Ipswitch MOVEit DMZ versions 8.1 and below suffer from an information disclosure vulnerability.
Monthly Archives: January 2016
Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Scripting
Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a reflective cross site scripting vulnerability.
Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Request Forgery
Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a cross site request forgery vulnerability.
Ipswitch MOVEit DMZ 8.1 File ID Enumeration
Ipswitch MOVEit DMZ versions 8.1 and below suffer from a file id enumeration vulnerability.
Ipswitch MOVEit DMZ 8.1 Persistent Cross Site Scripting
Ipswitch MOVEit DMZ versions 8.1 and below suffer from a persistent cross site scripting vulnerability.
Ipswitch MOVEit DMZ 8.1 Authorization Bypass
Ipswitch MOVEit DMZ versions 8.1 and below suffer from an authorization bypass vulnerability.
McAfee File Lock Driver Host Crash
McAfee File Lock Driver does not handle correctly GUIDs of the encrypted vaults, which allows to crash the host by crafting a specific IOCTL with a malformed Vault GUID which is used to identify an object of FILE_DEVICE_DISK DeviceType, causing a kernel stack based buffer overflow. McPvDrv.sys version 4.6.111.0 is vulnerable.
McAfee File Lock Driver Kernel Memory Leak
McAfee File Lock Driver McPvDrv.sys version 4.6.111.0 suffers from a memory leak vulnerability.
Horizon HD / WiFi Weak WiFi Passphrase Generation
Horizon HD / WiFi suffers from a weak wifi passphrase generation vulnerability.
WordPress Appointment Booking Calendar 1.1.24 SQL Injection
WordPress Appointment Booking Calendar plugin version 1.1.24 suffers from a remote SQL injection through addslashes.