Schneider Electric Modicon M580 FTP incomplete firmware update denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. A specially crafted set of FTP commands can cause the device to enter a recoverable fault state,...

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Microsoft Windows Task Scheduler suffers from a local privilege escalation vulnerability. The Windows MMC auto-elevates members of the 'administrators' group via the GUI and MMC snap-ins via mmc.exe automatically elevate without prompting UAC potentially leading to unintentional elevation of...

Xxe

An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179Final. The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response...

CVE-2018-18406

An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179Final. The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response...

CVE-2017-9383

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port3480". It seems that the UPnP services provide "wget" as one of the service actions for a normal...

Toshiba VFAS3-4750PCE ASD Drive Detection

Binary data 757969.prm...

Buffer overflow

kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150, MDM9206, MDM9607,...

6 Signs of Successful Threat Hunting

When a threat hunting program is established by an organization, their goal is to proactively hunt threats, with a focus on newer, more sophisticated attacks for which reliable signatures or indicators are not yet available. However, without an effective threat hunting program, the attacker is...

AZL-6424 CVE-2019-6293 affecting package flex for versions less than 2.6.4-7

An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...

DEBIAN-CVE-2019-6293

An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...

PT-2019-18080 · Gnu +1 · Flex +1

Name of the Vulnerable Software and Affected Versions: flex version 2.6.4 Description: The issue is caused by the mark beginning as normal function making recursive calls to itself in certain scenarios involving lots of '' characters, leading to a stack exhaustion problem. Remote attackers could...

CVE-2018-19898

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

Netgate pfSense CE Command Injection Vulnerability (CNVD-2018-26996)

Netgate pfSense CE is the United States Netgate company's set of free open source FreeBSD-based firewall and router software. A command injection vulnerability exists in the 'powerdnormalmode' parameter in Netgate pfSense CE version 2.4.4-RELEASE, which can be exploited by an attacker to execute...

CVE-2018-4019

An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...

6 Signs of Successful Threat Hunting

When a threat hunting program is established by an organization, their goal is to proactively hunt threats, with a focus on newer, more sophisticated attacks for which reliable signatures or indicators are not yet available. Bonus: Check out the "Top 5 Threat Hunting Myths" However, without an...

GHSA-V7MF-QGXF-QMVF Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies

Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies...

CVE-2018-17037

user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3...

Null pointer dereference

VMware ESXi 6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG, Workstation 14.x before 14.1.2, and Fusion 10.x before 10.1.2 contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC...

CVE-2018-6972

VMware ESXi 6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG, Workstation 14.x before 14.1.2, and Fusion 10.x before 10.1.2 contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC...

CVE-2018-6965

VMware ESXi 6.7 before ESXi670-201806401-BG, Workstation 14.x before 14.1.2, and Fusion 10.x before 10.1.2 contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user...