CVE-2019-11001

On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field...

CVE-2019-11001

On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field...

CVE-2019-11001

On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the “TestEmail” functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field. Recent assessments: Assessed Attacker Value: 0...

Moodle CMS <= 3.1.15 SSRF Vulnerability

Moodle CMS is prone to an SSRF vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation;...

Servicing stack update for Windows 10 Version 1809: April 2, 2019

Servicing stack update for Windows 10 Version 1809: April 2, 2019 Summary This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Key changes include: Addresses an issue where some devices drivers may fail to start after a driver rollba...

Cross-Site Scripting (XSS)

moodle/moodle is vulnerable to cross-site scripting XSS. An attacker is able to inject arbitrary Javascript into another user's browsing context via a malicious dashboard script. Users with the login as other users functionality are affected by this vulnerability when they access an attacker's...

Veeam Availability Console 3.0 RESTful API backward compatibility

Challenge This article describes improved Veeam Availability Console v3 RESTful API functionality that may retrieve different data compared to previous versions. Cause /Jobs: LastRun or EndTime now returns 00:00:00.0000000 UTC, January 1, 0001 if the value is not populated in UI /HardwarePlans:...

CVE-2010-5305

The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the...

CVE-2010-5305 Rockwell PLC5/SLC5/0x/RSLogix Credentials management

The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the...

CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

Cross site scripting

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

Introducing Ability Purge Cache Tag

The new purge by cache tag functionality in Akamai’s Fast Purge is now available to all Akamai content delivery product customers. To get to this point, we went through an exciting, year-long beta with more than 200 participants purging 200,000,000 tags. During this time, we noted some fascinatin...

Capital One: Apache server-status enabled

Apache /server-status displays information about your Apache status. If you are not using this feature, disable it. GET /server-status HTTP/1.1 Connection: keep-alive Accept: / Accept-Encoding: gzip,deflate Host: proxy-copp.capitalone.com User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64...

Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems

Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. More information about...

CVE-2019-4027

IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceI...

CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

6 Pieces of Tech Every Office Needs

By Carolina Before you start buying any technology or furniture for your office, you must put in some planning and research time. There are so many options to consider and each one will have a direct impact on the functionality of your workspace and, as result, how productive you and your team ar...

Android Kernel < 4.8 - ptrace seccomp Filter Bypass Exploit

/ The seccomp.2 manpage http://man7.org/linux/man-pages/man2/seccomp.2.html documents: Before kernel 4.8, the seccomp check will not be run again after the tracer is notified. This means that, on older ker‐ nels, seccomp-based sandboxes must not allow use of ptrace2—even of other sandboxed...

[SECURITY] Fedora 29 Update: jackson-databind-2.9.8-1.fc29

The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration...

Regular Expression Denial of Service in jadedown

The jadedown package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in. Proof of concept js var jadedown = require'jadedown'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr; return result;...