Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16860 | 2 Heimdal Project, Samba | 2 Heimdal, Samba | 2019-08-14 | 6.0 MEDIUM | 7.5 HIGH |
| A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal. | |||||
| CVE-2016-10834 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). | |||||
| CVE-2016-10825 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92). | |||||
| CVE-2018-20934 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411). | |||||
| CVE-2017-7177 | 1 Openinfosecfoundation | 1 Suricata | 2018-12-05 | 5.0 MEDIUM | 7.5 HIGH |
| Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching. | |||||
| CVE-2017-15663 | 1 Flexense | 1 Disk Pulse | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120. | |||||
| CVE-2017-15664 | 1 Flexense | 1 Syncbreeze | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121. | |||||
| CVE-2017-15662 | 1 Flexense | 1 Vx Search | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123. | |||||
| CVE-2017-15665 | 1 Flexense | 1 Diskboss | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094. | |||||
| CVE-2017-8152 | 1 Huawei | 2 Honor 5s, Honor 5s Firmware | 2017-12-11 | 4.9 MEDIUM | 4.6 MEDIUM |
| Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due to the improper design. An attacker can access factory reset page without authorization by only dial with special code. The attacker can exploit this vulnerability to restore the phone to factory settings. | |||||
| CVE-2014-4843 | 1 Ibm | 1 Curam Social Program Management | 2017-06-15 | 5.0 MEDIUM | 5.3 MEDIUM |
| Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL. | |||||