6348 matches found
Virtuozzo 6 : parallels-kernel-modules / etc (VZA-2019-093)
According to the version of the parallels-kernel-modules / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - libVNCServer-0.9.10 contains a memory leak in VNC server code, which may allow an attacker to read stack memory. Note tha...
Web Security Dog (Apache Edition) V4.0 suffers from sql injection bypass vulnerability
Website Security Dog is a server tool that integrates website content security protection, website resource protection and website traffic protection functions. Functions covered by the net horse / Trojan scanning, anti-SQL injection, anti-stolen links, anti-CC attacks, real-time website traffic...
The vulnerability of the Windows Modules Installer Service component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Windows Modules Installer Service component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
metasploit-framework
This is an offensive tool for Metasploit Framework. The Metasploit Framework is a penetration testing platform that provides a comprehensive set of tools for discovering, exploiting, and analyzing vulnerabilities in computer systems. It is widely used by security researchers and penetration teste...
CVE-2019-14904
A flaw was found in the solariszone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the na...
EulerOS 2.0 SP8 : sudo (EulerOS-SA-2019-2304)
According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cau...
CVE-2019-19250
OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js...
CVE-2019-10217
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
CVE-2019-10217
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
PYSEC-2019-3
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
PYSEC-2019-73
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
PYSEC-2019-3
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
CVE-2019-10217
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
CVE-2019-10217
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
CVE-2019-10217
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
Critical: Red Hat Security Advisory: Red Hat Ansible Tower 3.6.1-1 - EL7 Container
Red Hat Ansible Tower 3.6.1-1 - EL7 Container Ansible Tower Version 3.6.1 ----------------------------- - Fixed accidental disclosure of Red Hat username and password in /api/v2/config CVE-2019-14890 - Fixed upgrade failure with bundled installer - Fixed license check error when reinstalling over...
POC-T
This is a Python-based penetration testing framework called POC-T. It is a concurrent framework that allows users to perform various types of attacks, including vulnerability verification, file upload, weak password cracking, and more. The framework has a modular design, with each module...
Fedora 31 : systemd (2019-4c3ce3aa5c)
Latest bugfix release. Systemd-stable snapshots will now be numbered. - Fix broken PrivateDevices filter on big-endian, s390x in particular 1769148 - systemd-modules-load.service should only warn, not fail, on error 1254340 - Fix incorrect certificate validation with DNS over TLS 1771725,...
Race condition
In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior,...
CVE-2010-4661
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules...