UBUNTU-CVE-2016-5172

The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code...

Provisioning Services: Support Statement for Multiple PVS Farms pointing to different Databases in one Subnet

Question: Can we boot targets using PXE boot in Subnet where we have 2 PVSServer in 2 different farms pointing to different database? Answer: This is not supported because when targets boot using PXE services, it broadcasts a packet and if it contacts a PVS Server which does not have entry for...

Service worker meeting notes

On July 28th-29th we met up in the Mozilla offices in Toronto to discuss the core service worker spec. I'll try and cover the headlines here. Before I get stuck in to the meaty bits of the meeting, our intent here is to do what's best for developers and the future of the web, so if you disagree...

MGASA-2016-0244 Updated struts packages fix security vulnerabilities

Updated struts packages fix security vulnerabilities: A vulnerability in Apache Struts 1 ActionForm allowing unintended remote operations against components on server memory, such as Servlets and ClassLoader, was found CVE-2016-1181. It was reported that The Apache Struts 1 Validator contains a...

Updated struts packages fix security vulnerabilities

Updated struts packages fix security vulnerabilities: A vulnerability in Apache Struts 1 ActionForm allowing unintended remote operations against components on server memory, such as Servlets and ClassLoader, was found CVE-2016-1181. It was reported that The Apache Struts 1 Validator contains a...

Analyzing Go Vendoring with BigQuery

GitHub published a snapshot of all the public open-source repositories to BigQuery and Francesc used it to draw some cool statistics about Go projects. I used the same dataset to analyze how the Go ecosystem does vendoring. Disclosure: there's some ego stroking here, as I'm the author of gvt. Try...

CVE-2016-0400

CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL...

Uber Hack lets anyone find Unlimited Promo Codes for Free Uber Rides

An Independent Security Researcher from Egypt has discovered a critical vulnerability in Uber app that could allow an attacker to brute force Uber promo code value and get valid codes with the high amount of up to $25,000 for more than one free rides. Mohamed M.Fouad has discovered a "promo codes...

Nextcloud: stats.nextcloud.com: Content Injection

Hello Team, Found Same issue on Your Another Subdomain , Content injection : https://stats.nextcloud.com/has%2f%20beed%20to%20https://www.ATTACKER.COM.%20so%20please%20visit%20https://www.ATTACKER.COM%20as%20your%20requested%20link Though It is Not in a scope but Want to Make you aware of it :...

SAP NetWeaver AS Java 7.5 XXE in com.sap.km.cm.ice

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2387249 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE...

JVN#65044642: Apache Struts 1 vulnerable to input validation bypass

The Apache Struts 1 Validator contains a vulnerability where input validation configurations validation rules, error messages, etc. may be modified. This occurs when the following ActionForm including its subclasses are in the session scope. ValidatorForm ValidatorActionForm Impact Effects vary...

JVN#03188560: Apache Struts 1 vulnerability that allows unintended remote operations against components on memory

The Apache Sturts 1 ActionForm contains a vulnerability which allows unintended remote operations against components on server memory, such as Servlets and ClassLoader, when the following 2 conditions are met: Condition 1: When the following ActionForm including its subclasses are in the session...

Mail.ru: Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]

SQL injection and PHP source code disclosure in out-of-scope project...

Mail.ru: [tidaltrek.mail.ru] SQL Injection

SQL injection with local file read in out-of-scope service...

AWS releases PCI DSS Quick Start for Deploying PCI DSS In-Scope Workloads

In the next step to help customers adopt their platform for PCI, Amazon Web Services AWS has released their PCI DSS Quick Start program. The PCI DSS Quick Start program is the next evolution of cloud providers developing tools for rapid deployment of standardized configurations to drive adoption ...

chromium-browser: same origin bypass in dom

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a...

LocalTapiola: Source Code Disclosure on out of scope domain viestinta.lahitapiola.fi

Issue The reporter had found an open .git folder on one of our out of scope domains. Fix The issue was investigated and found to be valid. The source code was removed from the public server. The source code did not contain any business critical information and customer information was never at...

oschina.net XSS vulnerability

Vulnerable URL: http://www.oschina.net/search?scope=project'...

Uber: Requested and received edit access to Google form

Per the policies laid out in www.hackerone.com/uber social engineering attempts are explicitly out of scope: Social engineering attempts this includes phishing attacks against Uber employees Failure to follow these policies will result in forfeiture of any bounty and a potential ban from the...

Solar System Scope - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Solar System Scope published at the 'play' market has multiple vulnerabilities...