8752 matches found
CVE-2019-1994
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation...
Key considerations for building vs. buying identity access management solutions
Time and time again, organizations learn the hard way that no matter which security solutions they have in place, if they haven’t properly secured the end user, their efforts can be easily rendered moot. The classic slip-up most often associated with end-user-turned-insider-threat is falling for ...
What K–12 schools need to shore up cybersecurity
Crumbling infrastructure. Gaps in curriculum. Antiquated devices. Difficult COPPA laws. Lack of funding. Those are just a few of the obstacles facing K–12 schools looking to adopt technology into their 21st century learning initiatives. Now add security concerns to the list, and you can see why...
Important: Red Hat Security Advisory: Container Development Kit 3.7.0-1 security update
Red Hat Container Development Kit 3.7.0-1 update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Cheat Engine - A Development Environment Focused On Modding
Cheat Engine is an open source tool designed to help you with modifying single player games running under window so you can make them harder or easier depending on your preferencee.g: Find that 100hp is too easy, try playing a game with a max of 1 HP, but also contains other usefull tools to help...
C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection
C4G Basic Laboratory Information System BLIS 3.4 - SQL Injection Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory...
UBUNTU-CVE-2019-6465
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones DLZs if the zones are writable Versions affected: BIND 9.9.0 - 9.10.8-P1, 9.11.0 - 9.11.5-P2, 9.12.0 - 9.12.3-P2, and versions 9.9.3-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 o...
Intel Data Center Manager SDK File Elevation of Privilege Vulnerability (CNVD-2019-05268)
Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A security vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. The vulnerability can be exploited by...
Intel Data Center Manager SDK File Local Insecure File Permissions Vulnerability
Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A local insecure file permission vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. An authenticated...
Intel Data Center Manager SDK Information Disclosure Vulnerability
Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. An information disclosure vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. An authenticated user can...
Intel Data Center Manager SDK File Local Insecure File Permissions Vulnerability (CNVD-2019-05267)
Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A local insecure file permission vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. An authenticated...
GHSA-97GV-3P2C-XW7J Denial of Service and Content Injection in i18n-node-angular
Versions of i18n-node-angular prior to 1.4.0 are affected by denial of service and cross-site scripting vulnerabilities. The vulnerabilities exist in a REST endpoint that was created for development purposes, but was not disabled in production in affected versions. Recommendation Update to versio...
CVE-2019-0108
Improper file permissions for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access...
CVE-2019-0111
Improper file permissions for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2019-0110
Insufficient key management for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2019-0106
Insufficient run protection in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access...
macOS Reverse TCP Port 4444 IPv6 Shellcode (119 bytes)
/ Title: macOS - Reverse ::1:4444/TCP Shell /bin/sh +IPv6 Shellcode 119 bytes Tested: macOS 10.14.1 Author: Ken Kitahara Compilation: gcc -o loader loader.c dev:works devuser$ swvers ProductName: Mac OS X ProductVersion: 10.14.1 BuildVersion: 18B75 dev:works devuser$ cat ipv6rev.s section .text...
Ponce - IDA Plugin For Symbolic Execution Just One-Click Away!
Ponce pronounced 'poN θe pon-they is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely writt...
The vulnerability of the Outside In Filters component of the software development kit (SDK) from Outside In Technology allows a attacker to trigger a Denial-of-Service Attack (DoS).
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the HTTP protocol...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using the HTTP protocol...