CVE-2017-12138

XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter...

Fastspot BigTree SQL Injection Vulnerability

Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the coreadminauto-modulesformsprocess.php file in Fastspot BigTree version 4.2.18. A remote attacker can exploit this vulnerability to...

RHEL 7 : python (RHSA-2017:1868)

An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: python security and bug fix update

An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

openssh: loading of untrusted PKCS#11 modules in ssh-agent

It was found that ssh-agent could load PKCS11 modules from arbitrary paths. An attacker having control of the forwarded agent-socket on the server, and the ability to write to the filesystem of the client host, could use this flaw to execute arbitrary code with the privileges of the user running...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...

Continental AG Infineon S-Gold 2 (PMB 8876)

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Continental AG Equipment: Infineon S-Gold 2 PMB 8876 Vulnerabilities: Stack-Based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUC...

Cross-Site Request Forgery(CSRF)

Moodle is vulnerable to cross-site request forgery CSRF attacks. The attacks exist because it does not properly check session key validity on password-protected lesson modules, allowing the authenticated users to hijack the request sent to 1 mod/lesson/mediafile.php or 2 mod/lesson/view.php...

Virtual Machine Automation (vm-automation) repository released

Rapid7 just released a new public repo called vm-automation. The vm-automation repository is a Python library that encapsulates existing methodologies for virtual machine and hypervisor automation and provides a platform-agnostic Python API. Currently, only ESXi and VMWare workstation are...

CVE-2017-7529

A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory b...

CVE-2017-11096

When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swfDeleteFilter function in lib/modules/swffilter.c...

Siemens Reyrolle

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Reyrolle Vulnerabilities: Missing Authorization, Improper Input Validation, Improper Authentication AFFECTED PRODUCTS Siemens reports that the vulnerabilities affect the following Reyrolle...

Interactive Security Reference Tool: BroSec

Interactive Security Reference Tool An interactive reference tool to help security professionals utilize useful payloads and commands Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful yet sometimes complex payloads and commands that are often...

pyrasite - Inject code into running Python processes

Tools for injecting arbitrary code into running Python processes. Requirements gdb version 7.3+ or RHEL5+ On OS X you will need to have a codesigned gdb - see https://sourceware.org/gdb/wiki/BuildingOnDarwin if you get errors while running with --verbose which mention codesigning. Compatiblity...

Ubuntu 14.04 LTS / 16.04 LTS : Apache HTTP Server vulnerabilities (USN-3340-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3340-1 advisory. Emmanuel Dreyfus discovered that third-party modules using the apgetbasicauthpw function outside of the authentication phase may lead to...

Siemens SIMATIC CP 44x-1 Redundant Network Access Modules

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC CP 44x-1 Redundant Network Access RNA modules Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of the SIMATIC CP 44x-1 RNA, which connect SIMATIC S7-400 CPUs t...

Authentication flaw

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

DEBIAN-CVE-2017-3169

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port...

ALPINE-CVE-2017-3167

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

ALPINE-CVE-2017-3169

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port...