App Layering: Office MCS Rearm failure because kmssetup.cmd is running multiple times

Created a new layer following https://support.citrix.com/article/CTX224566. After publishing the image and using Studio to upgrade catalog using MCS, we receive the following error: Task Information: Start Date: Friday, October 6, 2017 Start Time: 1:46 PM Finish Date: Friday, October 6, 2017 Fini...

MCollective: Remote Code Execution

Background MCollective is a framework to build server orchestration or parallel job execution systems. Description A vulnerability was discovered in MCollective which allowed for deserialized YAML from agents without calling safeload. This allows the potential for arbitrary code execution on the...

Downloading entire Vulners.com database in 5 minutes

Today I once again would like to talk about Vulners.com and why, in my opinion, it is the best vulnerability database that exist nowadays and a real game-changer. The main thing is transparency. Using Vulners you not only can search for security content see "Vulners – Google for hacker", but...

kernel: NFSv4 server does not properly validate layout type when processing NFSv4 pNFS LAYOUTGET operand

It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service...

USN-3342-2 linux-hwe vulnerabilities

USN-3342-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. USN-3333-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions...

USN-3342-1: Linux kernel vulnerabilities

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...

IBM Spectrum Scale/GPFS Denial of Service Vulnerability

IBM Spectrum Scale is a high-performance shared disk file management solution that gives you fast, reliable access to data from multiple servers.The IBM General Parallel File System IBM GPFS is a file system for distributing and managing data across multiple servers and is used in many...

Ubuntu 16.10 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3327-1) (Stack Clash)

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-7374 It was discovered that the stack guard page for processes in the Linux kernel was not...

Parallel override modification loophole in Beijing Magitek's submission system

The submission system is a review system developed by Beijing Magtech Technology Development Co. A parallel override modification vulnerability exists in the Beijing Magtech Submission System. It allows an attacker to traverse sensitive user information...

My NJ Client APP has parallel override access vulnerability

My Nanjing Client APP is a city-level public service mobile application that integrates all kinds of living information in Nanjing. My Nanjing Client APP has a parallel override access vulnerability. Allowing an attacker to access all the real-name registered user and enterprise information and...

Code injection

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

CVE-2017-5682

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.

Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...

Ubiquiti Robotics Alpha2 Android app has a parallel override vulnerability

Ubitus is a company that integrates artificial intelligence and humanoid robotics research and development, platform software development and utilization, and product sales. A parallel override vulnerability exists in the Ubitus Robotics Alpha2 Android app. Due to the Ubiquiti Alpha2 Android app'...

OpenBSD http server - denial of service vulnerability(CVE-2017-5850)

No description provided by source. !/usr/bin/perl -w curl --limit-rate 1 --continue-at 1 --header "Host: www.example.com" http://target/10mb.fs use warnings; use IO::Socket; use Parallel::ForkManager; $numforks = 50; if $ARGV \n"; sub killhttpd print "ATTACKING $ARGV0 using $numforks forks\n"; $p...

CVE-2016-6115

IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...

Buffer overflow

IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...

CVE-2016-6115

IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...

CVE-2016-6115

IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...

CVE-2016-6115

CVE-2016-6115 affects IBM GPFS/Spectrum Scale (e.g., Elastic Storage Server and GPFS Storage Server). The vulnerability is a buffer overflow in IBM General Parallel File System that could be triggered by a remote authenticated attacker, allowing arbitrary code execution with root privileges or ca...