62 matches found
CVE-2019-4259
A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011...
PT-2019-16999 · Ibm · Ibm Spectrum Scale
Name of the Vulnerable Software and Affected Versions: IBM Spectrum Scale versions 4.1.1 through 5.0.0 Description: A security issue has been identified that could allow sensitive data to be included with service snaps when the CES stack is enabled. Recommendations: For IBM Spectrum Scale version...
Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements (CVE-2019-4259)
Summary A security vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements CVE-2019-4259 Vulnerability Details Deployments with protocol access metho...
DEBIAN-CVE-2019-7303
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...
Ubuntu: Security Advisory (USN-2956-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
A week in security (May 14 – May 20)
Last week, we looked at the deluge of incoming policies caused by GDPR, tackled Adobe Reader zero days, and ran through some iPhone security tips. We also caught some helpline scammers in the act, explored advergaming, got our Senate Bill game face on, and deep dived into Drupal vulnerabilities...
Insanity-Framework - Generate Payloads and control Remote Machines
With the dynamics of persuasion that prove effective in a pentest, several painstaking means of making a payload has emerged, Insanity Framework provides speed and effectiveness in a single tool to help you work. Features Bypass most AV and Sandboxes. Remote Control. Payload Generation. Some...
CVE-2016-1580
The setupsnappyosmounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."...
Ubuntu 16.04 LTS : ubuntu-core-launcher vulnerability (USN-2956-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2956-1 advisory. Zygmunt Krynicki discovered that ubuntu-core-launcher did not properly sanitize its input and contained a logic error when determining the mountpoint of bind moun...
USN-2956-1: ubuntu-core-launcher vulnerability
Zygmunt Krynicki discovered that ubuntu-core-launcher did not properly sanitize its input and contained a logic error when determining the mountpoint of bind mounts when using snaps on Ubuntu classic systems eg, traditional desktop and server. If a user were tricked into installing a malicious sn...
UBUNTU-CVE-2016-1580
The setupsnappyosmounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."...
Scientific Linux Security Update : conga on SL5.x i386/x86_64
A flaw was found in ricci during a code audit. A remote attacker who is able to connect to ricci could cause ricci to temporarily refuse additional connections, a denial of service CVE-2007-4136. Fixes in this updated package include : - The nodename is now set for manual fencing. - The node log ...
conga security, bug fix, and enhancement update
0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...
Moderate: Red Hat Security Advisory: conga security, bug fix, and enhancement update
Updated conga packages that correct a security flaw and provide bug fixes and add enhancements are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Conga package is a web-based administration tool for remote cluster and storag...
CVE-2007-2715
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the 1 username, or the 2 password and password2 parameters in an edit action...
Design/Logic Flaw
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the 1 username, or the 2 password and password2 parameters in an edit action...
CVE-2007-2715
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the 1 username, or the 2 password and password2 parameters in an edit action...
CVE-2007-2715
CVE-2007-2715 affects Snaps! Gallery 1.4.4. The vulnerability is in admin/users.php and allows remote attackers to modify usernames and passwords via the (1) username parameter or (2) password and password2 parameters in an edit action. The available connected records confirm the same textual des...
Snaps! Gallery 1.4.4 Remote User Pass Change Exploit
No description provided by source. ?php / \|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ /...
Snaps! Gallery 1.4.4 Remote User Pass Change Exploit
Exploit for unknown platform in category web applications ==================================================== Snaps! Gallery 1.4.4 Remote User Pass Change Exploit ==================================================== ?php / \|/// \ - - // @ @...