Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Filtered by product Virtual Customer Access System
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-0778 5 Apple, Hp, Openbsd and 2 more 6 Mac Os X, Virtual Customer Access System, Openssh and 3 more 2024-11-21 4.6 MEDIUM 8.1 HIGH
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
CVE-2015-3200 3 Hp, Lighttpd, Oracle 3 Virtual Customer Access System, Lighttpd, Solaris 2024-11-21 5.0 MEDIUM 7.5 HIGH
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.