probe-china.com Cross Site Scripting vulnerability OBB-1432129

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver

A use-after-free flaw was found in the acmprobe USB subsystem in the Linux kernel. A race condition occurs when a destroy procedure is initiated allowing the refcount to decrement on the interface so early that it is never under counted. A malicious USB device is required for exploit. System...

kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS

A flaw was found in the Linux kernel. The rtlusbprobe function mishandles resource cleanup on error. An attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...

kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver

A use-after-free flaw was found in the acmprobe USB subsystem in the Linux kernel. A race condition occurs when a destroy procedure is initiated allowing the refcount to decrement on the interface so early that it is never under counted. A malicious USB device is required for exploit. System...

'Where Law Ends' Review: How the Mueller Investigation Fell Flat

Prosecutor Andrew Weissmann's Where Law Ends doesn't fill the hole at the center of the Trump-Russia probe, but does help explain why it's there...

UCLA researcher charged with destroying hard drive amid FBI probe

By Zara Khan The culprit is a Chinese national on a J-1 nonimmigrant visa working as a researcher for UCLA. This is a post from HackRead.com Read the original post: UCLA researcher charged with destroying hard drive amid FBI probe...

Logic Flaw Vulnerability in UTS Integrated Threat Probe at Beijing Shenzhou Green Alliance Technology Co.

Green Alliance UTS is equipped with IDS and WAF dual detection engine system, combining threat intelligence, malicious file detection, DDoS detection, Webshell detection and anomalous behavior detection and other means to quickly detect traditional and advanced threats. There is a logic flaw in t...

PT-2020-14841 · Prometheus +2 · Prometheus Blackbox Exporter +2

Name of the Vulnerable Software and Affected Versions: Prometheus Blackbox Exporter versions through 0.17.0 Description: The issue allows for a Server-Side Request Forgery SSRF via the /probe endpoint with the target parameter. There is a discussion suggesting this could be seen as both intended...

CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow

This module exploits a buffer overflow within the CA Unified Infrastructure Management nimcontroller. The vulnerability occurs in the robot controller component when sending a specially crafted directorylist probe. Technically speaking the target host must also be vulnerable to CVE-2020-8010 in...

CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow', 'Description' = %q This module exploits a buffer overflow within the...

Security Bulletin: Multiple vulnerabilities have been identified in Apache Camel shipped with IBM Netcool/OMNIbus Probe DSL Factory Framework

Summary Apache Camel is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. Information about the security vulnerabilities affecting Apache Camel has been published. CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971...

CVE-2020-15008

A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user...

CVE-2020-15008

A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user...

Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i (CVE-2009-3555)

Summary Information about security vulnerabilities affecting IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i is published in the details below. Vulnerability Details CVEID: CVE-2009-3555 DESCRIPTION: Multiple implementations of the Transport Layer Security TLS protocol, including SSL,...

OPENSUSE-SU-2020:0676-1 Security update for autoyast2

This update for autoyast2 to version 4.1.15 fixes the following issues: Security issue fixed: - CVE-2019-18905: Removed all '--gpg-auto-import-keys' options from zypper commands bsc1140711. Non-security issue fixed: - Fix desktop files updating some icons and groups bsc1168123. - Restored some...

CVE-2020-10060

In updatehubprobe, right after JSON parsing is complete, objects\1 is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an...

CVE-2020-11547

PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself CPU usage, memory, Windows version, and internal statistics via an HTTP request, as demonstrated by type=probes to login.htm or index.htm...

FProbe - Take A List Of Domains/Subdomains And Probe For Working HTTP/HTTPS Server

FProbe - Fast HTTP Probe Installation GO111MODULE=on go get -u github.com/theblackturtle/fprobe Features Take a list of domains/subdomains and probe for working http/https server. Optimize RAM and CPU in runtime. Support special ports for each domain Verbose in JSON format with some additional...

kernel: oob memory read in hso_probe in drivers/net/usb/hso.c

A flaw was found in the Linux kernel in the function hsoprobe which reads ifnum value from the USB device as an u8 and uses it without a length check to index an array, resulting in an OOB memory read in hsoprobe or hsogetconfigdata. An attacker with a forged USB device and physical access to a...

kernel: oob memory read in hso_probe in drivers/net/usb/hso.c

A flaw was found in the Linux kernel in the function hsoprobe which reads ifnum value from the USB device as an u8 and uses it without a length check to index an array, resulting in an OOB memory read in hsoprobe or hsogetconfigdata. An attacker with a forged USB device and physical access to a...