siemens -- ruggedcom_network_management_
|
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.
|
2017-02-27
| ||
・・・
| ||||
tigervnc -- tigervnc
|
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
|
2017-02-28
| ||
tigervnc -- tigervnc
|
Buffer overflow in the ModifiablePixelBuffer::
|
2017-02-28
| ||
veritas -- netbackup_appliance
|
An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat.
|
2017-03-02
| ||
・・・
| ||||
webpagetest_project -- webpagetest
|
An issue was discovered in WPO-Foundation WebPageTest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "webpagetest-master/www/
|
2017-03-02
| ||
xen -- xen
|
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
|
2017-02-27
| ||
xen -- xen
|
他にもDoS数件。省略
|
2017-02-27
| ||
yandex -- yandex_browser
|
Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site.
|
2017-03-01
| ||
yandex -- yandex_browser
|
Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site.
|
2017-03-01
|
Mar 7, 2017
2/27週のCVE ... Medium Vulnerabilities 続き
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment