security vulnerability exists in version 12.0.2 of Dolphin Browser for Android. The vulnerability can be exploited to call private activities in Dolphin Browser via malicious URIs...
CVE-2017-0852
A denial of service vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506...
CVE-2017-0840
An information disclosure vulnerability in the Android media framework libstagefright. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62948670...
CVE-2017-0763
A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693...
CVE-2017-0712
A elevation of privilege vulnerability in the Android framework wi-fi service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207928...
PT-2017-12152 · Sipcrack +1 · Sipcrack +1
Name of the Vulnerable Software and Affected Versions: SIPcrack version 0.2 Description: A memory leak was discovered in the way SIPcrack handles SIP traffic processing due to mismanagement of a lines array. This issue could allow a remote attacker to potentially crash long-running sipdump networ...
CVE-2017-2273
Cross-site request forgery CSRF vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
BUFFALO WAPM-1166D and WAPM-APG600H Cross-Site Request Forgery Vulnerabilities
The BUFFALO WAPM-1166D and WAPM-APG600H are both wireless LAN access point devices from BUFFALO Japan. A cross-site request forgery vulnerability exists in the WMR-433 using firmware version 1.02 and earlier and the WMR-433W using firmware version 1.40 and earlier. A remote attacker could exploit...
Denial of Service Vulnerability in Multiple IBM Products
IBM MQ formerly known as IBM WebSphere MQ is a messaging middleware product from IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ versions 9.0.1 through 9.0.2. An attacker could exploit...
IBM WebSphere MQ Information Disclosure Vulnerability (CNVD-2017-22589)
IBM MQ formerly known as IBM WebSphere MQ is a messaging middleware product from IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ versions 9.0.1 and 9.0.2. A local attacker could exploit...
IBM WebSphere MQ Plaintext Credential Information Disclosure Vulnerability
IBM MQ formerly known as IBM WebSphere MQ is a messaging middleware product from IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ versions 9.0.1 and 9.0.2, which originates from the...
CVE-2017-0676
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431...
CVE-2017-0670
A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177...
CVE-2017-2179
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and CVE-2017-2182...
UBUNTU-CVE-2017-0592
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution...
CVE-2017-5527
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized users to perform SQL injection attacks...
CVE-2017-3495
Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications subcomponent: Pre-Login. Supported versions that are affected are 12.0.2 and 12.0.3. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromis...
CVE-2017-0540
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...