Dp300,nip6600,secospace Usg6500,te60,tp3106,vp9660,viewpoint 8660,viewpoint 9030,ecns210 Td,espace U1981 Security Vulnerabilities

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1534)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length ...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1518)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature ...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel ...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1489)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An information-leak vulnerability was found in the kernel when it truncated a file to a smaller size which consisted of an...

What to do when you discover a data breach

Your cell phone goes off in the middle of your well-deserved sleep and you try to find it before your partner wakes up as well. “What could be wrong? Why would they page me in the middle of the night?” More asleep than awake, you stumble down the stairs and call the number on the screen, which...

Use-After-Free

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. * A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary....

Who is managing the security of medical management apps?

One truth that is consistent across every sector—be it technology or education—is that software is vulnerable, which means that any device running software applications is also at risk. While virtually any application-running device could be compromised by an attacker, vulnerabilities in medical...

Cardinal RAT Resurrected to Target FinTech Firms

A malware family called Cardinal RAT has reappeared, after two years of silence, in a series of attacks that have been targeting Israel-based financial technology firms. After Cardinal RAT was first detected in 2017, the malware disappeared for two years. But now, in this latest campaign,...

TheCarProject v2 - Multiple SQL Injection Vulnerability

Exploit for php platform in category web...

TheCarProject 2 SQL Injection

...

TheCarProject 2 - Multiple SQL Injection

...

TheCarProject 2 - Multiple SQL Injection

TheCarProject 2 - Multiple SQL...

Denial Of Service (DoS)

libmatio.so is vulnerable to denial of service (DoS) attacks. The vulnerability exists through a possible stack-based buffer over-read in a memcpy operation in Mat_VarReadNextInfo5() in src/mat5.c, resulting in a denial of service condition when the vulnerability is...

Stack overflow

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

CVE-2019-9030

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in...

Threatpost News Wrap Podcast For Feb. 22

Threatpost editors Lindsey O’Donnell and Tom Spring discuss the biggest news of the week ended Feb. 22, including a report about flaws in password managers, and a 19-year-old flaw found in WinRAR. The Threatpost team also discussed an upcoming webinar on Feb. 27 at 2 p.m. ET. Patrick Hevesi of...

Teradata Viewpoint Detection

Detection of Teradata Viewpoint. The script sends a connection request to the server and attempts to detect Teradata Viewpoint and to extract its...

CVE-2019-6499

Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected...

CVE-2019-6499

Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected...

Hardcoded credentials

Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected...

CVE-2019-6499

Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected...

Authorization Bypass

Linux kernel is vulnerable to authorization bypass. The ovl_setattr function in fs/overlayfs/inode.c attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted...

Joomla Codextrous B2jcontact 2.1.17 Shell Upload

...

Security Advisory - Cache Timing Vulnerability in OpenSSL RSA Key Generation

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack (CVE-2018-0737). An attacker could exploit this vulnerability to recover the private key. (Vulnerability ID: HWPSIRT-2018-06015) Huawei has released software updates to fix this...

Design/Logic Flaw

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information...

Authentication flaw

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....

CVE-2018-7958

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....

CVE-2018-7960

There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...

Information disclosure

There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...

CVE-2018-7958

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....

CVE-2018-7960

There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...

CVE-2018-7959

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information...

CVE-2018-7959

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information...

CVE-2018-7958

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....

CVE-2018-7959

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information...

CVE-2018-7960

There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...

More on Threat Hunting

Earlier this week hellor00t asked via Twitter: Where would you place your security researchers/hunt team? I replied: For me, "hunt" is just a form of detection. I don't see the need to build a "hunt" team. IR teams detect intruders using two major modes: matching and hunting. Junior people...

Security Advisory - Two Vulnerabilities in Huawei eSpace Product

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak. (Vulnerability...

Security Advisory - Anonymous TLS Cipher Suite Supported Vulnerability in Huawei eSpace Product

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....

Transparent Tor for Windows: Tallow

Tallow is a small program that redirects all outbound traffic from a Windows machine via the Tor anonymity network. Any traffic that cannot be handled by Tor, e.g. UDP, is blocked. Tallow also intercepts and handles DNS requests preventing potential leaks. Tallow has several applications,...

cinematheque.fr XSS vulnerability

Open Bug Bounty ID: OBB-684236 Description| Value ---|--- Affected Website:| cinematheque.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

Explainer Series: RDaaS Security and Managing Compliance Through Database Audit and Monitoring Controls

As organizations move to cloud database platforms they shouldn't forget that data security and compliance requirements remain an obligation. This article explains how you can apply database audit and monitoring controls using Imperva SecureSphere V13.2 when migrating to database as a service cloud....

lavoixdunord-espace-abonnement.lavoix.com XSS vulnerability

Open Bug Bounty ID: OBB-677023 Description| Value ---|--- Affected Website:| lavoixdunord-espace-abonnement.lavoix.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3.....

lunion-espace-abonnement.lavoix.com XSS vulnerability

Open Bug Bounty ID: OBB-676916 Description| Value ---|--- Affected Website:| lunion-espace-abonnement.lavoix.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3...

grandes-ecoles.studyrama.com XSS vulnerability

Open Bug Bounty ID: OBB-669692 Description| Value ---|--- Affected Website:| grandes-ecoles.studyrama.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...