Design/Logic Flaw

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

Red October Attackers Shutting Down C&C Infrastructure

It appears that the attackers behind the Red October cyberespionage campaign are taking their ball and going home. Since the attack came to light on Monday, the attackers have begun shutting down their infrastructure and the hosting providers and registrars involved with some of the...

drupal -- multiple vulnerabilities

Drupal Security Team reports: Cross-site scripting Various core and contributed modules Access bypass Book module printer friendly version Access bypass Image module...

[SECURITY] Fedora 18 Update: pl-6.0.2-5.fc18

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

[SECURITY] Fedora 17 Update: pl-6.0.2-4.fc17

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

[SECURITY] Fedora 16 Update: pl-5.10.2-9.fc16

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

Fedora Update for pl FEDORA-2013-0211

Check for the Version of pl OpenVAS Vulnerability Test Fedora Update for pl FEDORA-2013-0211 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...

Fedora 16 : drupal6-6.27-1.fc16 / drupal7-7.18-1.fc16 (2012-20794)

Upstream Drupal has reported SA-CORE-2012-004 1 which corrects multiple vulnerabilities : 1 Access bypass User module search - Drupal 6 and 7 2 Access bypass Upload module - Drupal 6 3 Arbitrary PHP code execution File upload modules - Drupal 6 and 7 CVEs have been requested and are not yet...

CVE-2012-0860

Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse 1 deployUtil.py or 2 vdsbootstrap.py Python module in /tmp/...

PT-2013-1518 · Red Hat · Red Hat Enterprise Virtualization Manager

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager RHEV-M versions prior to 3.1 Description: The issue allows local users to gain privileges via a Trojan horse Python module, specifically deployUtil.py or vds bootstrap.py, in the /tmp/ directory when...

JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...

JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...

JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...

Joomla modules - pm_advancedsearch4 Arbitrary File Upload Vulnerabilit

Exploit for php platform in category web applications ------------------------------------------------------------------------------- Joomla modules - pmadvancedsearch4 Arbitrary File Upload Vulnerability -------------------------------------------------------------------------------- Author =...

Multiple critical vulnerabilities in Maxthon and Avant browsers

Hi, Below you can find a short summary of discovered vulnerabilities in Maxthon and Avant browsers. Such vulnerabilities were demonstrated during HITBAMS2012 security conference and more recently at HackPra. Affected Products - Maxthon www.maxthon.com - Avant Browser www.avantbrowser.com Security...

[VSD] (Virtual Section Dumper) Just another Virtual Section Dumper for Windows Processes

What's VSD? VSD Virtual Section Dumper is intented to be a tool to visualize and dump the memory regions of a running 32 bits or a 64 bits process in many ways. For example, you can dump the entire process and fix the PE Header , dump a given range of memory or even list and dump every virtual...

CVE-2012-5909

SQL injection vulnerability in admin/modules/user/users.php in MyBB aka MyBulletinBoard 1.6.6 allows remote attackers to execute arbitrary SQL commands via the conditionsusergroup parameter in a search action to admin/index.php...

dotProject <= 2.1.6 Remote File Inclusion Vulnerability

Exploit for php platform in category web applications Discovered by dun \ posdubatgmail.com 2012-11-13 dotProject = 2.1.6 Remote File Inclusion Vulnerability Script: "PHP web-based project management framework that includes modules for companies, projects, tasks with Gantt charts, forums, files,...

[BeEF 0.4.3.8] Browser Exploitation Framework

The Browser Exploitation Framework BeEF is a powerful professional security tool. It is a penetration testing tool that focuses on the web browser. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security...

VLC Media Player TiVo Demuxer Double Free Vulnerability (Mac OS X)

This host is installed with VLC Media Player and is prone to double free vulnerability. OpenVAS Vulnerability Test $Id: gbvlcmediaplayerdemuxerdoublefreevulnmacosx.nasl 5988 2017-04-20 09:02:29Z teissa $ VLC Media Player TiVo Demuxer Double Free Vulnerability Mac OS X Authors: Antu Sanadi...