Lucene search
K

3702 matches found

CERT
CERT
added 2015/06/08 12:0 a.m.33 views

Aptexx Resident Anywhere exposes sensitive account information

Overview Aptexx Resident Anywhere does not require authentication to view and modify sensitive information contained in direct account and payment URLs, which can be leveraged to bypass authentication and access user accounts. Description CWE-288:Authentication Bypass Using an Alternate Path or...

7.5CVSS6.8AI score0.01663EPSS
Exploits0References2
CERT
CERT
added 2015/06/08 12:0 a.m.71 views

Toshiba 4690 OS contains an information disclosure vulnerability

Overview The Toshiba 4690 operating system, version 6 Release 3 and possibly earlier versions, contains an information disclosure vulnerability. Description CWE-200: Information Exposure - CVE-2014-4876The Toshiba 4690 operating system, version 6 Release 3 and possibly earlier versions, contains...

4.3CVSS4.2AI score0.01658EPSS
Exploits0References2
CERT
CERT
added 2015/06/08 12:0 a.m.31 views

Toshiba CHEC contains a hard-coded cryptographic key

Overview Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key. Description CWE-321: Use of Hard-coded Cryptographic Key - CVE-2014-4875Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key in the...

5CVSS6AI score0.02063EPSS
Exploits0References1
CERT
CERT
added 2015/06/04 12:0 a.m.127 views

McAfee ePolicy Orchestrator fails to properly validate SSL/TLS certificates

Overview McAfee ePolicy Orchestrator versions 4.6.8 and earlier and 5.1.1 and earlier fail to properly validate SSL/TLS certificates. Description CWE-295: Improper Certificate Validation - CVE-2015-2859McAfee ePolicy Orchestrator ePO supports integration with external registered servers for a...

5.8CVSS6AI score0.01021EPSS
Exploits0References5
CERT
CERT
added 2015/05/29 12:0 a.m.32 views

Blue Coat SSL Visibility Appliance contains multiple vulnerabilities

Overview Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800, versions 3.6.x to 3.8.3, contain multiple vulnerabilities. Description Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800, versions 3.6.x to 3.8.3, contain multiple vulnerabilities.CWE-352: Cross-Site...

6.8CVSS6.3AI score0.01539EPSS
Exploits0References8
CERT
CERT
added 2015/05/26 12:0 a.m.26 views

Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files

Overview The Synology Cloud Station sync client for OS X contains a setuid root executable that allows regular users to claim ownership of system files. Description CWE-276: Incorrect Default Permissions - CVE-2015-2851The Synology Cloud Station sync client for OS X contains an executable named...

6.8CVSS6.7AI score0.00757EPSS
Exploits0
CERT
CERT
added 2015/05/19 12:0 a.m.119 views

KCodes NetUSB kernel driver is vulnerable to buffer overflow

Overview KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. Description KCodes NetUSB is a Linux kernel module that provides USB over IP. It is used to provide USB device sharing on a home user network.CWE-120: Buffer Copy...

10CVSS9.6AI score0.27906EPSS
Exploits7References2
CERT
CERT
added 2015/05/08 12:0 a.m.16 views

Subrion CMS vulnerable to SQL injection by an authenticated user

Overview Subrion CMS is vulnerable to SQL injection from authenticated users when a browser cookie is modified in a certain way. Description Subrion is an open source web-based content management system CMS. Subrion is vulnerable to SQL injection due to deserialization of untrusted data from a...

8.2AI score
Exploits0References1
CERT
CERT
added 2015/05/05 12:0 a.m.58 views

Bomgar Remote Support Portal deserializes untrusted data

Overview Bomgar Remote Support version 14.3.1 and possibly earlier versions deserialize untrusted data without sufficient validation, allowing an attacker to potentially execute arbitrary PHP code. Description CWE-502: Deserialization of Untrusted Data Bomgar Remote Support version 14.3.1 and...

7.5CVSS7.1AI score0.05869EPSS
Exploits4References2
CERT
CERT
added 2015/05/04 12:0 a.m.87 views

ICU Project ICU4C library contains multiple overflow vulnerabilities

Overview ICU Project ICU4C library, versions 52 through 54, contains a heap-based buffer overflow and an integer overflow. Description The ICU Project describes ICU as "a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software...

