Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale (CVE-2018-1901)

Summary There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale. This issue allow a remote attacker to temporarily gain elevated privileges on the system. Vulnerability Details IBM WebSphere Application Server is used to provide graphical user interface for managi...

NSA to release its GHIDRA reverse engineering tool for free

The United States' National Security Agency NSA is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2018:2890-1)

This update for MozillaFirefox to ESR 60.2 fixes several issues. These general changes are part of the version 60 release. New browser engine with speed improvements Redesigned graphical user interface elements Unified address and search bar for new installations New tab page listing top visited,...

CVE-2018-15007

The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069trxl601sky/x6069trxl601sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper versionCode=238, versionName=2.3.8 that contains an exported broadcast...

GUI Elevation of Privilege Vulnerability in Multiple IBM Products

IBM FlashSystem 840 MTMs 9840-AE1 and others are enterprise-class storage solutions from IBM USA. The solution offers a full suite of disaster recovery tools including snapshots, cloning, and replication to secure data as well as virtualized configuration and performance management using IBM...

CVE-2018-0417

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller WLC Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrect parsing of a specific...

ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability

A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform...

McAfee VirusScan Enterprise Elevation of Privilege Vulnerability

McAfee VirusScan Enterprise VSE is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scanning memory for malicious code and optimizing updates for remote systems, etc. Microsoft Windows client is one of its clients based on...

[SECURITY] Fedora 28 Update: kst-2.0.8-20.fc28

Kst is a real-time data viewing and plotting tool with basic data analysis functionality. Kst contains many powerful built-in features and is expandable with plugins and extensions. Main features of kst include: Robust plotting of live "streaming" data. Powerful keyboard and mouse plot...

How to Collect Diagnostic Data on NetScaler SD-WAN Appliance

This article describes how to capture diagnostic data on NetScaler SD-WAN WANOP appliance using Graphical User Interface GUI...

Bluepot - Bluetooth Honeypot

This code is from a University Project written in 2010. This is a newer version of the code than is on Google Code. Bluepot is a Bluetooth Honeypot written in Java, it runs on Linux. Bluepot was a third year university project attempting to implement a fully functional Bluetooth Honeypot. A piece...

CVE-2017-15270

The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values CSV file. This can be used by attackers to hide data in the Graphical User Interface GUI view and create arbitrary entries to a certain extent. Special characters such as '"' and ',' a...

CVE-2017-10055

Vulnerability in the Oracle iPlanet Web Server component of Oracle Fusion Middleware subcomponent: Admin Graphical User Interface. The supported version that is affected is 7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

SDX -Memory Showing Less Than Expected on GUI

Memory is showing as 32 GB instead of the expected 48 GB on SVM GUI...

NMapGUI - Advanced Graphical User Interface for NMap

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. If you have any questions about NMapGUI usage or want to get in contact with me, please visit: Twitt...

McAfee Advanced Threat Defense Elevation of Privilege Vulnerability

McAfee Advanced Threat Defense ATD is a suite of threat detection and defense solutions from the U.S.-based company McAfee McAfee. The solution provides malware analysis, shared threat intelligence, and isolation of compromised systems. The Web interface in McAfee ATD is vulnerable to a power...

SAP GUI Security Bypass Vulnerability

SAP GUI is a graphical user interface client from SAP, Germany. A security bypass vulnerability exists in SAP GUI. A remote attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized operations...

Cisco Identity Services Engine Denial of Service Vulnerability

Cisco Identity Services Engine ISE is an identity-based environment awareness platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. A denial of service...

Oracle GlassFish Server 3.1.2 Multiple Vulnerabilities

Oracle GlassFish Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SAP GUI Remote Code Execution Vulnerability

SAP GUI is a graphical user interface client from SAP, Germany. A remote code execution vulnerability exists in SAP GUI. An attacker could exploit this vulnerability to execute arbitrary code in the context of an affected program...