Python's built-in URL library ("urllib2" in 2.x and "urllib" in 3.x)
is vulnerable to protocol stream injection attacks (a.k.a. "smuggling"
attacks) via the http scheme. If an attacker could convince a Python
application using this library to fetch an arbitrary URL, or fetch a
resource from a mali
[+] Credits: Ian Ling
[+] Website: iancaling.com
Vendor:
=
www.ceragon.com
Product:
==
-FibeAir IP-10
Vulnerability Type:
===
Default Root Account
CVE Reference:
==
N/A
Vulnerability Details:
=
Ceragon FibeAir
*HP StoreEver MSL6480 Tape Library v4.10 - Multiple Vulnerabilities*
*Confirmed on firmware version 4.10*
*HPE PSRT response*: Upgrade to MSL6480 is 4.90 (current version)
*Weak Credentials Management*
The device comes with weak, default login credentials - security/security -
and the applicat
+
*Vulnerable Products*
1. Papouch TME Ethernet thermometer
2. Papouch TME multi: Temperature and humidity via Ethernet
*All versions affected*
*TME - Ethernet Thermometer*
http://www.papouch.com/en/shop/product/tme-ip-ethernet-thermometer/
*TME multi: Temperature and humidity via Ethernet*
Hi Hackers,
Greetings from Vishnu (@dh4wk)
1. Vulnerable Product Version:
*Blat v3.2.14*
Link: blat.net
2. Vulnerability Information
Impact: Attacker may gain administrative access / can perform a DOS
Remotely Exploitable: No
Locally Exploitable: May be possible
3.
Product: Solarwinds Virtualization Manager
Vendor: Solarwinds
Vulnerable Version(s): < 6.3.1
Tested Version: 6.3.1
Vendor Notification: April 25th, 2016
Vendor Patch Availability to Customers: June 1st, 2016
Public Disclosure: June 14th, 2016
Vulnerability Type: Security Misconfiguration
CVE Ref
