Microsoft Windows: Block SBP-2 Driver and Thunderbolt controllers (Driver Setup Class)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windenysbp2thunderboltdriver.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Blocking the SBP-2 driver and Thunderbolt controllers Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Microsoft Windows: Prevent installation of devices (device setup classes)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windenydriverssetupclasses.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Prevent installation of devices using drivers that match these device setup classes Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbon...

Microsoft Windows: Recovering of BitLocker-protected fixed drives (Setup Wizard)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winbitlockerrecoverywizard.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard Authors: Emanuel Moss...

Code injection

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wpssetuppin parameter to /data/wps.setup.json...

Security Bulletin: Flexera InstallAnywhere DLL-planting vulnerability affects IBM Enterprise Records Installers (CVE-2016-4560)

Summary InstallAnywhere generates installation executables which are vulnerable to an DLL-planting vulnerability. Vulnerability Details CVEID: CVE-2016-4560 DESCRIPTION: Flexera InstallAnywhere could allow a local attacker to gain elevated privileges on the system, caused by an untrusted search...

Security Bulletin: InstallShield and InstallAnywhere vulnerabilities affect IBM Security Guardium Data Redaction (CVE-2016-2542)

Summary Flexera InstallShield could allow a local attacker to gain elevated privileges on the system, caused by an untrusted search path. An attacker could exploit this vulnerability using a Trojan horse DLL in the current working directory of a setup-launcher executable file to gain elevated...

CVE-2018-12457

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

Default credentials

ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. When engine-setup was run and one chooses to provision the database manually or connect to a remote database, the password input was logged in cleartext during the verification step...

Design/Logic Flaw

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

CVE-2018-1281

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

CVE-2018-1281

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

CVE-2018-1281

CVE-2018-1281 involves Apache MXNet in clustered deployments. The root cause is that in versions older than 1.0.0, the MXNet scheduler can be made to listen on 0.0.0.0 instead of the user-specified DMLC_PS_ROOT_URI/DMLC_PS_ROOT_PORT when a scheduler node initializes. This misconfiguration causes ...

CVE-2018-1281

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

How to Collect Support Bundle from XenMobile Server CLI using FileZilla

This article describes how to collect XenMobile support bundle with FileZilla. FileZilla can be installed locally and act as FTP server...

Backdoorme - Powerful Auto-Backdooring Utility

Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time. Once an SSH connection has been established with the target,...

CVE-2013-10061

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netgeardgn1000bsetupexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

Windows Packer Project for Defenders: DARKSURGEON

Darksurgeon is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Darksurgeon has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...

Acunetix v12 - More Comprehensive, More Accurate and now 2X Faster

In-depth analysis of JavaScript-rich sites and Single Page Applications Acunetix, the pioneer in automated web application security software, has announced the release of version 12. This new version provides support for JavaScript ES7 to better analyse sites which rely heavily on JavaScript such...

Important: Red Hat Security Advisory: rhvm-setup-plugins security update

An update for rhvm-setup-plugins is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Error: "Http/1.1 Internal Server Error 43531" When Enrolling Device to XenMobile

MAM enrollment is failing with below errors: 1. While authenticating from the Gateway Web Page -"Http/1.1 Internal Server Error 43531" 2. While attempting from the mobile device - "Enrollment Failed - There's a prblem with the server setup. Please contact your administrator"...