GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.
3918104d38f04c724d2e79306031ec8485d879c5b57a8a89de4f48743a45d8da
BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 suffer from a remote shell upload vulnerability.
34bbdc615e014059e3b04c9185a7fd91f2ae36a5796c871aaa3b732608c44564
Hawtio versions 2.5.0 and below suffer from a server side request forgery vulnerability.
dd2e863b9a9b34ce29995c68363868f23c6a9729562c6afd3e04e3168ab4b984
FreeBSD Security Advisory - A bug causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. This data can be viewed by any user with read access to the directory. Additionally, a malicious user with write access to a directory can cause up to 254 bytes of kernel stack memory to be exposed. Some amount of the kernel stack is disclosed and written out to the filesystem.
e8b30a3f33319307ddd94571cda888074a86c142e47d6d2f8d215c8258b22fd2
FreeBSD Security Advisory - To implement one particular ioctl, the Linux emulation code used a special interface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) device to arbitrarily overwrite kernel memory when some media is present in the device. A user in the operator group can make use of this interface to gain root privileges on a system with a cd(4) device when some media is present in the device.
44ec4741c610bbd10524908bf9d984a79916c9076fb532cfe1221db289227432
Red Hat Security Advisory 2019-1636-01 - This advisory contains the jenkins-2-plugins RPM packages for Red Hat OpenShift Container Platform 4.1.4. Various issues have been addressed including a file read vulnerability.
35932583ad3607db55d6071f2438a343dec4f7239b799a8085c9aa5f046b14c9
FreeBSD Security Advisory - With certain inputs, iconv may write beyond the end of the output buffer. Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. iconv is a libc library function and the nature of possible attacks will depend on the way in which iconv is used by applications or daemons.
e7a88e1043e6911b4f4a63c30931cf6dab2b72238f92b1325a7882b6e52ede1a
Symantec DLP versions 15.5 MP1 and below suffer from a cross site scripting vulnerability.
c74ef0ebc52137f3edc54489288797751806cf5ef7bcb629891a453b62574470
Google ChromeOS SafeSetID LSM suffers from privilege escalation vulnerabilities.
d249d4de09d46c55a0307f0dc5339f1d018313709dc668eae4f4e4959313d6b0
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
b5a2cbf0dcd3f1df2675dbd5ec10bbe6f8ae995c41b68cebe2bc95bffc90696e