7.5CVSS8AI score0.2447EPSS
Exploits4References6
CERT
CERT
added 2015/04/30 12:0 a.m.20 views

EMC AutoStart is vulnerable to remote code execution via specially crafted packets

Overview EMC AutoStart, version 5.5.0 and earlier, is vulnerable to remote command execution via specially crafted packets. Description EMC AutoStart is an enterprise software application developed to help networks and service maintain a high level of availability. AutoStart can manage clusters o...

9.3CVSS7.8AI score0.07209EPSS
Exploits0References1
CERT
CERT
added 2015/04/28 12:0 a.m.31 views

Barracuda Web Filter insecurely performs SSL inspection

Overview Barracuda Web Filter prior to version 8.1.0.005 does not properly check upstream certificate validity when performing SSL inspection, and delivers one of three default root CA certificates across multiple machines for SSL inspection. Description According to Barracuda Networks, the...

4.3CVSS6.1AI score0.01424EPSS
Exploits0References4
CERT
CERT
added 2015/04/20 12:0 a.m.15 views

NetNanny uses a shared private key and root CA

Overview NetNanny uses a shared private key and root Certificate Authority CA, making systems broadly vulnerable to HTTPS spoofing. Description NetNanny installs a Man-in-the-Middle MITM proxy as well as a new trusted root CA certificate. The certificate used by NetNanny is shared among all...

6.8AI score
Exploits0References2
CERT
CERT
added 2015/04/17 12:0 a.m.20 views

Hewlett-Packard Network Automation contains multiple vulnerabilities

Overview HP Network Automation versions 9.0x, 9.1x, 9.2x, and 10.x contain multiple vulnerabilities affecting the administrative web interface. Description HP Network Automation versions 9.0x, 9.1x, 9.2x, and 10.x contain vulnerabilities in the administrative web interface, including multiple cro...

6.9AI score
Exploits0References4
CERT
CERT
added 2015/04/14 12:0 a.m.30 views

Blue Coat Malware Analysis appliance contains a cross-site scripting (XSS) vulnerability and information disclosure

Overview The Blue Coat Malware Analysis appliance is vulnerable to cross-site scripting XSS and information disclosure. Description The Blue Coat Malware Analysis appliance is a sandboxed appliance that scans for threats in files and downloads on the network.A cross-site scripting vulnerability...

5CVSS6AI score0.01462EPSS
Exploits0References1
CERT
CERT
added 2015/04/14 12:0 a.m.43 views

SearchBlox contains multiple vulnerabilities

Overview SearchBlox versions 8.1.x and below contain multiple vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2015-0967SearchBlox contains multiple cross-site scripting XSS vulnerabilities, including a reflected XSS in...

8.8CVSS9.2AI score0.13659EPSS
Exploits0References6
CERT
CERT
added 2015/04/13 12:0 a.m.109 views

Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL

Overview Software running on Microsoft Windows that utilizes HTTP requests can be forwarded to a file:// protocol on a malicious server, which causes Windows to automatically attempt authentication via SMB to the malicious server in some circumstances. The encrypted form of the user's credentials...

7.4CVSS8AI score0.04478EPSS
Exploits1References15
CERT
CERT
added 2015/04/07 12:0 a.m.54 views

NTP Project ntpd reference implementation contains multiple vulnerabilities

Overview NTP Project ntpd reference implementation accepts unauthenticated packets with symmetric key cryptography and does not protect symmetric associations against denial of service attacks. Description CVE-2015-1798, bug 2779:In NTP4 installations utilizing symmetric key authentication,...

4.3CVSS7.2AI score0.02219EPSS
Exploits0References4
CERT
CERT
added 2015/04/02 12:0 a.m.46 views

X-Cart contains multiple vulnerabilities

Overview X-Cart versions 5.1.6 through 5.1.10 are vulnerable to cross-site scripting XSS, and versions 5.1.10 and below are vulnerable to authorization bypass. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2015-0950X-Cart versions 5.1...

6.5CVSS5.9AI score0.01277EPSS
Exploits0References4
CERT
CERT
added 2015/03/31 12:0 a.m.36 views

Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link

Overview Multicast DNS implementations may respond to unicast queries that originate from sources outside of the local link network. Such responses may disclose information about network devices or be used in denial-of-service DoS amplification attacks. Description Multicast DNS mDNS is a way for...

