DEBIAN-CVE-2015-5306

OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...

PYSEC-2015-28

OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...

PYSEC-2015-28

OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...

CVE-2015-5306

OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...

CVE-2015-5306

OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...

Security Advisory - Two Vulnerabilities in Huawei TE Series Product

Huawei TE series is a multimedia video conferencing endpoint that transfers audio, video, and desktop resources based on IP networks. It offers point-to-point and multiparty conferences for attendees at different places to enjoy face-to-face audio/video communication experience. A security...

PT-2015-6843 · Openstack · Openstack Ironic Inspector

Name of the Vulnerable Software and Affected Versions: OpenStack Ironic Inspector affected versions not specified Description: The issue allows remote attackers to access the Flask console and execute arbitrary Python code by triggering an error when debug mode is enabled. Recommendations: At the...

CVE-2015-6375

The debug-logging aka debug cns feature in Cisco Networking Services CNS for IOS 15.22E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010...

Design/Logic Flaw

The debug-logging aka debug cns feature in Cisco Networking Services CNS for IOS 15.22E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010...

CVE-2015-8104

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

DEBIAN-CVE-2015-8104

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

Design/Logic Flaw

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

CVE-2015-8104

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

UBUNTU-CVE-2015-8104

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

Mail.ru: [opensource.mail.ru] Debug Mode

Какая-то интересная отладочная информация. http://opensource.mail.ru/search?q=1 Самое интересное то, что от значения переменной q зависит ошибка в том или ином файле. Удалось получить 3 вида ошибок: http://opensource.mail.ru/search?q=1 undefined method gsub' for "1":Array - file: wiki.rb...

OpenSSL - Alternative Chains Certificate Forgery

OpenSSL - Alternative Chains Certificate Forgery !/usr/bin/env ruby encoding: ASCII-8BIT By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = 0, 0, 1 Release = nil class String def hexdumpstream=$stdout 0.stepbytesize - ...

Android Remote Elevation of Privilege Vulnerability (CNVD-2015-07365)

Android is a mobile operating system based on the Linux open kernel led and developed by Google and the Open Handset Alliance. A remote elevation of privilege vulnerability exists in Android versions prior to 5.1.1 LMY48X and 6.0 prior to 2015. Allows an attacker to send commands to debug ports a...

Mail.ru: [allods.my.com] Full SQL Disclosure

Уязвимость имеет ту же природу, что и в 96729 и в 96727. Уязвимость возникает вследствие чтения ошибок через включенный Debug-режим. И там, и там - раскрытие информации за счёт debug-режима. Но для того, что бы раскрыть SQL запрос необходимо произвести Stress-тест многочисленными запросами любой...

Infinite Automation Mango Automation Information Disclosure Vulnerability (CNVD-2015-07169)

Infinite Automation Mango Automation is the United States Infinite Automation Systems, Inc. of a set of open source Web-based SCADA data acquisition and supervisory control, HMI and automation software. Infinite Automation Mango Automation 2.5.x and 2.6.x prior to 2.6.0, build 430, suffers from a...

CVE-2015-3971

The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239...