Lucene search
K

2352 matches found

Check Point Advisories
Check Point Advisories
added 2018/04/26 12:0 a.m.3 views

FreeRADIUS fr_dhcp_attr2vp Integer Underflow Out of Bounds Read (CVE-2017-10986)

FreeRADIUS RADIUS Server is an open source Other functions include setting the DNS servers, gateway, routes etc. The Bootstrap Protocol BOOTP was an older protocol standard built for the same functionality; DHCP servers extend the BOOTP protocol and provide additional features. BOOTP and DHCP use...

5CVSS3.1AI score0.02042EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/04/10 12:0 a.m.3 views

tcpdump: Buffer over-read in print-bootp.c:bootp_print() in BOOTP parser

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootpprint...

9.8CVSS7.6AI score0.03587EPSS
Exploits0References4
Hacker One
Hacker One
added 2018/04/02 2:11 p.m.26 views

Open-Xchange: [XSS] Pasting bootstrap in mail compose

Hi. No filter for bootstrap data attributes. data-target allow any html, e.g.: - " href="" collapse - " href="" dropdown - " href="" modal Steps: 1. Create page with this code best example with dropdown, you can use my template https://secator.com/ox/bootstrap.html 2. Ctrl+A select all, Ctrl+C co...

0.2AI score
Exploits0
n0where
n0where
added 2018/03/19 12:40 a.m.34 views

Intentionally Insecure Webapp for Security Training: OWASP Juice Shop

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in JavaScript which encompasses the entire OWASP Top Ten and other severe security flaws. Juice Shop is written in Node.js, Express and AngularJS. It was the first application written entirely in JavaScri...

0.4AI score
Exploits0References6
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.41 views

Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.44 views

Security fix for the ALT Linux 10 package dotnet-bootstrap-7.0 version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.30 views

Security fix for the ALT Linux 8 package dotnet-bootstrap version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.35 views

Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.44 views

Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.32 views

Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
ALT Linux
ALT Linux
added 2018/02/05 12:0 a.m.30 views

Security fix for the ALT Linux 10 package dotnet-bootstrap-6.0 version 2.0.5-alt1

Feb. 5, 2018 Vitaly Lipatov 2.0.5-alt1 - new version 2.0.5 with rpmgs script - CVE-2018-0764, CVE-2018-0786...

5CVSS7.7AI score0.08885EPSS
Exploits0
Citrix
Citrix
added 2018/01/08 12:0 a.m.8 views

Error When Booting Target Devices: "vDisk file access permission denied"

Booting target device to a vDisk was showing the following error after downloading the bootstrap file: "Server IP Address:6930: vDisk file access permission denied."...

7AI score
Exploits0
Citrix
Citrix
added 2017/12/04 12:0 a.m.9 views

How to disable Interrupt Safe Mode in Provisioning Services

How to disable Interrupt Safe Mode in Provisioning Services The "Interrupt Safe Mode" configuration is a special setting designed to handle bad PXE implementations that do not comply with PXE standards or have bugs. The setting forces a reset on the UNDI Interface after sending every packet into...

7.2AI score
Exploits0
Drupal
Drupal
added 2017/11/29 12:0 a.m.5 views

bootstrap_carousel - Moderately critical - Cross Site Scripting - SA-CONTRIB-2017-088

This module provides a way to make carousels, based on bootstrap-carousel.js. The module doesn't sufficiently handle output of img HTML tag's alt property. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Carousel: Create new content" or any simil...

6.9AI score
Exploits0References5
CNVD
CNVD
added 2017/11/02 12:0 a.m.3 views

Amazon Web Services CloudFormation bootstrap arbitrary code execution vulnerability

The Amazon Web Services AWS CloudFormation bootstrap tools package also known as aws-cfn-bootstrap is a suite of cloud computing services from Amazon.com, Inc.The CloudFormation bootstrap tools package is one of the cloud resource configuration toolkits. A security vulnerability exists in the...

7.8CVSS7.7AI score0.00376EPSS
Exploits2References1
Prion
Prion
added 2017/10/30 2:29 p.m.18 views

Directory traversal

The Amazon Web Services AWS CloudFormation bootstrap tools package aka aws-cfn-bootstrap before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory...

7.2CVSS7.7AI score0.00376EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2017/10/30 2:29 p.m.5 views

CVE-2017-9450

The Amazon Web Services AWS CloudFormation bootstrap tools package aka aws-cfn-bootstrap before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory...

7.8CVSS6.1AI score0.00376EPSS
Exploits2References3
CVE
CVE
added 2017/10/30 2:0 p.m.64 views

CVE-2017-9450

The CVE-2017-9450 issue affects the AWS CloudFormation bootstrap tools package (aws-cfn-bootstrap) prior to 1.4-19.10. The vulnerable component is the cfn-hup daemon, which an attacker with local access can abuse by writing a crafted file to escalate to root and execute arbitrary code, compromisi...

7.8CVSS7.7AI score0.00376EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2017/10/27 12:0 a.m.1 views

SQL Injection Vulnerability in YxtCMF Frontend IndexController.class.php Page

YxtCMF Yi Xue Tang Online Learning System is an online learning platform system developed with thinkphp+bootstrap as the framework. A SQL injection vulnerability exists in the IndexController.class.php page of the YxtCMF frontend. An attacker can exploit the vulnerability to obtain sensitive...

7.9AI score
Exploits0
CNVD
CNVD
added 2017/10/10 12:0 a.m.4 views

Chef Information Disclosure Vulnerability

Chef is written by Ruby form management software , it is a pure Ruby domain-specific language DSL to save the system configuration "recipes recipes" or "cookbook cookbooks". chef Developed by Opscode , and released under the Apache protocol version 2.0 open source . A security vulnerability exist...

7.5CVSS7.4AI score0.01929EPSS
Exploits0References1
Rows per page
Query Builder