9577 matches found
CVE-2015-0783
The FileViewer class in Novell ZENworks Configuration Management ZCM allows remote authenticated users to read arbitrary files via the filename variable...
CVE-2015-0784
Rtrlet.class in Novell ZENworks Configuration Management ZCM allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable...
CVE-2015-0784
This CVE affects Novell ZENworks Configuration Management (ZCM). The vulnerability is in Rtrlet.class, where a remote attacker can obtain Session IDs of logged-in users by sending a POST request with the maintenance variable set to ShowLogins. The issue is an information-disclosure flaw; exploita...
CVE-2015-0784
Rtrlet.class in Novell ZENworks Configuration Management ZCM allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable...
CVE-2016-4456
The "GNUTLSKEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem...
DEBIAN-CVE-2016-4456
The "GNUTLSKEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem...
postgresql: libpq ignores PGREQUIRESSL environment variable
It was discovered that the PostgreSQL client library libpq did not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a...
CVE-2017-12479
It was discovered that an issue in the session logic in Unitrends Backup UB before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute...
CVE-2017-12479
CVE-2017-12479 – Unitrends Backup : Affects UB prior to 10.0.0. The issue is in session handling, where an attacker with existing low-privilege credentials can leverage the LOGDIR environment variable during a web session to elevate to root and execute arbitrary commands with root privileges. Thi...
[SECURITY] [DSA 3926-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3926-1 [email protected] https://www.debian.org/security/ Michael Gilbert August 04, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3926-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3926-1 [email protected] https://www.debian.org/security/ Michael Gilbert August 04, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3926-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5087 Ned Williamson discovered a way to escape the sandbox. CVE-2017-5088 Xiling Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2017-5089 Michal Bentkowski discovered a spoofing issue...
Windows WMI Receive Notification Exploit
This module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl. This module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64. This module requires Metasploit: https://metasploit.com/download Current source:...
Unauthorized Access
WordPress is vulnerable to unauthorized access. The attack is possible because the library uses the SERVERNAME variable to get the hostname of the server for PHP mail functions, allowing an attacker to modify the hostname of his choice and trigger a password reset function. However, the attack ca...
CVE-2017-7642
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable...
CVE-2017-7642
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable...
glibc: LD_POINTER_GUARD in the environment is not sanitized
It was found that the dynamic loader did not sanitize the LDPOINTERGUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application...
Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update
An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Building a Car Hacking Development Workbench: Part 3
Welcome back to the car hacking development workbench series. In part two we discussed how to read wiring diagrams. In part three, we are going to expand on the workbench by re-engineering circuits and replicate signals used in your vehicle. If this is your first time stumbling across this write...
CVE-2017-11474
GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computersoftwareversion.class.php, exploitable via ajax/common.tabs.php...