CVE-2019-3821

A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service...

Announcing Trend Micro Security for Microsoft Edge

Browsing the web securely with Microsoft Edge the browser recommended by Microsoft for Windows 10 users and the default browser in Windows 10 S-mode is a safer bet than ever before with Trend Micro Security for Microsoft Edge—a unique three-in-one browser extension that provides web threat...

DRUPAL-CONTRIB-2019-014

Acquia Connector facilitates sending certain telemetry data to Acquia for the purposes of analysis. The module automates the collection of site information to speed support communication and issue resolution. It is required for use with the Acquia Insight service. The module does not properly...

User getting App Layering error at logon- "This system was not shutdown properly"

When a domain user logs on to an image that has been published by App Layering and the image has User Layers enabled, they may receive an error...

SSH Login Successful For Authenticated Checks

It was possible to login using the provided SSH credentials. Hence authenticated checks are enabled. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

Battelle V2I Hub Information Disclosure Vulnerability

The Battelle V2I Hub is a connected vehicle and roadway information management system from Battelle Memorial Institute, Inc. The system supports effective communication between infrastructure information and vehicle information. An information disclosure vulnerability exists in Battelle V2I Hub...

Discuz! DiscuzX file deletion vulnerability

Discuz! DiscuzX is an online forum system. A file deletion vulnerability exists in Discuz! DiscuzX version 3.4, which can be exploited by a remote attacker to delete the commonmemberwechatmp data structure by sending an ac=unbindmp request to the plugin.php page when wechat login is enabled...

SZ NetChat Options Module Cross-Site Scripting Vulnerability

SZ NetChat is an online chat application.Options module is one of the menu modules. A cross-site scripting vulnerability exists in the MyName input field of the Options module in SZ NetChat versions prior to 7.9, which can be exploited by a remote attacker to inject commands that could affect the...

Improper access control

Incorrect access control in StackStorm API st2api in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker who has a StackStorm account and is authenticated against the StackStorm API to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=" que...

Schneider Electric EcoStruxure

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use this device as a platform to...

CVE-2017-1265

IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle MITM techniques. IBM X-Force ID: 124740...

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

OPENSUSE-SU-2018:3835-1 Security update for chromium

This update contains Chromium 70.0.3538.102 and fixes security issues and bugs. Vulnerabilities fixed in 70.0.3538.102: - CVE-2018-17478: Out of bounds memory access in V8 boo1115537 Vulnerabilities fixed in 70.0.3538.67 bsc1112111: - CVE-2018-17462: Sandbox escape in AppCache - CVE-2018-17463:...

Cyber-Attacks: How to Stop a Multibillion-Dollar Problem

By Ed Cabrera, Chief Cybersecurity Officer for Trend Micro and Martin Bally, Vice President & Chief Security Officer for Diebold Nixdorf ? Where there’s money, there has always been crime. Traditional bank robbery and physical assaults on ATMs are still a challenge, and now a new breed of...

kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service

A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the changeportsettings in the drivers/usb/serial/ioti.c so that the divisor value becomes zero and...

kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service

A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the changeportsettings in the drivers/usb/serial/ioti.c so that the divisor value becomes zero and...

Junos OS: Unauthenticated remote root access possible when RSH service is enabled

If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...

CVE-2018-3997

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

CVE-2018-16297

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can...