5CVSS6.2AI score0.02184EPSS
Exploits0References2
CERT
CERT
added 2015/03/27 12:0 a.m.50 views

Multiple SSL certificate authorities use predefined email addresses as proof of domain ownership

Overview Multiple SSL certificate authorities may issue certificates to a customer based solely on the control of certain email addresses. This may allow an attacker to obtain a valid SSL certificate to perform HTTPS spoofing without generating a warning in the client software. Description When a...

6.9AI score
Exploits0References32
CERT
CERT
added 2015/03/26 12:0 a.m.50 views

Multiple ANTlabs InnGate models allow unauthenticated read/write to filesystem

Overview ANTlabs InnGate is a gateway device designed for operating corporate guest/visitor networks. Multiple models and firmware versions of the InnGate has been shown to allow read/write access to remote unauthenticated users via a misconfigured rsync instance. Description CWE-276: Incorrect...

10CVSS6.5AI score0.0559EPSS
Exploits1References3
CERT
CERT
added 2015/03/20 12:0 a.m.45 views

NSIS Inetc plug-in fails to validate SSL certificates

Overview The Intetc plugin for the NSIS installer fails to validate SSL certificates, which makes affected installers vulnerable to HTTPS spoofing. Description Inetc is a plugin for the NSIS installer software that provides the ability to download files from the internet. Although Inetc supports...

4.3CVSS6.5AI score0.01392EPSS
Exploits0References4
CERT
CERT
added 2015/03/20 12:0 a.m.39 views

BIOS implementations permit unsafe SMM function calls to memory locations outside of SMRAM

Overview Multiple BIOS implementations permit unsafe System Management Mode SMM function calls to memory locations outside of SMRAM. Description Multiple BIOS implementations permit unsafe System Management Mode SMM function calls to memory locations outside of SMRAM. According to Corey Kallenber...

7.8CVSS8.1AI score0.00394EPSS
Exploits0References1
CERT
CERT
added 2015/03/17 12:0 a.m.21 views

HP ArcSight contains multiple vulnerabilities

Overview HP ArcSight Logger and ESM contains multiple vulnerabilities. Description CWE-434: Unrestricted Upload of File with Dangerous Type - CVE PendingHP ArcSight Logger 5.3.1.6838.0 configuration import file upload capability does not sanitize file names, which allows a remote, authenticated...

7.9AI score
Exploits0References2
CERT
CERT
added 2015/03/16 12:0 a.m.42 views

D-Link DCS-93xL model family allows unrestricted upload

Overview The D-Link DCS-93xL family of devices specifically the DCS-930L, DCS-931L, DCS-932L, and DCS-933L models allows an attacker to upload arbitrary files from the attackers system. Description CWE-434: Unrestricted Upload of File with Dangerous Type The D-Link DCS-93xL family of devices allo...

9CVSS7AI score0.66674EPSS
Exploits5References6
CERT
CERT
added 2015/03/16 12:0 a.m.20 views

D-Link DAP-1320 Rev Ax is vulnerable to a command injection

Overview The D-Link DAP-1320 Rev Ax firmware update mechanism contains a command injection vulnerability. Description CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' A remote unauthenticated attacker may execute commands on the device by taking...

10CVSS7.7AI score0.0329EPSS
Exploits0References2
CERT
CERT
added 2015/03/10 12:0 a.m.63 views

Telerik Analytics Monitor Library allows DLL hijacking

Overview Telerik Analytics Monitor Library is a third-party application analytics service that collects detailed application metrics for vendors. Some versions of the Telerik library allow DLL hijacking, allowing an attacker to load malicious code in the context of the Telerik-based application...

6.9CVSS6.2AI score0.00509EPSS
Exploits0References2
CERT
CERT
added 2015/03/06 12:0 a.m.274 views

SSL/TLS implementations accept export-grade RSA keys (FREAK attack)

Overview Some implementations of SSL/TLS accept export-grade 512-bit or smaller RSA keys even when not specifically requesting export grade ciphers. An attacker able to act as a Man-in-The-Middle MiTM could factor weak temporary RSA keys, obtain session keys, and decrypt SSL/TLS trafflc. This iss...

4.3CVSS6.3AI score0.98685EPSS
Exploits0References5
CERT
CERT
added 2015/03/03 12:0 a.m.38 views

ShareLaTeX vulnerable to remote command execution and information disclosure

Overview ShareLaTeX is a server-based software allowing group collaboration on LaTeX documents. ShareLaTeX prior to version 0.1.3 has been found to be vulnerable to command injections and information disclosure. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path...

