Apple macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1372 the kernel libproc API proclistuptrs has the following comment in it's userspace header: / Enumerate potential userspace pointers embedded in kernel data structures. Currently inspects kqueues only. NOTE: returned "pointers"...

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation Vulnerability

Exploit for windows platform in category web applications Exploit Title: Privilege Escalation - Perspective ICM Investigation & Case - 5.1.1.16 Date Reported to vendor: Jun 28, 2017 Date Accepted by vendor: Jun 11, 2017 Exploit Author: email protected Vendor Homepage: www.resolver.com Version:...

Perspective ICM Investigation Case 5.1.1.16 - Privilege Escalation

Perspective ICM Investigation Case 5.1.1.16 - Privilege Escalation Exploit Title: Privilege Escalation - Perspective ICM Investigation & Case - 5.1.1.16 Date Reported to vendor: Jun 28, 2017 Date Accepted by vendor: Jun 11, 2017 Exploit Author: [email protected] Vendor Homepage:...

The vulnerability of the Role-Based Access Control (RBAC) access control function in the data center network management system, Prime Data Center Network Manager, allows a perpetrator to gain access to confidential information or execute arbitrary code.

The vulnerability of the Role-Based Access Control RBAC access control function in the data center network management system, Prime Data Center Network Manager DCNM, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to...

SUSE-SU-2017:1663-1 Security update for wireshark

The network debugging tool wireshark was updated to version 2.2.7 to fix the following issues: - CVE-2017-9352: Bazaar dissector infinite loop wnpa-sec-2017-22 bsc1042304 - CVE-2017-9348: DOF dissector read overflow wnpa-sec-2017-23 bsc1042303 - CVE-2017-9351: DHCP dissector read overflow...

Cisco Prime Data Center Network Manager 10.1.x < 10.2.1 Multiple Vulnerabilities (remote check)

According to its self-reported version number, the Cisco Prime Data Center Network Manager DCNM installed on the remote host is 10.1.x prior to 10.2.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the role-based access control RBAC...

Design/Logic Flaw

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the...

CVE-2017-6639

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the...

CVE-2017-6639

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the...

Cisco Patches Critical Flaws in Prime Data Center Network Manager

A debugging tool left on in deployments of Cisco’s large-scale data center management software could be remotely accessed and allow an attacker to run code with root privileges. Cisco made an update available that patches this and one other critical vulnerability in the same management software,...

Big Batch of Bugs Fixed in Various Versions of IDA

The makers of the popular IDA disassembly and debugging tool have fixed more than a dozen security vulnerabilities in a variety of versions. Some of the vulnerabilities are a couple of years old, and patches are provided for versions from 6.1 up through 6.6. IDA is a tool used by malware analysts...

SimpleProgramDebugger - Simple program debugger that shows all debug events

SimpleProgramDebugger is a simple debugging tool for Windows that attaches to existing running program or starts a new program in debugging mode, and then displays all major debugging events occurs while the program is running, including Exception, Create Thread, Create Process, Exit Thread, Exit...

Mandrake Security Advisory MDVSA-2009:089 (opensc)

The remote host is missing an update to opensc announced via advisory MDVSA-2009:089. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Code injection

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

Confixx 2 - Perl Debugger Remote Command Execution

Confixx 2 - Perl Debugger Remote Command Execution source: https://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to ...

PHP XSS exploit in phpinfo&#40;&#41;

PHP XSS exploit in phpinfo by Silent Needle A: BACKGROUNDfrom php.net int phpinfo int what Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment if compiled ...