CVE-2017-14706

DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web...

Failed to update listener certificate in XMS 10.6

While importing renewed SSL listener certificate on XMS 10.6 following error is observed on XMS debug logs. 2017-06-22T11:47:55.251+0300 | A7B895C5041828EC | INFO | http-nio-14443-exec-7 | com.citrix.controlpoint.rest.CertificateMgmtResource | Uploading certificate to be used As : listener . none...

DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DenyAll Web Application Firewall Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of DenyAll We...

Microsoft Edge 38.14393.1066.0 - COptionsCollectionCacheItem::GetAt Out-of-Bounds Read

Microsoft Edge 38.14393.1066.0 - COptionsCollectionCacheItem::GetAt Out-of-Bounds Read function go select1.multiple = false; var optgroup = document.createElement"optgroup"; select1.addoptgroup; var options = select1.options; select2 = document.createElement"select";...

Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1309 There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the serv...

Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read

Microsoft Edge: out-of-bounds read in COptionsCollectionCacheItem::GetAt CVE-2017-8734 There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 Microsoft EdgeHTML...

Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading

Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1309 There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is...

Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read Exploit

There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 Microsoft EdgeHTML 14.14393 as well as Microsoft Edge 40.15063.0.0 Microsoft EdgeHTML 15.15063. Microsoft Edge...

Regular Expression Denial Of Service (ReDoS)

debug is vulnerable to Regular Expression Denial Of Service ReDoS. The regular expression is used to map %o to util.inspect can take awhile for long strings, hanging an application...

Crowbar - Brute Forcing Tool (SSH, OpenVPN, RDP, VNC)

Crowbar formally known as Levye is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2416-1)

This update for qemu fixes the following issues: Security issues fixed : - CVE-2017-10664: Fix DOS vulnerability in qemu-nbd bsc1046636 - CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support bsc1047674 - CVE-2017-11334: Fix OOB access during DMA operation...

PYSEC-2017-44

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

CVE-2017-12794

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

DEBIAN-CVE-2017-12794

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

CVE-2017-12794

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

PYSEC-2017-44

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

ALPINE-CVE-2017-12794

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

CVE-2017-12794

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

CVE-2017-12794

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

FreeBSD : Django -- possible XSS in traceback section of technical 500 debug page (aaab03be-932d-11e7-92d8-4b26fc968492)

Django blog : In older versions, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you shouldn't run with DEBUG =...