CVE-2017-18078

systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protectedhardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks...

Important: Red Hat Security Advisory: 389-ds-base security and bug fix update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20180125)

Security Fixes : - A stack-based buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service...

Tumder 2.1 - SQL Injection

Tumder 2.1 - SQL Injection Exploit Title: Tumder - An Arcade Games Platform 2.1 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://sndr.co.ve/ Software Link: https://codecanyon.net/item/tumder-an-arcade-games-platform/18726994 Version: 2.1 Category: Webapps Tested on:...

Initialization Vector (IV) Reuse

github.com/upspin/upsin is vulnerable to Initialization Vector IV reuse. The vulnerability exists due to the lack of entropy in its IV and would generally affect large files which are above 2^36 bytes...

CVE-2018-2622

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Code injection

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products subcomponent: Strategic Sourcing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

Juniper Junos Remote Code Execution Vulnerability

Juniper Junos OS is a Juniper Networks network operating system designed for the company's hardware systems. The OS provides a secure programming interface and the Junos SDK. A remote code execution vulnerability exists in Juniper Junos OS. A remote attacker could exploit the vulnerability to...

Grab: Unrestricted access to https://██████.█████myteksi.net/

Hello again Grab Security Team ! Following my previous research, it seems that your Microservices architecture you are currently running on .█████myteksi.net is publicly exposed on another endpoint : https://█████████.█████myteksi.net. Summary: When researching and starting a new enumeration of...

Denial of service

In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9120...

AndroidSVG SVG Parsing Component Denial of Service Vulnerability

AndroidSVG is a SVG Scalable Vector Graphics parser and renderer for Android.SVG parsing component is one of the SVG parsing components. A security vulnerability exists in the SVG parsing component in AndroidSVG version 1.2.2. A remote attacker can exploit this vulnerability to cause a denial of...

SonicWall SonicOS NSA Web Firewall Cross Site Scripting

Document Title: =============== SonicWall SonicOS NSA Web Firewall - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1725 Release Date: ============= 2018-01-06 Vulnerability Laboratory ID VL-ID:...

Gespage 7.4.8 - SQL Injection

CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection Stacked Queries -...

RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack

It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack...

CVE-2017-17704

A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode...

CVE-2017-17821

WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function in WTF/wtf/FastBitVector.cpp f...

Command Injection

pymemcache is vulnerable to command injection attacks. The vulnerability exists due to the lack of input sanitization on carriage return characters. If a client key can be set by the user, the weakness can be used as an attack vector for command injection...

Vivotek IP Cameras - Remote Stack Overflow (PoC)

Vivotek IP Cameras - Remote Stack Overflow PoC STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials...

HDF5 Out-of-Bounds Write Vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. An out-of-bounds write vulnerability exists in the 'H5Gentdecodevec' function of H5Gcache.c in libhdf5.a in HDF5 version 1.10.1...

Vivotek IP Cameras - Remote Stack Overflow (PoC)

STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials needed Firmware Vulnerable: Only 2017 versions...