Denial Of Service (DoS0

qpid-cpp-mrg is vulnerable to denial of service DoS attacks. The vulnerability exists as the qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing...

SQL Injection In Query_methods

activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...

Denial Of Service (DoS)

freeradius is vulnerable to denial of service DoS attacks. The vulnerability exists as a stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly...

Security update for libraw (moderate)

openSUSE Security Update: Security update for libraw Announcement ID: openSUSE-SU-2019:0008-1 Rating: moderate References: 1097975 1103200 1103206 Cross-References: CVE-2018-5804 CVE-2018-5813 CVE-2018-5815 CVE-2018-5816 Affected Products: openSUSE Leap 15.0 An update that fixes four...

CVE-2018-6097

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page...

CVE-2018-6097

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page...

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: January 8, 2019

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: January 8, 2019 Summary This update rollup is a security update. This security update resolves vulnerabilities in Microsoft Exchange. To learn more about these vulnerabilities, see the following Common...

W3Brute - Automatic Web Application Brute Force Attack Tool

w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features 1. Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process...

MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method Exploit

Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length ------------------------------------------------------------------- EAX...

Design/Logic Flaw

Mishandling of '' on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service crash and reboot via certain ONVIF methods such as CreateUsers, SetImagingSettings, GetStreamUri, and so on...

CVE-2018-20050

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service crash and reboot via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method...

CVE-2018-20051

Mishandling of '' on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service crash and reboot via certain ONVIF methods such as CreateUsers, SetImagingSettings, GetStreamUri, and so on...

Nextcloud: xmlrpc.php is enabled - Nextcloud

Hi Nextcloud Team, Summary: An attacker can devise a XML request to list all the methods that are enabled on the server. Replace Get with POST request and add method call in the request. To reproduce the vulnerability you need to use Firefox browser and Burpsuite Open:...

Mobile Trends during the US Holiday Weekend

Over the past few years we've seen a tremendous growth in mobile traffic on the web. Because of this many of the most successful websites have invested in optimizing the experience of users on whatever device they use and however they connect to the internet. With mobile traffic now exceeding...

Kernel-Mode Rootkit Hunter: Tyton

Loadable kernel modules, LKMs for short, are an integral companion to the Linux kernel. Typically, LKMs are used to add support for new hardware as device drivers or file systems or add additional system calls. Without LKMs, an operating system would have to include all possible anticipated...

ruby: Unintentional directory traversal by poisoned NULL byte in Dir

It was found that the methods from the Dir class did not properly handle strings containing the NULL byte. An attacker, able to inject NULL bytes in a path, could possibly trigger an unspecified behavior of the ruby script...

Infection Monkey v1.6 - An Automated Pentest Tool

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey i...

openSUSE: Security Advisory for libwpd (openSUSE-SU-2018:3842-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

AWS IAM Privilege Escalation – Methods and Mitigation

The post AWS IAM Privilege Escalation – Methods and Mitigation appeared first on Rhino Security Labs...

openSUSE: Security Advisory for openssh (openSUSE-SU-2018:3801-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...