2590 matches found
VMware vCenter Server XML External Entity (XXE) Vulnerability (VMSA-2016-0022)
VMware vCenter Server contains an XML external entity XXE vulnerability in the Log Browser, the Distributed Switch setup, and the Content Library. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
[SECURITY] Fedora 23 Update: memcached-1.4.17-5.fc23
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load...
[SECURITY] Fedora 24 Update: memcached-1.4.25-2.fc24
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load...
osquery Command And Control: Kolide
osquery Command And Control Kolide is an agentless osquery web interface and remote api server. Kolide uses the osquery remote apis to do ad-hoc distributed queries, osqueryd configurations and the collection and processing of scheduled queries packs. Kolide was designed to be extremely portable ...
[SECURITY] Fedora 24 Update: nodejs-4.6.1-6.fc24
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Netease open source Pomelo game server framework is not authorized to access leads to remote command execution
Pomelo is a piece of Netease open source based on Node.js the game server framework, which is based on Node.js high-performance, distributed game server framework. It includes the basis of the development framework and the associated expansion components, libraries and tools packages, can help sa...
Distributed Ruby (dRuby/DRb) Multiple RCE Vulnerabilities
Systems using Distributed Ruby dRuby/DRb, which is available in Ruby versions 1.6 and later, may permit unauthorized systems to execute distributed commands. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
[SECURITY] Fedora 24 Update: nodejs-4.6.0-5.fc24
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Open Source Distributed Secure Skype Alternative: Tox Messenger
Open Source Distributed Secure Skype Alternative Distributed FOSS secure messenger with audio and video chat capabilities Tox began a few years ago, in the wake of Edward Snowden’s leaks regarding NSA spying activity. The idea was to create an instant messaging protocol that ran without any kind ...
Vulnerability is a combination punch--attack of distributed nodes-the vulnerability of early warning-the black bar safety net
Distributed systems mostly rely on the message queue middleware to solve the asynchronous processing, the application of coupled problems such as Message Queuing middleware of choice in turn depends on the overall system design and implementation, message packaging, transmission, processing throu...
swarm - A Modular Distributed Penetration Testing Tool
Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system and use MongoDB for data storage. It consists of a distributed framework and function modules. The function module can be an entirely new...
The vulnerability of the distributed Git version control system allows a hacker to execute arbitrary code.
The vulnerability of the distributed Git version control system arises from a numerical overflow condition. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code using a long file name or multiple nested trees, which causes a buffer overflow in the dynami...
OwnCloud WebDAV 'COPY' Security Bypass Vulnerability
OwnCloud is a free and open source personal cloud storage solution from German company OwnCloud. The solution offers file management, music storage, calendars and more. A security bypass vulnerability exists in OwnCloud WebDAV 'COPY', which allows attackers to bypass security restrictions and...
Zabbix 2.2. x, 3.0. x latest.php SQL injection vulnerability
Zabbix insertDBinjection vulnerabilities analysis Vulnerability linkage: https://www.seebug.org/vuldb/ssvid-92302 A vulnerability overview 1. Vulnerability description Zabbix is a WEB-based interface to provide distributed system monitoring and network monitoring capabilities of enterprise-class...
Shopify: Unauthorized access to Zookeeper on http://locutus-zk3.ec2.shopify.com:2181
What is Zookeeper? ==================== Zookeeper is a coordination service for distributed applications. It allows common services such as naming, synchronisation, configuration management and group services to be managed by a simple interface and It uses a data model of File System on an...
samba: Client side SMB2/3 required signing can be downgraded
A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server...
[SECURITY] Fedora 24 Update: nodejs-4.4.6-2.fc24
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
[SECURITY] Fedora 24 Update: nodejs-4.4.4-1.fc24
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
[SECURITY] Fedora 24 Update: quassel-0.12.4-1.fc24
Quassel IRC is a modern, distributed IRC client, meaning that one or multiple clients can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such as WeeChat, but graphical...
[SECURITY] Fedora 22 Update: quassel-0.12.4-1.fc22
Quassel IRC is a modern, distributed IRC client, meaning that one or multiple clients can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such as WeeChat, but graphical...