3.4 C
London
Saturday, November 25, 2017

VU#875548: MicroPact iComplaints cross-site scripting vulnerability

MicroPact iComplaints contains a persistent cross-site scripting vulnerability.

VU#688812: Huawei E355 contains a stored cross-site scripting vulnerability

The Huawei E355 built-in web interface contains a stored cross-site scripting vulnerability.

VU#204988: Kaseya’s agent driver contains NULL pointer dereference

Kaseya's agent driver,kapfa.sys,is vulnerable to a NULL pointer dereference.

VU#917348: Datum Systems satellite modem devices contain multiple vulnerabilities

Datum Systems PSM-4500 and PSM-500 series satellite modem devices contain multiple vulnerabilities

VU#712660: Raritian PX power distribution software is vulnerable to the cipher...

Raritan PX power distribution software version 01.05.08 and previous running on a model DPXR20A-16 device allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0(aka cipher zero)and an arbitrary password.

VU#100972: Liferay Portal PCE contains multiple cross-site scripting vulnerabilities

Liferay Portal versions 6.1.2 CE GA3,6.1.X EE,6.2.X EE,Master contain multiple cross-site scripting vulnerabilities

VU#960193: AVG Safeguard and Secure Search ActiveX controls provides insecure methods

The AVG Secure Search toolbar,also known as AVG Safeguard includes an ActiveX control that provides a number of unsafe methods,which may allow a remote,unauthenticated attacker to execute arbitrary code with the privileges of the user.

VU#402020: Autodesk VRED contains an unauthenticated remote code execution vulnerability

Autodesk VRED contains an unauthenticated remote code execution vulnerability.

VU#143740: Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials

Netgear GS105PE Prosafe Plus Switch firmware version 1.2.0.5 contains hard-coded credentials. (CWE-798)

VU#849500: SpamTitan contains a reflected cross-site scripting (XSS) vulnerability

SpamTitan contains a reflected cross-site scripting(XSS)vulnerability.

VU#774788: Belkin N150 path traversal vulnerability

Belkin N150 wireless routers contain a path traversal vulnerability.

VU#210884: F5 ARX Data Manager contains a SQL injection vulnerability

F5 ARX Data Manager 3.0.0 - 3.1.0 contains a SQL injection vulnerability.