14 matches found
EUVD-2018-18092
Malware in sbrugna...
Senate Committee passes new antitrust bill aimed at Big Tech companies
The American Innovation and Choice Online Act AICOA, a bill that forbids Big Tech platforms like Apple, Alphabet Google’s parent company, and Amazon from generally behaving in an anti-competitive manner, was approved by the Senate Judiciary Committee late last week with a 16-6 vote. US Senator Am...
[Webinar and eBook]: Are You’re Getting The Best Value From Your EDR Solution?
Many companies rely on Endpoint Detection and Response EDR solutions as their primary security tool to protect their organizations against cyber threats. EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecti...
Kronos WebTA 4.0 Privilege Escalation / Cross Site Scripting
Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage: https://www.kronos.com/products/kronos-webta Version: 3.8.x - 4.0...
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage: https://www.kronos.com/products/kronos-webta Version: 3.8.x - 4.0...
Clever New DDoS Attack Gets a Lot of Bang for a Hacker's Buck
By exploiting the WS-Discovery protocol, a new breed of DDoS attack can get a huge rate of return...
Design/Logic Flaw
Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versions prior to v2018.06.25.01...
CVE-2018-6331
Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versions prior to v2018.06.25.01...
CVE-2018-6331
Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versions prior to v2018.06.25.01...
CVE-2018-6331
Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versions prior to v2018.06.25.01...
CVE-2018-6331
The Buck CVE-2018-6331 issue concerns the Buck parser-cache command, which loads/saves state using Java serialized objects. If the serialized state is maliciously crafted, deserializing it could lead to code execution. Affected products/versions: Buck versions prior to v2018.06.25.01. This is tie...
CVE-2018-6331
Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versions prior to v2018.06.25.01...
PT-2018-17481 · Facebook · Buck
Name of the Vulnerable Software and Affected Versions: Buck versions prior to v2018.06.25.01 Description: The issue arises from the Buck parser-cache command, which utilizes Java serialized objects to load and save state. If the state information is maliciously crafted, deserializing it could lea...
Important: Red Hat Security Advisory: mod_wsgi security update
An updated modwsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...