CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by setting the admin cookie to 1.
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison.
PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.
Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3.0.12, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the s_text parameter and other unspecified vectors.
Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request to useradded.php with a modified user name for "admin."
admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1.
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).
Norton_core_firmware, Norton_core, Advanced_secure_gateway, Advanced_threat_protection, Altiris_client_management_suite_pcanywhere_solution, Altiris_climentent_manage_suite_pcanywhere_solution, Altiris_deployment_solution, Altiris_deployment_solution_remote_pcanywhere_solution, Altiris_it_management_suite, Altiris_it_management_suite_pcanywhere_solution
2019-10-09
N/A
N/A
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
Norton_core_firmware, Norton_core, Advanced_secure_gateway, Advanced_threat_protection, Altiris_client_management_suite_pcanywhere_solution, Altiris_climentent_manage_suite_pcanywhere_solution, Altiris_deployment_solution, Altiris_deployment_solution_remote_pcanywhere_solution, Altiris_it_management_suite, Altiris_it_management_suite_pcanywhere_solution
2017-08-08
N/A
N/A
Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.