Belkin Wemo UPnP - Remote Code Execution Exploit

V This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Belkin Wemo UPnP Remote Code Execution', 'Description' = %q This module exploits a command injection in the Belkin Wemo UPnP API via the...

[SECURITY] Fedora 29 Update: nss-3.42.1-1.fc29

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

Don’t Get Your Valentine an Internet-Connected Sex Toy

Mozilla expands its “Privacy Not Included” gift guide to the bedroom: It’s all sexy fun and games until someone hacks a WiFi-enabled butt plug...

Part 1: Mobile Banking and Buying – The Good and the Bad

Banking and buying with your mobile device is powerful and convenient—and in some ways safer than using your bank card. You can check your balance, make secure payments, deposit checks, and transfer funds. You can even connect your debit or credit card to Apple or Google Pay or another payment...

CVE-2019-3821

A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service...

Announcing Trend Micro Security for Microsoft Edge

Browsing the web securely with Microsoft Edge the browser recommended by Microsoft for Windows 10 users and the default browser in Windows 10 S-mode is a safer bet than ever before with Trend Micro Security for Microsoft Edge—a unique three-in-one browser extension that provides web threat...

DRUPAL-CONTRIB-2019-014

Acquia Connector facilitates sending certain telemetry data to Acquia for the purposes of analysis. The module automates the collection of site information to speed support communication and issue resolution. It is required for use with the Acquia Insight service. The module does not properly...

User getting App Layering error at logon- "This system was not shutdown properly"

When a domain user logs on to an image that has been published by App Layering and the image has User Layers enabled, they may receive an error...

SSH Login Successful For Authenticated Checks

It was possible to login using the provided SSH credentials. Hence authenticated checks are enabled. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

Battelle V2I Hub Information Disclosure Vulnerability

The Battelle V2I Hub is a connected vehicle and roadway information management system from Battelle Memorial Institute, Inc. The system supports effective communication between infrastructure information and vehicle information. An information disclosure vulnerability exists in Battelle V2I Hub...

Discuz! DiscuzX file deletion vulnerability

Discuz! DiscuzX is an online forum system. A file deletion vulnerability exists in Discuz! DiscuzX version 3.4, which can be exploited by a remote attacker to delete the commonmemberwechatmp data structure by sending an ac=unbindmp request to the plugin.php page when wechat login is enabled...

SZ NetChat Options Module Cross-Site Scripting Vulnerability

SZ NetChat is an online chat application.Options module is one of the menu modules. A cross-site scripting vulnerability exists in the MyName input field of the Options module in SZ NetChat versions prior to 7.9, which can be exploited by a remote attacker to inject commands that could affect the...

Improper access control

Incorrect access control in StackStorm API st2api in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker who has a StackStorm account and is authenticated against the StackStorm API to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=" que...

Schneider Electric EcoStruxure

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use this device as a platform to...

CVE-2017-1265

IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle MITM techniques. IBM X-Force ID: 124740...

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

OPENSUSE-SU-2018:3835-1 Security update for chromium

This update contains Chromium 70.0.3538.102 and fixes security issues and bugs. Vulnerabilities fixed in 70.0.3538.102: - CVE-2018-17478: Out of bounds memory access in V8 boo1115537 Vulnerabilities fixed in 70.0.3538.67 bsc1112111: - CVE-2018-17462: Sandbox escape in AppCache - CVE-2018-17463:...

Cyber-Attacks: How to Stop a Multibillion-Dollar Problem

By Ed Cabrera, Chief Cybersecurity Officer for Trend Micro and Martin Bally, Vice President & Chief Security Officer for Diebold Nixdorf ? Where there’s money, there has always been crime. Traditional bank robbery and physical assaults on ATMs are still a challenge, and now a new breed of...

kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service

A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the changeportsettings in the drivers/usb/serial/ioti.c so that the divisor value becomes zero and...