Symantec Endpoint Protection version 12.1.4023.4080 suffers from XXE injection, cross site scripting, and arbitrary file write vulnerabilities.
8dac04a3f8aa31944840699e39fc5cb46e42c335bda4f13704749fd690e88f91F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability.
90bc183e4916362d71c4474e9345d2f9d2041b58846f35012b0a395feaf2417aBitdefender GravityZone versions prior to 5.1.11.432 suffer from local file disclosure, insecure service configuration, and missing authentication vulnerabilities.
af619d5dbc0d5687b495f706bf14196eb93f0a0131142a9608bdc0bdfd57b826Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway are susceptible to cookie disclosure and reflective cross site scripting vulnerabilities.
d1476599affa41b884dec786579a526abb8aa5d7a7e7ce2a41d003a8d5c21aa6Remote attackers can execute arbitrary code and execute other attacks on computers with the OpenVPN Access Server "Desktop Client" installed.
3f95a17f5a3e3e08e1e5b964c913a1f26f928b80824fd0094146709d8a80f674CoSoSys Endpoint Protector 4 suffers from remote SQL injection, unauthenticated access, information disclosure, and backdoor vulnerabilities.
ee59c852aa9ec9b54cfb17cac2c30abf6fbb5c230308e6bbdca47b9cb0f61f3eAVG Remote Administration version 13.0.0.2892 suffers from authentication bypass, remote code execution, missing entity authentication, and use of static encryption key vulnerabilities.
ceb5d04708b6157050ac25449b0b9e11964628e323bd6dc10d4cab4e2224dd97Plex Media Server version 0.9.9.10 suffers from use of plain text protocols, insecure use of SSL/TLS, unauthenticated information disclosure, and cross site request forgery vulnerabilities.
3e1cb6d955b6c33349b4369cc89ac45fd2b1365efadc1a8d845bde2d9f7310d6Symantec LiveUpdate Administrator versions 2.3.2.99 and below suffer from password reset and remote SQL injection vulnerabilities.
11f001616a25bdfdf4be738bd0ef7f77bf985f9f7a0f5c873331ffa8305ed340Plex Media Server versions 0.9.9.2.374-aa23a69 and below suffer from authentication bypass and local file disclosure vulnerabilities.
5056a9a5be5beee1b56ca5f4a45fd08b7e9f849a4edabf46ffd88ef7a0b91dccSymantec Endpoint Protection versions 11.0, 12.0, and 12.1 suffer from unauthenticated XML external entity injection and unauthenticated local SQL injection vulnerabilities.
8dc0a7d04b4648d74f8859b867b10ed25093390acfa65b509cef76bb983b8a1aA vulnerability was found in the nsconfigd daemon (TCP port 3008/SSL and 3010). This daemon can be crashed by sending a specially crafted message. No prior authentication is necessary. A watchdog daemon (pitboss) automatically restarts nsconfigd after the first six crashes and then reboots the appliance. By sending just a few packets the appliance can be kept in a constant reboot loop resulting in total loss of availability. The vulnerabilities have been verified to exist in Citrix NetScaler VPX (Build 70.7.nc), which was the most recent version at the time of discovery.
58dcdce47632f720bc628f80305effb40ef074b20b017ef9442a1abcc451ee3bVodafone EasyBox versions 802 and 803 suffer from a default WPS PIN algorithm weakness. The algorithm that generates the default WPS-PIN is entirely based on the MAC address (=BSSID) and serial number of the device. The serial number can be derived from the MAC address.
289f3c58cfede8c1346e1a846dc8ad72e079b2ff4985c9f67e119e67dffb4df5Siemens OpenScape Branch and OpenScape Session Border Controller products suffer from cross site scripting, statistical information disclosure, OS command injection, and file disclosure vulnerabilities.
d411e938d89b49388f3a074efa7d56e1c24eafa0d3427639a9475e7e7b547ce3Multiple Barracuda Networks products suffer from having static backdoor accounts that allow for remote administrative access via SSH.
af0eddb146ce4e92db04a06f9cdbbf1edfc91930d2dab115922735f39815e502Barracuda SSL VPN suffers from multiple authentication bypass vulnerabilities.
2e9dabefadd19b1d7aa7a94287028e4a3bdd2d46f0e4a5d36287849ea44b1c87F5 BIG-IP versions 11.2.0 and below suffer from a remote SQL injection vulnerability.
075964bff42decb58985c82a10aee244147936d50217dd3f3028ad2948fdffafF5 BIG-IP versions 11.2.0 and below suffer from an XML external entity injection (XXE) vulnerability.
eed88f6727e8539cfd0581fa3d650e62fcb1404306be009618a1f266887154abF5 FirePass SSL VPN versions 7.0.0 HF-70-6 and below suffer from an unauthenticated local file inclusion vulnerability.
62b5e587146e75f16fd21805e355ff844951cefeba2797d37135fea776d627ff
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed