CVE-2016-3952

web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/templateexamples/beautify. NOTE: this issue can be leveraged by remote attackers to gain administrative access...

CVE-2016-3952

web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/templateexamples/beautify. NOTE: this issue can be leveraged by remote attackers to gain administrative access...

UBUNTU-CVE-2016-3952

web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/templateexamples/beautify. NOTE: this issue can be leveraged by remote attackers to gain administrative access...

CVE-2017-15536

An issue was discovered in Cloudera Data Science Workbench CDSW 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combination to gain root access to CDSW nodes, gain...

Design/Logic Flaw

An issue was discovered in Cloudera Data Science Workbench CDSW 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combination to gain root access to CDSW nodes, gain...

CVE-2017-15536

CVE-2017-15536 affects Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. The CDSW web application contains multiple vulnerabilities that allow malicious authenticated users to escalate privileges within CDSW. By chaining these weaknesses, an attacker can achieve root access to CDSW nodes, ...

Cloudera Data Science Workbench Elevation of Privilege Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from US-based Cloudera. The platform provides fast, easy and secure self-service data science support for organizations. A security vulnerability exists in CDSW 1.2.0 prior to version 1.x. The vulnerability can be exploited...

Find Vulnerable Settings in AD Group Policy: Grouper

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft’s Group Policy module and identifies all the settings defined in...

The vulnerability of the cgiHandler function in the Embedthis GoAhead web server allows a hacker to execute arbitrary code.

The vulnerability of the cgiHandler function in the Embedthis GoAhead web server is related to insufficient validation of input data during the processing of HTTP requests for dynamically linked CGI programs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through...

ASUS Router Buffer Overflow Vulnerability

ASUS routers is a wireless router product from ASUS. A buffer overflow vulnerability exists in the 'ejupdatevariables' function in the router/httpd/web.c file in ASUS routers. An attacker could exploit this vulnerability by sending a request to update settings to execute code...

Microsoft Edge Chakra JIT Stack-To-Heap Copy Bug

Microsoft Edge: Chakra: JIT: stack-to-heap copy bug CVE-2018-0776 If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those...

Microsoft Edge Chakra JIT - Stack-to-Heap Copy Exploit

Exploit for windows platform in category dos / poc / If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those variables should no...

CVE-2018-5721

Stack-based buffer overflow in the ejupdatevariables function in router/httpd/web.c on ASUS routers when using software from https://github.com/RMerl/asuswrt-merlin allows web authenticated attackers to execute code via a request that updates a setting. In ejupdatevariables, the length of the...

Fedora 27 : systemd (2017-6263c938c7)

Use infinite timeouts for passwords during boot when JobTimeoutSec=0 - Some tty utf8-mode fixes - Only send one auxillary fd set over dbus - Various network-manager crash and spurious assert fixes - Do not remount network filesystems ro during shutdown and unmount DM devices better - Fix...

Ubiquiti Inc.: Reflected XSS

Due to the lack of sanitisation in the commend area, with a especially crafted message, is possible to execute a XSS with the "preview" function. If a draft is save, is possible to exploit this bug using as and stored-XSS. The "New Discussion" page on the Spanish and Portuguese forums have a...

Symantec Messaging Gateway Directory Traversal Vulnerability (CNVD-2018-01158)

Symantec Messaging Gateway is a suite of anti-spam, anti-virus, advanced content filtering and data leakage protection technologies from Symantec. A directory traversal vulnerability exists in Symantec Messaging Gateway versions prior to 10.6.4. The vulnerability can be exploited to access...

CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

UBUNTU-CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...

CVE-2017-10905

A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors...