Password Breaches Fueling Booming Credential Stuffing Business

The market for credential stuffing software and services is thriving thanks in large part to an epidemic of breaches of usernames and passwords. Digital Shadows said today in a new report that credential leaks, such as this past month’s Anti Public Combo List and others, have buoyed the market fo...

Design/Logic Flaw

VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine...

NetIQ Access Manager Information Disclosure Vulnerability (CNVD-2017-05677)

NetIQ Access Manager provides a simple, secure, and scalable solution to handle all of your web access needs. Whether your users are using a cell phone or laptop to access on-premise or cloud-based services, Access Manager ensures security and provides a single sign-on experience. NetIQ Access...

WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting

The first plugin that will be analyzed in detail is called All In One WP Security & Firewall. It adds some additional layers of security to Wordpress, for example a brute force protection for the login or file permission checks. There are definitely quite a lot of good ideas integrated into this...

Session fixation

The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have...

CVE-2016-1518

The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have...

CVE-2016-1518

The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have...

HP OfficeJet Pro Wi-Fi Direct Support Printer Configuration Unauthenticated Access

The remote HP OfficeJet Pro printer is using a default configuration that lacks access controls and authentication for the Wi-Fi Direct Support feature. An unauthenticated, remote attacker can exploit this to gain read and write access to the printer configuration in the embedded web server. C...

Fedora 25 : 2:qemu (2017-01925dba3c)

chardev data is dropped when host side closed bz 1352977 - CVE-2016-8667: dma: divide by zero error in setnexttick bz 1384876 - IPv6 DNS problems in qemu user networking bz 1401165 - Fix crash in qxl memslotgetvirt bz 1405847 - CVE-2017-5579: serial: fix memory leak in serial exit bz 1416161 -...

Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1141 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged device /dev/vboxdrv and can use that to compromise the host kernel. The...

CVE-2014-2960

Vision Critical before 2014-05-30 allows attackers to read arbitrary files via unspecified vectors, as demonstrated by image files and configuration files...

Cisco IOS Smart Install Protocol Misuse (cisco-sr-20170214-smi)

The remote Cisco IOS device has the Smart Install feature enabled. The Smart Install SMI protocol does not require authentication by design. The absence of an authorization or authentication mechanism in the SMI protocol between the integrated branch clients IBC and the director can allow a clien...

jboss: jbossas writable config files allow privilege escalation

It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group root:jboss, 664. On systems using classic /etc/init.d init scripts i.e. on Red Hat Enterprise Linux 6 a...

qdPM Information Disclosure Vulnerability

qdPM is a free , open source based on Symfony framework using PHP and MySQL development project management system . An information disclosure vulnerability exists in qdPM version 8.3. A remote attacker can exploit this vulnerability by sending a direct request to core/config/databases.yml,...

tomcat: tomcat writable config files allow privilege escalation

It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...

tomcat: tomcat writable config files allow privilege escalation

It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...

tomcat: tomcat writable config files allow privilege escalation

It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...

tomcat: system property disclosure

It was discovered that when a SecurityManager was configured, Tomcat's system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible...

Moxa EDR-810 < 3.13 Information Disclosure Vulnerability - Active Check

Moxa EDR-810 devices are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...

Amazon Linux AMI : mysql51 (ALAS-2017-800)

It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server...