A secure captive portal browser with automatic DNS detection

Captive portals are the worst. Flaky detection. The OS and browser try to detect these annoying network features but fail quite often, leaving you with broken connections. DID YOU KNOW that probe-based captive portal detection really doesn't work very well, with 30% FP and 30% FN rate in Chrome? ...

CVE-2017-1438

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 includes DB2 Connect Server could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057...

Pornhub: Unsecured Elasticsearch Instance

The researcher has found an insecure Elasticsearch instance accessible to the public. A publicly accessible server running Elasticsearch instance was identified, due to a firewall misconfiguration. The instance was only intermittently accessible because of round robin ordering. The instance...

Design/Logic Flaw

Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU aka Quick Emulator allows attackers to cause a denial of service QEMU instance crash by leveraging failure to properly clear ifqso from pending packets...

CVE-2015-7945

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job resul...

DEBIAN-CVE-2015-7945

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job resul...

CVE-2015-7945

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job resul...

CVE-2015-7945

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job resul...

How to Use Variables in Configuration Jobs on NetScaler MAS

A configuration job is a set of configuration commands that you can execute on one or more managed instances. When you execute the same configuration on multiple instances, you might want to use different values for the parameters used in your configuration. You can define variables that enable y...

Red-Gate SQL Monitor 3.10 4.2 - Authentication Bypass

Red-Gate SQL Monitor 3.10 4.2 - Authentication Bypass Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before thi...

Snapchat: RCE/LFI on test Jenkins instance due to improper authentication flow

@nahamsec found a test Jenkins instance where they could login with any valid Google account. Once logged in, they gained the ability to execute arbitrary code via the Jenkins Script Console. This was a test jenkins instance with no access to source code or resources. Methodology Here is the...

CVE-2017-11334

CVE-2017-11334 affects QEMU and is described as an OOB read/write bug in the address_space_write_continue path (exec.c) that allows a privileged guest‑OS user, via qemu_map_ram_ptr accessing guest RAM, to cause a denial of service and guest crash. The impact is local and involves an out‑of‑bounds...

CVE-2017-11334

The addressspacewritecontinue function in exec.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds access and guest instance crash by leveraging use of qemumapramptr to access guest ram block area...

CVE-2017-11334

The addressspacewritecontinue function in exec.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds access and guest instance crash by leveraging use of qemumapramptr to access guest ram block area...

CVE-2017-11468

It was found that docker-distribution did not properly restrict memory allocation size for a registry instance through the manifest endpoint. An attacker could send a specially crafted request that would exhaust the memory of the docker-distribution service...

Fedora 26 : cloud-init (2017-83671c0fa0)

This update fixes several issues with systemd service ordering and network configuration. It also backports a fix for a security issue in which instances run in EC2 write IAM instance profile credentials to disk. To work around the security issue without updating cloud-init, wait at least six hou...

Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4025331)

This host is missing a critical security update according to Microsoft KB4025331 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-8565

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...

Remote code execution

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...

CVE-2017-8565

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...