Cisco UCS Manager Debug Plug-in Privilege Escalation Vulnerability (cisco-sa-20170405-ucs)

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager could allow an authenticated, local attacker to execute arbitrary commands. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2017-6598

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege...

CVE-2017-6598

CVE-2017-6598 affects Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance. A vulnerability in the debug plug-in functionality allows an authenticated, local attacker to execute arbitrary commands with elevated privileges. The root cause is inadequate i...

CVE-2017-6598

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege...

Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance Debug Plug-in Privilege Escalation Vulnerability

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands. The vulnerabilit...

shopify-scripts: Null pointer dereference in OP_ENTER

PoC === The following demonstrates a crash: class A def foo end end class B argv = ary-ptr; gdb p ary $1 = struct RArray 0x0 Test platform ============= Linux Mint 17.3 Cinnamon 64-bit, built with gcc version 4.8.4 Ubuntu 4.8.4-2ubuntu114.04.3 mruby SHA: a14a930c800aa50a191922580d53a2ce09287912...

Intel® NUC and Intel® Compute Stick DCI Disable

Summary: Intel® NUC and Intel® Compute Stick systems based on 6th Gen Intel® Core™ processors do not have DCI debug capability properly locked for BIOS only access. This would allow an attacker with physical possession of the system to potentially enable DCI from outside the BIOS. Description:...

Fedora 24 : webkitgtk4 (2017-0f38995622)

Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...

Fedora 25 : webkitgtk4 (2017-25ffd5b236)

Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...

shopify-scripts: SIGSEGV in mrb_vm_exec

PoC ------------------- The following code triggers the bug attached as testmrbvmexec.rb: def methodmissingmeth,argsyieldmeth,argsend enumfor.next Debug - mirb ------------------- x@x:/Desktop/test/mruby/bin$ gdb -q ./mirb rReading symbols from ./mirb...done. gdb r testmrbvmexec.rb Starting...

shopify-scripts: SIGSEGV in mrb_str_inum

PoC ------------------- The following code triggers the bug attached as testmrbstrinum.rb: def methodmissingfalse end def tostr""end Integerÿ,2.h Debug - mirb ------------------- x@x:/Desktop/test/mruby/bin$ gdb -q ./mirb r Reading symbols from ./mirb...idone. gdb r testmrbstrinum.rb Starting...

CVE-2016-10225

The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxidebug/sunxidebug...

CVE-2017-7271

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

Cross site scripting

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

Code injection

The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxidebug/sunxidebug...

CVE-2017-7271

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

CVE-2017-7271

CVE-2017-7271 describes a reflected XSS in the Yii Framework prior to 2.0.11. In development mode, crafted request data can be mishandled on the debug-mode exception screen, allowing remote attackers to inject arbitrary script/HTML. Affected product/version: Yii Framework before 2.0.11 (developme...

CVE-2017-7271

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

CVE-2016-10225

The CVE-2016-10225 issue affects the sunxi-debug driver in Allwinner 3.4 legacy kernels on H3, A83T and H8 devices. The flaw allows local users to gain root privileges by sending the string rootmydevice to /proc/sunxi_debug/sunxi_debug. Connected sources confirm related artifacts, including a ker...

openssh security and bug fix update

5.3p1-122 - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 5.3p1-121 - Fix missing hmac-md5-96 from server offer 1373836 5.3p1-120 - Prevent infinite loop when Ctrl+Z pressed at password prompt 1218424 - Remove...