cve-2019-2725 vulnerabilities and exploits

(subscribe to this query)

A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker...

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Oracle Weblogic Server 10.3.6.0.0 Oracle Weblogic Server 12.1.3.0.02 EDB exploits available1 Metasploit module available67 Github repositories available17 Articles available

Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the...

Hitrontech Cve-30360 Firmware 3.1.1.21

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Oracle Weblogic Server 10.3.6.0.0 Oracle Weblogic Server 12.1.3.0.02 EDB exploits available1 Metasploit module available67 Github repositories available17 Articles available

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...

Oracle Weblogic Server 10.3.6.0.0 Oracle Weblogic Server 12.1.3.0.0 Oracle Weblogic Server 12.2.1.3.030 Github repositories available6 Articles available

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via...

Ruby-lang Ruby Debian Debian Linux 4.0 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 7.04 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 8.04

SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter....

Epic Designs Eggblog1 EDB exploit available

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file....

Kde Ark Kde Kde Sc 4.7.0 Kde Kde Sc 4.7.1 Kde Kde Sc 4.7.2 Kde Kde Sc 4.7.3 Kde Kde Sc Canonical Ubuntu Linux 10.04 Canonical Ubuntu Linux 10.10 Canonical Ubuntu Linux 11.04 Canonical Ubuntu Linux 11.10 Opensuse Opensuse 11.4

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code...

1 2 3 4 5 NEXT »