More risk management whitepapers
Free Research and Reports
- Plan and Deploy a Most Cost-Effective 4G Infrastructure - 4G World
- Join the Conference for 4G/LTE Professionals at CTIA - 4G World
- Come to Interop New York, Sept 29 - Oct 3, 2014 - Interop New York
- Learn to Maximize Your Next-Gen Network Investments - 4G World
- Tower & Small Cell Summit - Tower & Small Cell Summit
Dark Reading Digital Magazine
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link.
The Entity API module 7.x-1.x before 7.x-1.2 for Drupal does not properly restrict access to node comments, which allows remote authenticated users to read the comments via unspecified vectors. NOTE: this identifier was SPLIT per ADT5 due to different researcher organizations. CVE-2013-7391 was assigned for the View vector.
The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.
The Entity API module 7.x-1.x before 7.x-1.2 for Drupal, when using the (a) Views field or (b) area plugins, allows remote attackers to read restricted entities via the (1) field, (2) header, or (3) footer of a View. NOTE: this identifier was SPLIT from CVE-2013-4273 per ADT5 due to different researcher organizations.
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.