6.5CVSS6.4AI score0.01927EPSS
Exploits0References3
CERT
CERT
added 2015/02/27 12:0 a.m.42 views

Multiple Toshiba products are vulnerable to trusted service path privilege escalation

Overview Bluetooth Stack for Windows by Toshiba and TOSHIBA Service Station contain a trusted service path privilege escalation vulnerability. Description CWE-428: Unquoted Search Path or Element Bluetooth Stack for Windows by Toshiba versions 9.10.27T and earlier, as well as TOSHIBA Service...

6.9CVSS9.3AI score0.00382EPSS
Exploits0References4
CERT
CERT
added 2015/02/23 12:0 a.m.42 views

Adtrustmedia PrivDog fails to validate SSL certificates

Overview Adtrustmedia PrivDog fails to validate SSL certificates, making systems broadly vulnerable to HTTPS spoofing. Description Adtrustmedia PrivDog is a Windows application that advertises "... safer, faster and more private web browsing." Privdog installs a Man-in-the-Middle MITM proxy as we...

7.2AI score
Exploits0References9
CERT
CERT
added 2015/02/19 12:0 a.m.33 views

Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys

Overview Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing Description Komodia Redirector SDK is a self-described "interception engine" designed to enable developers to integrate proxy services and w...

6.5AI score
Exploits0References16
CERT
CERT
added 2015/02/13 12:0 a.m.109 views

Microsoft Windows domain-configured client Group Policy fails to authenticate servers

Overview Microsoft Windows domain-configured client Group Policy fails to authenticate servers over Universal Naming Convention UNC paths. Description Microsoft has released MS15-011, detailing a critical flaw in which Windows domain-configured client Group Policy fails to authenticate servers ov...

8.3CVSS6.9AI score0.2858EPSS
Exploits4References5
CERT
CERT
added 2015/02/13 12:0 a.m.22 views

Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability

Overview A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. Description CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an...

7.8AI score
Exploits0References2
CERT
CERT
added 2015/02/05 12:0 a.m.33 views

Ektron Content Management System (CMS) contains multiple vulnerabilities

Overview Ektron Content Management System CMS versions 8.5, 8.7, and 9.0 contain a XXE and a resource injection vulnerability. Description Note: A prior version of this report indicated incorrectly that Ektron CMS version 9.1 was vulnerable. The vendor indicated that the last version to ship with...

6.8CVSS6.8AI score0.22034EPSS
Exploits3References4
CERT
CERT
added 2015/02/05 12:0 a.m.17 views

Topline Systems Opportunity Form vulnerable to information disclosure

Overview Topline Systems Opportunity Form contains an information disclosure vulnerability. Description CWE-200: Information Exposure Topline Systems Opportunity Form is a macro-enabled Excel spreadsheet that contains connection strings to a public-facing database. By running procedures included ...

7AI score
Exploits0References4
CERT
CERT
added 2015/02/02 12:0 a.m.39 views

SerVision HVG Video Gateway web interface contains multiple vulnerabilities

Overview SerVision HVG Video Gateway web interface contains multiple vulnerabilities affecting multiple firmware versions. Description CWE-288: Authentication Bypass Using an Alternate Path or Channel, andCWE-284: Improper Access Control - CVE-2015-0929By visiting time.htm, a user is issued a...

10CVSS7AI score0.03445EPSS
Exploits1References4
CERT
CERT
added 2015/01/28 12:0 a.m.122 views

GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow

Overview The nsshostnamedigitsdots function of the GNU C Library glibc allows a buffer overflow condition in which arbitrary code may be executed. This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name "GHOST". Description According to Qualys, the...

10CVSS8.2AI score0.94859EPSS
Exploits29References2
CERT
CERT
added 2015/01/23 12:0 a.m.30 views

QPR Portal contains multiple vulnerabilities

Overview QPR Portal versions 2014.1.1 and older contain reflected and stored cross-site scripting vulnerabilities, and versions 2012.2.0 and older contain an insecure direct object reference vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site...

