710 matches found
AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot
Exploit: AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5548 Advisory URL:...
AVE DOMINAplus 1.10.x Unauthenticated Remote Reboot Vulnerability
AVE DOMINAplus =1.10.x Unauthenticated Remote Reboot Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...
AVE DOMINAplus 1.10.x Unauthenticated Remote Reboot
AVE DOMINAplus =1.10.x Unauthenticated Remote Reboot Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...
CVE-2019-17336
The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to information that can lead to obtaining credentials used to access Spotfire data...
Vtiger CRM Elevation of Privilege Vulnerability
Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by American Vtiger. The management system provides management, collection and analysis of customer information and other functions. A security vulnerability exists in the My Preferences saving feature i...
CVE-2019-19202
In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request...
DEBIAN-CVE-2013-6364
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book...
UBUNTU-CVE-2013-6364
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book...
artofsaving.com Cross Site Scripting vulnerability
Security Researcher Hchabik Helped patch 2348 vulnerabilities Received 5 Coordinated Disclosure badges Received 2 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting artofsaving.com website and its users. Following coordinate...
RapidScan - The Multi-Tool Web Vulnerability Scanner
Evolution: It is quite a fuss for a pentester to perform binge-tool-scanning running security scanning tools one after the other sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program...
March 1, 2019—KB4482887 (OS Build 17763.348)
March 1, 2019—KB4482887 OS Build 17763.348 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Enables “Retpoline" for Windows on certain devices, which may improve performance of Spectre...
7 Times Apple Watch Saved Lives
By Uzair Amir Who doesn’t like elegant watches, especially those which could literally save your life, right? There are several types of watches out there such as a divers watch, Mechanical Watch, and Chronograph Watch, etc. but the life saviors lately are powered with smart technology. In this...
First steps with Docker: installation in CentOS 7, vulnerability assessment, interactive mode and saving changes
Docker and containerization are literally everywhere. IMHO, this changes the IT landscape much more than virtualization and clouds. Let's say you have a host, you checked it and find out that there are no vulnerable packages. But what's the point if this host runs Docker containers with their own...
Design/Logic Flaw
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...
CVE-2018-12402
CVE-2018-12402 affects Firefox up to version 62 and concerns the internal WebBrowserPersist code used when saving pages (“Save Page As…”). The vulnerability arises from not using the correct origin context for sub-resources, enabling access to resources that could reveal a visitor’s Windows usern...
Iptables Essentials - Common Firewall Rules And Commands
Tools to help you configure Iptables Shorewall - advanced gateway/firewall configuration tool for GNU/Linux. Firewalld - provides a dynamically managed firewall. UFW - default firewall configuration tool for Ubuntu. FireHOL - offer simple and powerful configuration for all Linux firewall and...
OSFClone - Open Source Utility To Create And Clone Forensic Disk Images
OSFClone is a free, self-booting solution which enables you to create or clone exact raw disk images quickly and independent of the installed operating system. In addition to raw disk images, OSFClone also supports imaging drives to the open Advance Forensics Format AFF , AFF is an open and...
Cumulative Update 1 for Exchange Server 2019
Cumulative Update 1 for Exchange Server 2019 Cumulative Update 1 for Microsoft Exchange Server 2019 was released on February 12, 2019. This cumulative update is a security update. It includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These...
Volatility Workbench - A GUI For Volatility Memory Forensics
Volatility Workbench is a graphical user interface GUI for the Volatility tool. Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is free, open source and runs in Windows. It provides a number of advantages over the...
The vulnerability of the Vim text editor on the Astra Linux operating system allows a hacker to circumvent the restrictions imposed by the given security policy.
The vulnerability of the Vim text editor in the Astra Linux operating system is related to the improper saving of security attributes when files are modified. Exploiting this vulnerability allows an attacker to circumvent the security restrictions imposed by the specified security policy...