Cisco Emergency Responder Static Credentials (cisco-sa-cer-priv-esc-B9t3hqk9)

According to its self-reported version, Cisco Emergency Responder Static Credentials is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

Kubernetes: Half-Blind SSRF found in kube/cloud-controller-manager can be upgraded to complete SSRF (fully crafted HTTP requests) in vendor managed k8s service.

Hello, Who we are : We’re two French security researchers and our respective names are Brice Augras and Christophe Hauquiert, we worked and found the vulnerability together. Brice Augras from https://www.groupe-asten.fr/ company - https://hackerone.com/reeverzax Christophe Hauquiert -...

MIDA-Multitool - Bash Script Purposed For System Enumeration, Vulnerability Identification And Privilege Escalation

Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality from these two previous...

Apple macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1125 The bpf ioctl BIOCSBLEN allows userspace to set the bpf buffer length: case BIOCSBLEN: / uint / if d-bdbif != 0 error = EINVAL; else uint size; bcopyaddr, &size, sizeof size; if size bpfmaxbufsize size = bpfmaxbufsize; else ...

RHEL 5 : kernel (RHSA-2009:1222)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1222 advisory. - kernel: uninit op in SOCKOPSWRAP leads to privesc CVE-2009-2692 - kernel: udp socket NULL ptr dereference CVE-2009-2698 Note that Nessus h...