Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27827 of 28407

CVE-2015-3634

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for WordPress allows remote attackers to read arbitrary WordPress option values.

CVE-2015-1786

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.

CVE-2016-6093

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

CVE-2016-6098

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVE-2016-4457

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.

Author: Cyberthreat Blog

CVE-2015-3634

CVE-2015-1786

CVE-2016-6093

CVE-2016-6098

CVE-2016-4457