CVE-2019-11634 - Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows

Description of Problem A vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients local drives which could enable code execution on the client...

CVE-2019-13609 - CRLF Vulnerability in Citrix License Server for Windows and VPX

Description of Problem A Carriage Return Line Feed CRLF injection vulnerability has been identified in Citrix License Server for Windows and VPX that could allow an unauthenticated attacker to bypass authentication and allow a malicious website to read or modify license server data of an existing...

Potential Command Injection in hubot-scripts

Versions 2.4.3 and earlier of hubot-scripts are vulnerable to a command injection vulnerablity in the hubot-scripts/package/src/scripts/email.coffee module. Mitigating Factors The email script is not enabled by default, it has to be manually added to hubot's list of loaded scripts. Recommendation...

GHSA-HWCH-749C-RV63 Potential Command Injection in hubot-scripts

Versions 2.4.3 and earlier of hubot-scripts are vulnerable to a command injection vulnerablity in the hubot-scripts/package/src/scripts/email.coffee module. Mitigating Factors The email script is not enabled by default, it has to be manually added to hubot's list of loaded scripts. Recommendation...

Authentication Bypass Vulnerability in the Management Interface of Citrix Application Delivery Controller and Citrix Gateway

Description of Problem A vulnerability has been identified in the management interface of Citrix Application Delivery Controller ADC formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, that, if exploited, could allow an attacker with access to the management...

EU Cookie Law < 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS)

By exploiting the documented vulnerability, an authenticated attacker with high privileges administrator can execute JavaScript code in a victim's browser. By default, in WordPress, administrator users are allowed to inject JavaScript as they have the unfilteredhtml capability. The affected form...

Citrix Hypervisor Security Update.

Description of Problem A vulnerability has been found in Citrix Hypervisor formerly Citrix XenServer that may allow an unauthenticated attacker with the ability to send traffic to a host over a management or storage network to cause the host to crash. This vulnerability is identified as: •...

Directory Traversal in lactate

A crafted GET request can be leveraged to traverse the directory structure of a host using the lactate web server package, and request arbitrary files outside of the specified web root. This allows for a remote attacker to gain access to arbitrary files on the filesystem that the process has acce...

Citrix XenServer Microarchitectural Data Sampling Speculative Side-Channel Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (CTX2251995)

The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by microarchitectural data sampling speculative side-channel vulnerabilities. These vulnerabilities may allow a local attacker on a guest machine to sample the contents of memory...

LifeOmic: open redirect while login at https://apps.dev.jupiterone.io can leak access code.

LifeOmic Comments @base64 found an open redirect bug in our auth flow. After review, we determined that due to design the exploit would only work in our dev environment. Though we determined mitigating controls were already in place for this attack in prod, we valued @base64 's efforts and awarde...

Microsoft Patches Zero-Day Bug Under Active Attack

Microsoft has released a patch for an elevation-of-privileges vulnerability rated important, which is being exploited in the wild. The bug fix is part of Microsoft’s May Patch Tuesday Security Bulletin. It’s tied to the Windows Error Reporting feature and is being abused by attackers who have...

Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm

UPDATE Microsoft patched a zero-day in its JET Database Engine this week – but the patch was incomplete, according to researchers at 0patch. The company has developed a micropatch that corrects that hole, it said Friday. The memory corruption vulnerability CVE-2018-8423 could allow remote...

GHSA-72FG-JQHX-C68P Open Redirect in st

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...

Open Redirect in st

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...

HPSBHF03586 rev. 1 - DCI Policy Update

Potential Security Impact Information disclosure and escalation of privilege via limited physical presence. Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel platforms, starting with Skylake, support a USB 3-based debugging interface a.k.a. Direct...

Debian: Security Advisory (DSA-4232-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-16224

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...

CVE-2017-16224

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...

Cross site request forgery (csrf)

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...

Citrix XenServer Multiple Security Updates

Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running in a PV guest VM to compromise the host and malicious privileged code running in an HVM guest VM to crash the host. These vulnerabilities affect all currently...