4777 matches found
CVE-2017-15536
CVE-2017-15536 affects Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. The CDSW web application contains multiple vulnerabilities that allow malicious authenticated users to escalate privileges within CDSW. By chaining these weaknesses, an attacker can achieve root access to CDSW nodes, ...
Cloudera Data Science Workbench Elevation of Privilege Vulnerability
Cloudera Data Science Workbench CDSW is a suite of data science platforms from US-based Cloudera. The platform provides fast, easy and secure self-service data science support for organizations. A security vulnerability exists in CDSW 1.2.0 prior to version 1.x. The vulnerability can be exploited...
Find Vulnerable Settings in AD Group Policy: Grouper
Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft’s Group Policy module and identifies all the settings defined in...
The vulnerability of the cgiHandler function in the Embedthis GoAhead web server allows a hacker to execute arbitrary code.
The vulnerability of the cgiHandler function in the Embedthis GoAhead web server is related to insufficient validation of input data during the processing of HTTP requests for dynamically linked CGI programs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through...
CVE-2017-10905
A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...
CVE-2017-10905
A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...
UBUNTU-CVE-2017-10905
A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...
CVE-2017-10905
A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...
CVE-2017-10905
CVE-2017-10905 affects applications built with Qt for Android before 5.9.3 . The flaw allows an attacker to alter environment variables via unspecified vectors . Root cause is a vulnerability in how Qt on Android handles environment-related data. Exploitation details and vectors are not specified...
SUSE-SU-2017:3311-1 Security update for slurm
This update for slurm fixes the following issues: Slurm was updated to 17.02.9 to fix a security bug, bringing new features and bugfixes fate323998 bsc1067580. Security issue fixed: CVE-2017-15566: Fix security issue in Prolog and Epilog by always prepending SPANK to all user-set environment...
Qt for Android environment variables alteration
Overview Qt for Android contains an information alteration vulnerability. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may alter environem...
JVN#27342829: Qt for Android environment variables alteration
Qt for Android contains an information alteration vulnerability. Impact A remote attacker may alter environemt variables of the apps created using Qt. As a result, arbitrary code may be executed. Solution Update the Software Update to the latest version of software according to the information...
DEBIAN-CVE-2016-5713
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...
CVE-2016-5713
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...
Code injection
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...
BlackBerry QNX Software Development Platform Information Disclosure Vulnerability (CNVD-2017-37268)
The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of the QNX SDP in BlackBerry QNX S...
CVE-2017-9369
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...
Information disclosure
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...
CVE-2017-9369
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...
CVE-2017-9369
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...