The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. Date published...
Impero Education Pro before 5105 relies on the -1|AUTHENTICATEx02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command. Date published : 2015-09-14 http://www.kb.cert.org/vuls/id/549807
Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing...
Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7.0.0.9 allows remote authenticated users to obtain sensitive personal information via unknown vectors. Date published : 2015-09-14 http://www-01.ibm.com/support/docview.wss?uid=swg1JR54107 http://www-01.ibm.com/support/docview.wss?uid=swg21965013
IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and...
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha. Date published...
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426. Date published : 2015-09-13 http://www.securityfocus.com/bid/76687...
Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application fault) via crafted HTTP requests, aka Bug...
Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs...
Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote attackers to cause a denial of service (access-point outage) via a crafted UDP packet, aka Bug ID CSCuu47016. Date published :...
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request,...
Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges...
IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call. Date published : 2015-09-13 http://www-01.ibm.com/support/docview.wss?uid=swg1IV73860...
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors. Date published : 2015-09-11 https://www.exploit-db.com/exploits/38108/ https://ics-cert.us-cert.gov/advisories/ICSA-15-251-01