6326 matches found
CVE-2013-4088
Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket spl...
Microsoft Windows Modules Installer Servic Information Disclosure Vulnerability
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. An information disclosure vulnerability exists in the Microsoft Windows Modules Installer Service. An attacker could exploit this vulnerability to view any file on the file system with...
Ansible Flaw Vulnerability
Ansible is a computer system configuration manager from the American company Ansible. The product can be used to publish, manage and organize computer systems. Ansible has a flaw vulnerability. An attacker can use ansible facts file to select modules to send...
Linux: Lockout time for locked accounts
The lockout time for locked accounts can be set in two modules: - pamtally2: The login counter tallying module - pamfaillock: Module counting authentication failures during a specified interval Use the unlocktime=n option to re-enable login after n seconds after the lock out. Copyright C 2020...
CVE-2020-0728
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
CVE-2020-0728
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
Information disclosure
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
CVE-2020-0728
CNVD-2020-10129 and related OpenVAS entries describe CVE-2020-0728 as an information disclosure vulnerability in Microsoft Windows, specifically involving the Windows Modules Installer Service. The root cause is improper disclosure of file information by the service, enabling an attacker to view ...
Windows Modules Installer Service Information Disclosure Vulnerability
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system. To exploit the vulnerability, an attacker would have to log onto an affected...
IPv6Tools - A Robust Modular Framework That Enables The Ability To Visually Audit An IPv6 Enabled Network
The IPv6Tools framework is a robust set of modules and plugins that allow a user to audit an IPv6 enabled network. The built-in modules support enumeration of IPv6 features such as ICMPv6 and Multicast Listener Discovery MLD. In addition, the framework also supports enumeration of Upper Layer...
icsmaster
This repository is an offensive tool for ICS/SCADA security research, containing various resources and scripts for exploiting vulnerabilities in industrial control systems. The repository is organized into several sections, including a collection of papers on ICS/SCADA security, exploit scripts,...
Security Bulletin: A vulnerability affects the Cordova platform packaged with Rational Application Developer (CVE-2015-8320)
Summary A vulnerability has been discovered that affects the Cordova platform packaged with Rational Application Developer. Vulnerability Details CVEID: CVE-2015-8320 DESCRIPTION: Apache Cordova Android could allow a remote attacker to bypass security restrictions, caused by weak randomization of...
PT-2020-14317 · Grocy · Grocy
Name of the Vulnerable Software and Affected Versions: Grocy versions = 2.7.1 Description: The issue is related to Cross-Site Scripting that can be exploited via the Create Shopping List module when it is deleted. This problem is also present in other modules, including users, batteries, chores,...
npm: Symlink reference outside of node_modules folder through the bin field upon installation
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenodemodules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package...
Debian DSA-4612-1 : prosody-modules - security update
It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...
Debian: Security Advisory (DSA-4612-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4612-1] prosody-modules security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4612-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2020 https://www.debian.org/security/faq -...
[SECURITY] Fedora 31 Update: ansible-2.9.3-1.fc31
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
[SECURITY] Fedora 30 Update: ansible-2.9.3-1.fc30
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
DSA-4612-1 prosody-modules - security update
Bulletin has no description...