6.4CVSS6AI score0.01692EPSS
Exploits0References6
CERT
CERT
added 2015/01/23 12:0 a.m.39 views

LabTech contains privilege escalation vulnerability

Overview LabTech startup scripts and directories on Linux platforms are world-writeable and the scripts execute with root privileges. Description CWE-284: Improper Access Control LabTech startup scripts and directories on Linux platforms are world-writeable and the scripts execute with root...

6.8CVSS6.6AI score0.00353EPSS
Exploits0References1
CERT
CERT
added 2015/01/21 12:0 a.m.24 views

iPass Open Mobile Windows Client contains a remote code execution vulnerability

Overview The iPass Open Mobile Windows Client versions 2.4.4 and earlier contains a remote code execution vulnerability. Description CWE-94: Improper Control of Generation of Code 'Code Injection' The iPass Open Mobile Windows Client versions 2.4.4 and earlier utilizes named pipes for interproces...

9CVSS7.5AI score0.52125EPSS
Exploits5References2
CERT
CERT
added 2015/01/16 12:0 a.m.231 views

Ceragon FiberAir IP-10 Microwave Bridge contains a default root password

Overview Ceragon FiberAir IP-10 Microwave Bridge contains a default root password. Description CWE-255:Credentials Management Ceragon FiberAir IP-10 Microwave Bridges contain a default root password. The root account can be accessed through ssh, telnet, command line interface, or via HTTP. The...

7.8CVSS6.9AI score0.01382EPSS
Exploits2References2
CERT
CERT
added 2015/01/13 12:0 a.m.23 views

Panasonic Arbitrator Back-End Server (BES) uses unencrypted communication

Overview Panasonic Arbitrator Back-End Server BES uses an unencrypted channel to transmit data. Description CWE-319: Cleartext Transmission of Sensitive Information Panasonic Arbitrator Back-End Server BES uses an unencrypted channel to transmit data between the client and server. It has been...

6.9AI score
Exploits0References3
CERT
CERT
added 2015/01/05 12:0 a.m.43 views

Intel BIOS locking mechanism contains race condition that enables write protection bypass

Overview A race condition exists in Intel chipsets that rely solely on the BIOSCNTL.BIOSWE and BIOSCNTL.BLE bits as a BIOS write locking mechanism. Successful exploitation of this vulnerability may result in a bypass of this locking mechanism. Description CWE-362: Concurrent Execution using Share...

6.3AI score
Exploits0References3
CERT
CERT
added 2015/01/05 12:0 a.m.39 views

Tianocore UEFI implementation reclaim function vulnerable to buffer overflow

Overview The reclaim function in the Tianocore open source implementation of UEFI contains a buffer overflow vulnerability. Description The open source Tianocore project provides a reference implementation of the Unified Extensible Firmware Interface UEFI. Some commercial UEFI implementations...

6.8CVSS6.9AI score0.00405EPSS
Exploits0References4
CERT
CERT
added 2015/01/05 12:0 a.m.99 views

UEFI implementations do not properly secure the EFI S3 Resume Boot Path boot script

Overview Some UEFI systems fail to properly restrict access to the boot script used by the EFI S3 Resume Boot Path, allowing an authenticated, local attacker to bypass various firmware write protections. Description According to Rafal Wojtczuk of Bromium and Corey Kallenberg of The MITRE...

6.5AI score
Exploits0References2
CERT
CERT
added 2014/12/19 12:0 a.m.222 views

Multiple broadband routers use vulnerable versions of Allegro RomPager

Overview Multiple broadband routers use vulnerable versions of Allegro RomPager in current firmware releases. Description Many home and office/home office SOHO routers have been found to be using vulnerable versions of the Allegro RomPager embedded web server. Allegro RomPager versions prior to...

10CVSS9.2AI score0.63748EPSS
Exploits12References5
CERT
CERT
added 2014/12/19 12:0 a.m.161 views

NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)

Overview The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client...

7.5CVSS8.9AI score0.7809EPSS
Exploits4References7
CERT
CERT
added 2014/12/19 12:0 a.m.23 views

AppsGeyser generates Android applications that fail to properly validate SSL certificates

Overview AppsGeyser generates applications that fail to properly validate SSL certificates. Description AppsGeyser is an online tool that generates Android applications. At the time of publication of this vulnerability note, the AppsGeyser website claims to have generated over 1.3 million Android...

7.7AI score
Exploits0References10
Total number of security vulnerabilities3702