The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks by abusing anonymous token impersonation.
84d1f61ea4f0eb889ca190f3429bcfe55144ef0d1d6d2b16d24b041e21caa84fThe fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks.
bd702073eb355563b971ee560011cb8ca6c6eb53f9281cc28b3dd536b66fcbeeDebian Linux Security Advisory 3451-1 - Jann Horn discovered a vulnerability in the fuse (Filesystem in Userspace) package in Debian. The fuse package ships an udev rules adjusting permissions on the related /dev/cuse character device, making it world writable.
b5298124dcfd3904149157739b5e18b48f4a79c7e06d6eba050b3daaf9d6c277Bamboo suffers from deserialization and missing authentication check vulnerabilities. This advisory discloses multiple critical severity security vulnerabilities of which the earliest vulnerability was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.9.9 (the fixed version for 5.9.x) are vulnerable.
27f3a84e5ff5328e43491d29c853f00c327b6ccf574c0b242b8a87e43667a2daRouterHunterBR is a tool to find and perform tests in vulnerable routers on the Internet.
1ddc5a12ad6e7c7a42c3e0467c9f7b55a7745e71c153509b840cbc3aafaf71fdGolestan System of Iran suffered from a remote SQL injection vulnerability that allows for login bypass.
f7f5a4fe4e8cb15983730bd3bc02ea1418bbf09ce36a3db141c6a1e3a1bd4fc3118 Telecom's website suffers from a cross site scripting vulnerability.
a2a09d4a49e075b986ab674b79f96036a615e75e393bed9a2c3c9e3b59fc465a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed