Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27914 of 28066

CVE-2016-4892

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

Cross-site scripting (XSS) vulnerability in SetucoCMS.

CVE-2017-5936

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

CVE-2016-4894

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

SetucoCMS allows remote attackers to cause a denial of service.

CVE-2017-7279

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the “token” cookie issued at login.

CVE-2016-5313

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands.

Author: Cyberthreat Blog

CVE-2016-4892

CVE-2017-5936

CVE-2016-4894

CVE-2017-7279

CVE-2016-5313