5122 matches found
CVE-2017-7517
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access...
VPP Apps Does Not Appear on XenMobile Console After Accidental Deletion of the app.
Deleted VPP applications does not sync with XenMobile Server automatically. Summary VPP is an Apple Enterprise program to distribute corporate App license to device through MDM. Citrix XenMobile makes use of Apple's API to associate / disassociate license based which are distributed through...
Low: Red Hat Security Advisory: python-django-horizon security and bug fix update
An update for python-django-horizon is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Network OSINT Gathering Tool: XRay
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work? XRay is a very simple tool, it works this way: 1. It’ll bruteforce subdomains using a wordlist and DNS requests. 2. For every...
CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
Counter Strike: Condition Zero - .BSP Map File Code Execution
Counter Strike: Condition Zero - .BSP Map File Code Execution !/usr/bin/env python Counter Strike: Condition Zero BSP map exploit By @DigitalCold Jun 11, 2017 E-DB Note: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/42325.zip bsp-exploit-source.zip from binasc...
PostgreSQL PL/Java Change Type Mapping Vulnerability
PostgreSQL PL/Java is the PostgreSQL development team developed a database can be used in Java code to write stored procedures , triggers and functions of the open source project . A security vulnerability exists in PostgreSQL PL/Java versions 1.4.3 and earlier. A remote attacker could exploit th...
SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2017:1783-1)
This update for postgresql93 fixes the following issues : - bsc1029547: Fix tests with timezone 2017a - CVE-2017-7486: Restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1037624 - CVE-2017-7485: Recognize PGREQUIRESSL variable again. bsc103829...
CVE-2017-9921
IrfanView version 4.44 32bit with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpResGetMappingSize+0x00000000000003cc."...
SUSE-SU-2017:1783-1 Security update for postgresql94
This update for postgresql93 fixes the following issues: - bsc1029547: Fix tests with timezone 2017a - CVE-2017-7486: Restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1037624 - CVE-2017-7485: Recognize PGREQUIRESSL variable again. bsc1038293...
CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
DEBIAN-CVE-2017-10920
The grant-table feature in Xen through 4.8.x mishandles a GNTMAPdevicemap and GNTMAPhostmap mapping, when followed by only a GNTMAPhostmap unmapping, which allows guest OS users to cause a denial of service count mismanagement and memory corruption or obtain privileged host OS access, aka XSA-224...
ALPINE-CVE-2017-10920
The grant-table feature in Xen through 4.8.x mishandles a GNTMAPdevicemap and GNTMAPhostmap mapping, when followed by only a GNTMAPhostmap unmapping, which allows guest OS users to cause a denial of service count mismanagement and memory corruption or obtain privileged host OS access, aka XSA-224...
CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
kernel: Incorrectly mapped contents of PIE executable
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...
python-django-horizon: XSS in federation mappings UI
A cross-site scripting flaw was discovered in the OpenStack dashboard horizon which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard...
SUSE-SU-2017:1690-1 Security update for postgresql94
This update for postgresql94 to 9.4.12 fixes the following issues: Upstream changelogs: - https://www.postgresql.org/docs/9.4/static/release-9-4-12.html - https://www.postgresql.org/docs/9.4/static/release-9-4-11.html - https://www.postgresql.org/docs/9.4/static/release-9-4-10.html Security issue...
CVE-2017-3096
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execution...