Windows PowerShell Remote Code Execution Vulnerability

A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. In an attack scenario, an attacker could execute malicious code in a PowerShell remote...

QEMU debug logging stack buffer overflow vulnerability

QEMU is an open source emulator software. Qemu supports usb-redirect with a stack buffer overflow vulnerability in debug logging, which allows local attackers to exploit the vulnerability by submitting specially crafted requests to crash a QEMU instance...

What is the hype around Firewall as a Service?

Admit it. Who would not want their firewall maintenance grunt work to go away? For more than 20 years, companies either managed their edge firewall appliances or had service providers rack-and-stack appliances in their data centers and did it for them. This was called a managed firewall — an...

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

The AWS metadata service SSRF vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Recently I was busy with a small project, to study how the Docker container executing untrusted Python code. According to the project requirements, I need to test more online code execution engine, research them on the various attacks of the reaction. In the research process, I foun...

CVE-2017-6678

A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a...

GLSA-201706-21 : nettle: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201706-21 nettle: Information disclosure It was found that nettles RSA and DSA decryption code was vulnerable to cache-related side channel attacks. See the referenced technical paper Cache Attacks Enable Bulk Key Recovery on the...

Cisco Virtualized Packet Core-Distributed Instance Denial of Service Vulnerability

Cisco Virtualized Packet Core VPC is the StarOS release by product. A security vulnerability in the ingress UDP packet processing function of Cisco Virtualized Packet CoreDistributed Instance VPCDI Software could allow an unauthenticated, remote attacker to cause a denial of service by overloadin...

Cisco Virtualized Packet Core-Distributed Instance Denial of Service Vulnerability

A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

Remote Symbol Resolution

Introduction The following blog discusses a couple of common techniques that malware uses to obscure its access to the Windows API. In both forms examined, analysts must calculate the API start address and resolve the symbol from the runtime process in order to determine functionality. After...

Code Execution Vulnerability in LotWan WAN Optimization System

AppEx LotWan is a WAN optimization and acceleration product. A remote command execution vulnerability exists in AppEx LotWan, which exists in /acc/checkinstancestate.php and can be exploited by an attacker to execute system commands without authorization...

IBM Distributed Marketing Input Validation Vulnerability

IBM Distributed Marketing is an omni-channel marketing solution from IBM USA. The solution is used to create, monitor and measure field marketing programs. An input validation vulnerability exists in IBM Distributed Marketing. An attacker could exploit the vulnerability to create instances, causi...

Weblate: Information Disclosure on demo.weblate.org

Description The demo instance, located on https://demo.weblate.org is leaking user's IP-adresses in the Activity log. F185728 Impact The authenticated user can disclose valid IP adresses of other users through Activity log. The feature works as it should so no changes should be made on the GitHub...

Qualys Cloud Suite 8.10 New Features

This new release of the Qualys Cloud Suite, version 8.10, includes new capabilities and improvements to for VM, PC and shared platform improvements: Authentication Vault integration with BeyondTrust Mandate-Based reporting for Policy Compliance to simplify reporting against multiple mandates and...

CVE-2016-5979

IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. IBM X-Force ID: 116379...

CVE-2017-7401

Incorrect interaction of the parsepacket and parsepartsignsha256 functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service infinite loop of a collectd instance configured with "SecurityLevel None" and with empty "AuthFile" options via a crafted UDP...

Microsoft Azure Instance Metadata Enumeration (Unix)

Binary data enumeratemsazurevmnix.nbin...

Microsoft Azure Instance Metadata Enumeration (Windows)

Binary data enumeratemsazurevmwin.nbin...

CVE-2016-10174

creationtimestamp| type| source ---|---|--- 2017-03-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41719 2018-05-24 15:44:33+00:00| seen| MISP/5b06d57d-f2b8-4357-9038-45d39f590eb0 2018-05-29 15:50:33+00:00| seen|...

Fedora 25 : cloud-init (2017-837115524e)

This update fixes a systemd service ordering issue in cloud-init and backports a fix for a security issue in which instances run in EC2 write IAM instance profile credentials to disk. To work around the security issue without updating cloud-init, wait at least six hours between creating a bundle ...