Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read Exploit

There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 Microsoft EdgeHTML 14.14393 as well as Microsoft Edge 40.15063.0.0 Microsoft EdgeHTML 15.15063. Microsoft Edge...

DEBIAN-CVE-2017-11190

unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...

HPSBGN03558 rev.9 - Conexant HD Audio Driver Local Debug Log

Potential Security Impact Potential, local loss of confidentiality VULNERABILITY SUMMARY A potential security vulnerability caused by a local debugging capability that was not disabled prior to product launch has been identified with certain versions of Conexant HD Audio Drivers on HP products. H...

How to Enable DEBUG Log Level for Syslog Events on the NetScaler

This article describes how to enable DEBUG log level for syslog events on NetScaler. Enabling DEBUG level for syslog events will allow you to capture detailed information that is not recorded by default in ns.log file. Note : The DEBUG level should be disabled upon finishing the troubleshooting...

Pornhub: Debug.log file Exposed to Public \Full Path Disclosure\

The researcher discovered a debug log file exposing path information...

SUSE-SU-2017:0292-1 Security update for dbus-1

This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default...

PageKit 1.0.10 - Password Reset Exploit

Exploit for php platform in category web applications Exploit Title: Remote PageKit Password Reset Vulnerability Date:​21-01-2017 Software Link: http://pagekit.com/ Exploit Author: Saurabh Banawar from SecureLayer7​ Contact: http://twitter.com/​securelayer7 Website: http​s://securelayer7.net​...

PageKit 1.0.10 - Password Reset

Exploit Title: Remote PageKit Password Reset Vulnerability Date:​21-01-2017 Software Link: http://pagekit.com/ Exploit Author: Saurabh Banawar from SecureLayer7​ Contact: http://twitter.com/​securelayer7 Website: http​s://securelayer7.net​ Category: webapps 1. Description Anyremote user can reset...

PageKit 1.0.10 - Password Reset

PageKit 1.0.10 - Password Reset Exploit Title: Remote PageKit Password Reset Vulnerability Date:​21-01-2017 Software Link: http://pagekit.com/ Exploit Author: Saurabh Banawar from SecureLayer7​ Contact: http://twitter.com/​securelayer7 Website: http​s://securelayer7.net​ Category: webapps 1...

XenMobile Domain users unable to authenticate - LDAP response read timed out, timeout used

If domain users or admins are failing to authenticate to XenMobile, verify if the following error appears in the debug log 2016-04-05T10:25:50.128+0000 | 5EAF1FBBC192FC0D | WARN | http-nio-10080-exec-77 | com.sparus.nps.apple.security.AuthUtils | Forcing LDAP auth: cannot refresh user data:...

SUSE-SU-2016:2565-1 Security update for dbus-1

This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default...

冰峰VPN /log/system.log 敏感信息泄漏漏洞

由于“ICEFLOW VPN Router”设备产品存在各种日志文件未授权访问可导致系统敏感信息泄漏。（包括登录成功后的session值） 系统日志http://url/log/system.log VPN日志http://url/log/vpn.log 移动用户日志http://url/log/mobile.log 防火墙日志http://url/log/firewall.log 访问日志http://url/log/access.log 告警日志http://url/log/warn.log 错误日志http://url/log/error.log...

Mango Automation 2.6.0 Unprotected Debug Log View Vulnerability

Summary Mango Automation is a flexible SCADA, HMI And Automation software application that allows you to view, log, graph, animate, alarm, and report on data from sensors, equipment, PLCs, databases, webpages, etc. It is easy, affordable, and open source. Description Mango Automation suffers from...

NetScaler Gateway Rejects RADIUS Accept Request

RADIUS authentication is configured on NetScaler Gateway. RADIUS accepts the authentication and sends the correct message however NetScaler rejects the authentication. The RADIUS log files show that the authentication is accepted. The network trace shows that a message is sent from RADIUS server...

Moderate: Red Hat Security Advisory: python-keystoneclient security and bug fix update

Updated python-keystoneclient packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...

sudo security update

CentOS Errata and Security Advisory CESA-2013:1701 An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common...

Low: Red Hat Security Advisory: sudo security, bug fix and enhancement update

An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Skype Vulnerability Exposing User IP Addresses

Skype Vulnerability Exposing User IP Addresses Skype is warning users following the launch of a site devoted to harvesting user IP addresses.The Skype IP-Finder site allowed third-parties to see a user's last known IP address by simply typing in a user name. A script has been uploaded to Github...

Fedora 14 : foomatic-4.0.8-3.fc14 (2011-11205)

This package fixes CVE-2011-2924 by using mktemp when creating a debug log file in debug mode. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...

Fedora 16 : foomatic-4.0.8-4.fc16 (2011-11118)

This package fixes CVE-2011-2924 by using mktemp when creating a debug log file in debug mode. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...