Kernel: FPU state information leakage via lazy FPU restore

A Floating Point Unit FPU state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker cou...

Don’t be a Coinmining Zombie – Part 2: How Do You Protect Yourself from being Cryptojacked?

Safe behaviors to protect yourself from cryptojacking follow the familiar rules you should adhere to every day to protect yourself against viruses, worms, bots, and malware, including ransomware, which are typically pushed to you through phishing techniques and social engineering: | Strengthen yo...

CVE-2018-12089

In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set to True. This is...

OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal

Dear subscribers, we've migrated our public disclosure workflow to full-disclosure and are catching up on publishing recent vulnerabilities through this channel. Feel free to join our bug bounty programs open-xchange, dovecot, powerdns at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange...

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when on...

F5 Networks BIG-IP : Apache vulnerability (K00373024)

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-en...

Microsoft Windows 10: Log on as a batch job

This policy setting determines which accounts can log on by using a batch-queue tool such as the Task Scheduler service. When you use the Add Scheduled Task Wizard to schedule a task to run under a particular user name and password, that user is automatically assigned the Log on as a batch job us...

Microsoft Windows 10: Replace a process level token

This policy setting determines which parent processes can replace the access token that is associated with a child process. Specifically, the Replace a process level token setting determines which user accounts can call the CreateProcessAsUser application programming interface API so that one...

Space not freed up after force-canceling a task

When editing a layer or publishing an image, you see extra space consumed in the "Layering Service" Local Storage normally. You attempt to cancel the operation, but the task does not cancel. Eventually after 60 minutes the cancel operation gets to the Stalled state, allowing you to force-cancel t...

Hashtopolis - A Hashcat Wrapper For Distributed Hashcracking

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis's development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients C, Python,...

CVE-2018-10082

CMS Made Simple CMSMS through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or...

Logic design vulnerability in CSCMS Skin.php file

Cheng's CMS content management system referred to as CSCMS is a multi-functional network information management system developed by Chongsheng Network Technology. A logical design vulnerability exists in the CSCMS Skin.php file. The vulnerability is due to unfiltered processing of user-supplied...

IBM Business Process Manager Information Disclosure Vulnerability (CNVD-2018-08191)

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A security vulnerability exists in IBM BPM version 8...

TLS 1.3 is nearly here

TLS stands for "Transport Layer Security" and it's rather important. Why's that? Oh, I'm glad you asked. Here's me, yelling my password across the office to you: "PASSWORD!!!" You heard me loud and clear, right? But so did basically anyone else nearby. Now let's work in a little TLS love and...

Retire.Js - Scanner Detecting The Use Of JavaScript Libraries With Known Vulnerabilities

What you require you must also retire There is a plethora of JavaScript libraries for use on the Web and in Node.JS apps out there. This greatly simplifies development,but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10...

Mozilla Tests DNS over HTTPS: Meets Some Privacy Pushback

The Mozilla Foundation is testing a new mechanism for securing domain name server traffic that uses the encrypted HTTPS channel. It is an attempt to speed up the internet, reduce the threat of man-in-the-middle attacks and keep prying eyes from monitoring what users do online. Starting in the nex...

CVE-2018-1090

In pulp, secrets are passed into overrideconfig when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets...

Native Receiver Access to Internal and External Store with Always-on NetScaler Gateway VPN Fails

User is connected to LAN and Receiver is accessing StoreFront directly or via LB. When moveing from LAN to Internet, Always-on VPN gets connected automatically. Now trying to launch an app results in error "There was a problem connecting: Store name". Trying to refresh the Receiver results in err...

IBM Business Process Manager Design Vulnerabilities

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. There is a security vulnerability in IBM BPM. A remo...

Powershell-RAT - Python Based Backdoor That Uses Gmail To Exfiltrate Data Through Attachment

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends the information to an attacker as an e-mail attachment. Note: This...