3084 matches found
[SECURITY] Fedora 28 Update: slurm-17.11.13-2.fc28
Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules...
Fedora 28 : glusterfs (2018-e048a4ef13)
Security fix for CVE-2018-1088 Privilege escalation via glustersharedstorage when snapshot scheduling is enabled Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...
Jackhammer - One Security Vulnerability Assessment/Management Tool To Solve All The Security Team Problems
One Security vulnerability assessment/management tool to solve all the security team problems. What is Jackhammer? Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team, QA team and being a facilitator for TPM to understand and track the qualit...
WordPress JoeBooking 6.6.5 Database Disclosure
Exploit Title : WordPress JoeBooking Plugins 6.6.5 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : joebooking.com wordpress.org/plugins/joebooking/ Software Download Link :...
Versa Networks: Privilege Escalation Using Cron Jobs
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who a...
Jenkins < 2.121.3 / 2.138 Multiple Vulnerabilities
The version of Jenkins running on the remote web server is prior to 2.138 or is a version of Jenkins LTS prior to 2.121.3. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported versio...
Debian DSA-4254-1 : slurm-llnl - security update
Several vulnerabilities were discovered in the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-7033 Incomplete sanitization of user-provided...
CVE-2017-0912
Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...
CVE-2017-0912
Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...
Cross site scripting
Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...
CVE-2017-0912
Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...
[SECURITY] Fedora 27 Update: slurm-17.02.11-1.fc27
Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters...
[SECURITY] Fedora 28 Update: slurm-17.11.7-1.fc28
Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules...
glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
Outpost24 OUTSCAN for detecting vulnerabilities on your network perimeter
Today I would like to write a post about Outpost24. This company was founded in 2001. For comparison, Tenable was founded in 2002 and Qualys in 1999. So, it's a company with a pretty long history. Outpost24 make Vulnerability Management & Web Application Security products and provide various...
glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2015-9144
CVE-2015-9144 concerns a buffer overflow in Android on Qualcomm Snapdragon Mobile and Snapdragon Wear platforms (e.g., MDM9206/9607/9615/9625/9635M/9640/9645/9650/9655, MSM8909W, SD family up to SDX20) during processing of scheduling message information. Root cause: overflow in a scheduling-messa...
CVE-2015-9144
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD...
Important: Red Hat Security Advisory: glusterfs security update
An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
[SECURITY] Fedora 28 Update: slurm-17.11.5-2.fc28
Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters...