VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI)
IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java 1.4.2 are no longer supported. …
CERT
VU#261385: Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution
CVE-2020-3110 Cisco’s Video Surveillance 8000 Series IP cameras with CDP enabled are vulnerable to a heap overflow in the parsing of …
VU#390745: OpenSMTPD vulnerable to local privilege escalation and remote code execution
OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol(SMTP)that is part of the OpenBSD Project. …
VU#338824: Microsoft Internet Explorer Scripting Engine memory corruption vulnerability
Microsoft has released Security Advisory ADV200001,which describes a memory corruption vulnerability in the Scripting Engine. This …
VU#619785: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP web server vulnerability
Citrix has published a security bulletin that mentions a vulnerability that can be exploited to achieve arbitrary code execution by a …
VU#335217: Multiple caching service providers are vulnerable to HTTP cache poisoning
CDNs use HTTP caching software to provide high availability and high performance by distributing the service spatially relative to …
VU#491944: Microsoft Windows Remote Desktop Gateway allows for unauthenticated remote code execution
Microsoft Windows Remote Desktop Gateway(RD Gateway)is a Windows Server component that provides access to Remote Desktop services without …
VU#849224: Microsoft Windows CryptoAPI fails to properly validate ECC certificate chains
The Microsoft Windows CryptoAPI,which is provided by Crypt32.dll,fails to validate ECC certificates in a way that properly leverages the …
VU#619785: Citrix Application Delivery Controller and Citrix Gateway web server vulnerability
Citrix has published a security bulletin that mentions a vulnerability that can be exploited to achieve arbitrary code execution by a …
VU#619785: Citrix Application Delivery Controller and Citrix Gateway directory traversal vulnerability
Citrix has published a security bulletin that mentions a vulnerability that can be exploited to achieve arbitrary code execution by a …