Skip to content

WindowsTechs.com

Collaborate Disseminate

Search for:

Primary menu

Home

Author Archives: CERT

VU#167623: SHDesigns Resident Download Manager does not authenticate firmware downloads

Posted on January 31, 2017 by CERT

SHDesigns’ Resident Download Manager(as well as the Ethernet Download Manager)does not authenticate firmware downloads before executing code and deploying them to devices. Continue reading VU#167623: SHDesigns Resident Download Manager does not authenticate firmware downloads→

Posted in CWE-494, integrity, verification

VU#909240: Cisco WebEx web browser extension allows arbitrary code execution

Posted on January 27, 2017 by CERT

The Cisco WebEx extensions for Chrome,Firefox,and Internet Explorer allow a remote,unauthenticated attacker to execute arbitrary code on a vulnerable Windows system. Continue reading VU#909240: Cisco WebEx web browser extension allows arbitrary code execution→

Posted in ActiveTouch, GpcContainer, ieatgpc.dll, npatgpc.dll

VU#865216: CodeLathe FileCloud is vulnerable to cross-site request forgery

Posted on January 13, 2017 by CERT

CodeLathe FileCloud,version 13.0.0.32841 and earlier,is vulnerable to cross-site request forgery(CSRF). Continue reading VU#865216: CodeLathe FileCloud is vulnerable to cross-site request forgery→

Posted in codelathe, CSRF, filecloud

VU#767208: ThreatMetrix SDK for iOS fails to validate SSL certificates

Posted on January 10, 2017 by CERT

On the iOS platform,the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections,which may allow an attacker to perform a man-in-the-middle(MITM)attack. Continue reading VU#767208: ThreatMetrix SDK for iOS fails to validate SSL certificates→

Posted in iPad, iPhone, mitm, mitm proxy, SSL

VU#475907: ShoreTel Mobility Client mobile application does not verify SSL certificates

Posted on January 3, 2017 by CERT

ShoreTel Mobility Client for iOS and Android,version 9.1.3.109 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#475907: ShoreTel Mobility Client mobile application does not verify SSL certificates→

Posted in CWE-295, man-in-the-middle, mitm, SSL

VU#475907: Shoretel Mobility Client iOS application does not verify SSL certificates

Posted on January 3, 2017 by CERT

ShoreTel Mobility Client for iOS,version 9.1.2.101 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#475907: Shoretel Mobility Client iOS application does not verify SSL certificates→

Posted in CWE-295, man-in-the-middle, mitm, SSL

VU#535111: McAfee VirusScan Enterprise for Windows scriptproxy COM object memory corruption vulnerability

Posted on December 13, 2016 by CERT

McAfee VirusScan Enterprise for Windows scriptproxy COM object contains a memory corruption vulnerability. Continue reading VU#535111: McAfee VirusScan Enterprise for Windows scriptproxy COM object memory corruption vulnerability→

Posted in dereference, dos

VU#779243: EpubCheck 4.0.1 contains a XML external entity processing vulnerability

Posted on December 13, 2016 by CERT

EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks. Continue reading VU#779243: EpubCheck 4.0.1 contains a XML external entity processing vulnerability→

Posted in CWE-611, epub, xxe

VU#245327: McAfee VirusScan for Linux contains multiple vulnerabilities

Posted on December 12, 2016 by CERT

McAfee VirusScan for Linux contains multiple vulnerabilities. Continue reading VU#245327: McAfee VirusScan for Linux contains multiple vulnerabilities→

Posted in CSRF, Exposure, injection, SQLi, xss

VU#582384: Multiple Netgear routers are vulnerable to arbitrary command injection

Posted on December 9, 2016 by CERT

Netgear R6250,R6400,R6700,R6900,R7000,R7100LG,R7300DST,R7900,R8000,D6220,and D6400 routers and possibly other models are vulnerable to arbitrary command injection. Continue reading VU#582384: Multiple Netgear routers are vulnerable to arbitrary command injection→

Posted in command injection, netgear, router

Post navigation

← Older posts

Newer posts →

Primary Sidebar Widget Area

Infocon Status

Recent Posts

Reverse-Engineering and Documenting the Fisher Price Pixter May 12, 2026
A Data Center Drained 30 Million Gallons of Water Unnoticed May 12, 2026
ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th) May 12, 2026
Microsoft PowerToys now lets you control your monitor from the taskbar – here’s how May 12, 2026
The Walls Don’t Have Ears, But Fiber Optic Does May 12, 2026

Tag Cloud

Agriculture Alzheimer's Disease Art Audio Automation Bluetooth Building and Construction Campervan Camping Cancer Coronavirus (COVID-19) Cycling Dementia Diabetes DNA Electric Vehicles Food Home House Huawei Indiegogo MIT Mobility Moon New Atlas Audio NVIDIA Off-grid Off-road Pedal-assisted Photography Physics Radio Repair RV Samsung Satellite Sony SpaceX spoofing sustainable design The Immune System Tiny Footprint Training Water Zoom

Archives

Facebook
Twitter
Linkedin
Email

Copyright © 2026 WindowsTechs.com. All Rights Reserved.

Theme: Catch Box by Catch Themes

Scroll Up