EUVD-2026-17983

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...

Himmelblau 安全漏洞

Himmelblau is an open-source Azure Entra ID authentication module developed by Himmelblau. There is a security vulnerability in Himmelblau, which stems from conditional local privilege escalation due to name conflicts in edge scenarios. If the mapped CN or short name matches the name of a...

EUVD-2008-3846

Malware in sbrugna...

net/smc: protect link down work from execute after lgr freed

...

Storefront Installation Error Adding Local Administrators to CitrixStorefrontAdministrators Group

Install StoreFront with below error: There was an error adding user accounts in the Administrators local group to the CitrixStorefrontAdministrators local group.See the log files described in the article 'Troubleshoot Storefront' in the Storefront product documentation. Try adding these user...

How to restrict connections from clients\endpoints with specific versions of Citrix Workspace app

This article describes how to control connections to published applications or published desktops from specific versions of Citrix Workspace app for Windows. In the steps below, configure local group policies using the Windows Group Policy Object administrative template for Citrix Workspace app...

Rockstar Service - Insecure File Permissions Vulnerability

Exploit Title: Rockstar Service - Insecure File Permissions Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability Description:...

WindowsFirewallRuleset - Windows Firewall Ruleset Powershell Scripts

About WindowsFirewallRuleset Windows firewall rulles organized into individual powershell scripts according to: 1. Rule group 2. Traffic direction 3. IP version IPv4 / IPv6 4. Further sorted according to programs and services such as for example: 2. ICMP traffic 3. Browser rules 4. rules for...

DEP devices fail to complete enrollment using basic enrollment

XenMobile basic enrollments do not occur when the device is initially activated. The administrator is required to perform an over the air or Secure Hub enrollment. This issue can be identified because "Device Enrollment Program User" a local user" "Device Enrollment Program Group" a local group...

Ranger - Tool To Access And Interact With Remote Microsoft Windows Based Systems

A tool to support security professionals access and interact with remote Microsoft Windows based systems. This project was conceptualized with the thought process, we did not invent the bow or the arrow, just a more efficient way of using it. Ranger is a command-line driven attack and penetration...

Receiver pass through is failing with Storefront when we are trying to launch application across domains/forests.

We have two domains “Domain1.com" and "Domain2.com" in different forest. External two way trust relationship exists between 2 domains. XenApp and XML servers are in “Domain2.com" domain and Store front servers are in “Domain1.com" domain. Few users in "Domain1.com" domain is part of a global grou...

admin/migratelocalgroups.jsp Atlassian Local Group Migration Recovery lacks an XSRF token to run the migration

admin/migratelocalgroups.jsp Atlassian Local Group Migration Recovery does not require a csrf token to run the migration. When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...

admin/migratelocalgroups.jsp Atlassian Local Group Migration Recovery lacks an XSRF token to run the migration

admin/migratelocalgroups.jsp Atlassian Local Group Migration Recovery does not require a csrf token to run the migration. When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities 1 in the WYSIWYG editors, 2 during local group creation, 3 during HTML redirects, 4 in the HTML import, 5 in the Rich text editor, and 6 in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inje...

CVE-2008-3860

Multiple cross-site scripting XSS vulnerabilities 1 in the WYSIWYG editors, 2 during local group creation, 3 during HTML redirects, 4 in the HTML import, 5 in the Rich text editor, and 6 in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inje...

DSA-430 trr19 - missing privilege release

Bulletin has no description...

Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow

Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow / source: https://www.securityfocus.com/bid/1495/info Xconq is a multiple player strategy game available for many unix platforms. It contains a number of buffer overflow vulnerabilities including the ability to overflow stack buffers with eithe...