Important Information

On August 12th, 2022, many of Keysight’s Network Test, Network Visibility, & Edge to Core (NAS/formerly Ixia) products will migrate to a new license structure.

CRITICAL: If you perform licensing operations after August 12th, 2022, without upgrading the licensing software to the latest version, licenses may not register properly, and some features may be missing. This could impact testing and result in downtime.

For details, click here.

Displaying 541 - 560 of 58316

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a remote command injection vulnerability in the Pivotal Spring Web framework. The vulnerability exists due to insufficient validation of user-supplied input to a STOMP broker in the spring-messaging module. The vulnerability can be exploited by sending a specially crafted request to a STOMP broker, allowing arbitrary command execution in the context of the running service. NOTE:...

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

An SQL injection vulnerability exists in Cobub Razor mobile analytics appliance. The vulnerability is due to insufficient user-supplied input validation within channel.php script. The successful exploitation of this vulnerability can result in database information disclosure without authentication via a specially crafted HTTP POST request.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits an integer overflow flaw in Corosync Cluster Engine. The vulnerability is due to improper length checking on received input UDP data. A remote attacker can trigger this vulnerability by sending a crafted UDP request to target server. This results in Denial-of-Service on the target device.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a double-free memory corruption vulnerability in Cisco ASA. The vulnerability is due to failure to parse invalid XML data. By sending a crafted SSL packet containing invalid XML, a remote, unauthenticated attacker could execute arbitrary code on the targeted device.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

This strike emulates a scanner running multiple TLS handshakes using an RSA Encrypted PreMaster Secret, which may be vulnerable to the Return Of Bleichenbachers Oracle Threat ROBOT decryption attack. Due to incorrect handling of improperly padded or invalid RSA Encrypted PreMaster Secrets, information which may be used to decrypt or decipher the servers private key is leaked. Successful exploitation...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a Use-After-Free found in vulnerable methods inside object DRMManager. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike identifies a vulnerability in the Node.js zlib library. zlib has issues when trying to deflate an 8 bit windowBit value and will throw a z stream error when encountered. Node.js does not properly handle this exception, and this vulnerability can be demonstrated using the WebSocket extension for Node because it allows for the windowBit value to be set in the headers.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a RCE vulnerability existent in the WordPress Marketplace plugin. This vulnerability is due to the lack of proper input sanitization while processing data from a POST request. An unauthenticated user could exploit this vulnerability by specially crafting a HTTP POST request with a call to wpmp pp ajax call method, which can lead to arbitrary code execution in the context of the...

CVSS: 9.4 (AV:N/AC:L/Au:N/C:N/I:C/A:C)

An arbitrary file overwrite vulnerabilty has been identified in Quest NetVault Backup appliance. The vulnerability is caused by the lack of user input sanitisation in the context of log exportation. The vulnerability can be exploited by accessing the Web Interface of the NetVault server via a specially-crafted HTTP POST request, allowing the attacker to overwrite any file with SYSTEM privileges....

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits an Use-After-Free vulnerability in Samba Team SMBv1 server. The vulnerability is due to incorrect handling of objects in memory. By sending a crafted request to target server, a remote attacker with permissions to connect to a share could execute arbitrary code in the context of smbd process. NOTE: When run in OneArm mode, the strike requires a SMB share named myshare with...

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the javascript Chakra engine. Javascript can be crafted in such a way that allows for an exception to be thrown when re-parsing asmjs modules. By exhausting the stack we can cause an exception to occur. This may cause a denial of service condition in the browser, or potentially lead to remote...

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a heap based buffer overflow vulnerability in the JET database engine component of Microsoft Office msexcl40.dll. The vulnerability is due to an erroneous validation of RecordDataLength in BIFF substreams. An attacker could execute arbitrary code by enticing a user to open a maliciously crafted document.

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the javascript Chakra engine. Javascript can be crafted in such a way that allows for type confusion to occur when MinInAnArray or MaxInAnArray methods are called to return the largest or smallest of a series of numbers. The functions fail to properly validate the input and can instead change...

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote command injection vulnerability in Ruby before 2.4.3. The vulnerability is due to ruby NEt::FTP, which will execute any command after the | pipe character in the localfile argument. This vulnerability could allow an unauthorized user to execute arbitrary code on the server.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

A stack buffer overflow has been identified in Quest NetVault Backup appliance. The vulnerability is caused by the lack of proper input sanitisation in the context of multipart HTTP requests processing. The vulnerability can be exploited by accessing the Web Interface of the NetVault server via a specially-crafted HTTP POST request, allowing the attacker arbitrary code execution with SYSTEM...

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

A security policy bypass vulnerability has been found in SAP GUI. The vulnerability is due to improper implementation of client side security policies regarding the Windows application regsvr32.exe. A remote attacker could exploit this vulnerability by enticing user to connect to SAP server controlled by attacker, then executing arbitrary code on the target via a crafted ABAP code.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

This strike exploits an out of bounds write vulnerability in Digium Asterisk. Asterisk allocates memory for RTCP Sender and Receiver Reports based on the messages Reception Report Count field. The number of reports received is tracked by Asterisk. If Asterisk receives a new Sender or Receiver Report with a Reception Report Count that is less than the number of reports received, an out of bounds write...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a remote command injection vulnerability in GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier. The vulnerability is due to insufficient validation of whether additional command line arguments were specified via the URI. This vulnerability could allow an unauthorized user to execute arbitrary code on the server.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

This strike exploits a memory leak vulnerability in Samba Team SMBv1 server. The vulnerability is due to incorrect management of heap memory. By sending a craftet request to target server, a remote attacker with permissions to connect to a share may potentially obtain password hashes or other high-value data. NOTE: When run in OneArm mode, the strike requires a SMB share named myshare with anonymous...

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the javascript Chakra engine. It is possible to create javascript in such a way that allows for the scriptFunction to be exposed to the user as this when getting the length property. When this happens type confusion occurs. This may lead to a denial of service condition in the browser, or...

Pages