Many Moxa devices suffer from command injection, cross site scripting, and outdated software vulnerabilities.
91e5218cfa2c2452c1da0918b3b85328aad5bcf76352c949affc7a9a10a95a39VOXTRONIC Voxlog Professional versions 3.7.2.729 and below suffer from file disclosure, remote code execution, and remote SQL injection vulnerabilities.
1b7e866efc987b1e820a90007bf6bda712524774261dd6c1229b6080fec76cc1AdaCore Security Advisory - All AWS releases and wavefronts prior to 2012-01-21 suffer from hash collision vulnerabilities.
7e3a1369a020e57b96e59b8b0b9529fdb0e3680525f1bd1d5292095b172b5eb3Apache Struts2 versions 2.2.1.1 and below suffer from an ExceptionDelegator remote command execution vulnerability. Versions 2.3.1 and below suffer from remote command execution vulnerabilities related to CookieInterceptor and DebuggingInterceptor. Versions 2.3.1 and below suffer from a file overwrite vulnerability in ParametersInterceptor.
8d363a18f897ed34231b59c495249b3756d6dd28557f389c633b72c05f3bea07Microsoft ASP.NET Forms suffers from a null byte termination authentication bypass vulnerability that exists in the CopyStringToUnAlingnedBuffer() function of the webengine4.dll library used by the .NET framework. The unicode string length is determined using the lstrlenW function. The lstrlenW function returns the length of the string, in characters not including the terminating null character. If the unicode string containing a null byte is passed, its length is incorrectly calculated, so only characters before the null byte are copied into the buffer.
294ae2596a2c31be82519bf63b2272b2e6a249e186db2e1ca5fab9dfb9f605e6The WhatsApp tool suffers from arbitrary user status updating, registration bypass and plaintext protocol vulnerabilities.
0616c7aaaea8c5766787ad6d89a5f5e1a9b8c80dda620060d4f23fe8f25ffa06The SecCommerce SecSigner Java applet version 3.5.0 suffers from a client-side remote arbitrary file upload vulnerability.
5c2fa4abe1884f3a0b572d67e36f2d26b087f7cd52d35a19c40e81c656d3dd40Microsoft Forefront Unified Access Gateway Remote Access Agent version 4.0.0.1 suffers from a remote file upload and command execution vulnerability.
3ebeabe791748805647629a3fbbecc741bc96a94f425f58d13409d7e8d83b60cCheck Point SSL VPN On-Demand applications suffer from remote file upload and command execution vulnerabilities.
16fc1a812d8e49f019aec198ac5b1f6339e0854addc6171fa54586f34e1a1259WordPress versions 3.1.3 and 3.2-RC1 suffers from multiple remote SQL injection vulnerabilities.
0a7900515451e312b78d781e902fcb08e0d2c379668d6c7b467866395e99972eLibmodplug library is prone to a stack based buffer overflow vulnerability due to insufficient validation of user supplied data. An attacker is able to execute arbitrary code in the context of the user when opening malicious S3M media files. Version 0.8.8.1 is affected.
3b492361b42a31322dd539245a7c64c4f1cbf45a7f989edecf307ed261a181bdSawmill Enterprise versions prior to 8.1.7.3 suffers from arbitrary code execution, cross site request forgery, cross site scripting and various other vulnerabilities. suffers from buffer overflow, cross site request forgery, cross site scripting and file disclosure vulnerabilities.
2bd10f0a3d3cc78cbdd70e360341145cdcc41d59f78c199e223b197ec74303a1Xerox WorkCentre versions 5665, 5675, and 5687 suffers from backdoor and authentication vulnerabilities.
5f40de32a9dd28a731693198b0787cdbd7dff2200019016edc179dd16ce2dbaeLetoDMS versions 1.7.2 and below suffer from cross site request forgery and local file inclusion vulnerabilities.
c9b6e49cdbd9d24344a2e48a4b49a02dfc63f27df1f1c9790f6bea3a57ed26abSitecore Staging Module versions 5.4.0 revision 080625 and below suffer from authentication bypass and file manipulation vulnerabilities.
0021244a4c6cebaaec10e5a1c3d431de7999b29903a312e90b39f88e0151ebb6RADactive I-Load version 2008.2.4.0 suffers from cross site scripting, file disclosure, and file upload vulnerabilities.
c73f8131d8b7af1c98eaee0158df5332fbfc1b52e29e3faae8acbe5a3fe2ab6fSEC Consult Security Advisory 20090901-0 - A file disclosure vulnerability exists in JSFTemplating, Mojarra Scales, and GlassFish Application Server v3 Admin console.
997ef8e7a5352750004cfe364dea689341b943cbe725378661952f230c85209dSEC Consult Security Advisory 20090707-0 - Multiple memory corruption vulnerabilities have been identified in multimedia codecs used by the RealPlayer and MMS viewer on Nokia's Symbian/S60 based smartphones. An attacker could leverage these bugs to gain control of the program counter register and execute arbitrary code on a target smartphone. The bugs can be triggered directly inside the MMS viewer of the target, by sending an MMS with an embedded video file.
aeaa346858f3d297167128f3741765a3b8de649f8ac8e79ef104a8614c5c1bc6SEC Consult Security Advisory 20090525-4 - A format string vulnerability exists in the logfile parsing function of SonicOS. An attacker could crash the system or execute arbitrary code by injecting format string metacharacters into the logfile, if an administrator subsequently uses the SonicOS GUI to view the log.
6c7085cdc53507695204c983a9fba14a2a3502a8197d9696636f43a53f125f2bSEC Consult Security Advisory 20090525-3 - The SonicWALL Global VPN Client versions 4.0.0.835 and below suffer from a local privilege escalation vulnerability.
697d26db1d1f4652470fb4f8020fe9df446a0fa526453fe1e008c228a820ddc3SEC Consult Security Advisory 20090525-2 - The SonicWALL Global Security Client version 1.0.0.15 suffers from a local privilege escalation vulnerability.
a249f7b5b6c96e7e73537b527e46de221df15b9ac124b216b83d675ced67349bSEC Consult Security Advisory 20090525-1 - The Nortel Contact Center Manager server version 6.0 suffers from a password disclosure vulnerability.
bac6e60c36d211176326d66db94bf9e89951039cf254351e8c0aba6df234e565SEC Consult Security Advisory 20090525-0 - The Nortel Contact Center Manager server version 6.0 suffers from an authentication bypass vulnerability.
983ea312515d8fc13a674dd0481967d73dbc7ab8781412dcd68339905b846a46SEC Consult Security Advisory 20090429-0 - LevelOne AMG-2000 Wireless AP Management Gateway suffers from proxy bypass and plain text vulnerabilities.
21fedd3d58a60ec4be0f1b3d390a6efc6e4b55fd06209cf789610813125e1dafSEC Consult Security Advisory 20090415-1 - The Nortel Application Gateway 2000 versions 6.3.1 and below suffer from a password disclosure vulnerability.
6a602258e8f29deb14f3eb5ff281f26e0e43c3f7484aceaeafab1860a788f32dSEC Consult Security Advisory 20090415-0 - Multiple vulnerabilities have been identified in Novell Teaming. These include enumeration of usernames, information disclosure, and cross site scripting flaws. Version 1.0.3 is vulnerable.
e32f1a48232fe353e2a85526ef291e78bafffd7789d861410bca9cc87b1b1dc3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed