The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors. Date published : 2016-05-07 http://www.kb.cert.org/vuls/id/505560 http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by leveraging the YUM_CLIENT restricted-user role. Date published : 2016-05-07 http://www.kb.cert.org/vuls/id/505560 http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the client_id parameter. Date published : 2016-05-07 http://www.kb.cert.org/vuls/id/505560 http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/
Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) getimageajax.php, (2) move_partition_frame.html, or (3)...
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. Date published : 2016-05-07 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564...
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified vectors. Date published : 2016-05-07 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564 http://www.securitytracker.com/id/1035767
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors. Date published : 2016-05-07 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564 http://www.securitytracker.com/id/1035767
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different...
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different...
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC)...
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive. Date published : 2016-05-07 http://www.securityfocus.com/bid/89355 http://www.kb.cert.org/vuls/id/862384
CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Date published : 2016-05-07 http://seclists.org/bugtraq/2016/May/23...
Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0900. Date published :...
Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0901. Date published :...