|Paid content will be excluded from the download.
| Matches : 96018
|Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.
Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 220.127.116.11.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.
Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system by appending th ...
NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.
Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution.
The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.
The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.
The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   9601
© 2013 SecPod Technologies