Backdoor.Win32.NerTe.772 malware suffers from a code execution vulnerability.
dc6f6de9e48d1c019f02244275891b5506c3ae3d7c532d5e4f3e8caef4170cc2
Backdoor.Win32.NerTe.772 malware suffers from bypass and code execution vulnerabilities.
fc4fe6e27b86fe9058ca95693b6b46fb8aa8171b7b7ecee3fc3554484033834c
Trojan.Win32.Scar.dulk malware suffers from an insecure permissions vulnerability.
cbd8ec549f7fbd1dd0daf13796d11776585e8b3c0ff98930ced6d586c8924356
Trixbox version 2.8.0.4 has an OS command injection vulnerability that can be leveraged via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
aaabb057afb92bb25d1dc9037d5a6c0fb333f4768b0c90b7a44651f47b7bcfa7
Trixbox version 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
fb3bf69481578dad07624872eec1f5d1da61660965e5ddb444e9193956929ed2
PHPFusion version 9.03.50 suffers from a remote code execution vulnerability.
0c1ea73a71c985e2370b23c0a29caa04d041fd12d0eccc6de21797149b8536e6
Ubuntu Security Notice 4967-2 - USN-4967-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
fa9566f11a9fe7fedfd3308556728e7989e3d35072dac1fff279c3e363c3e755
This paper is focused on the various ways in which threat hunting can be performed. It is based on the author's research of semi-automating the entire process by creating a tool based on machine learning and applying analytics.
6af7c1449c75828f7976e682efcd001d246afb3c611194a09d283daac934ebe6
QNAP MusicStation and MalwareRemover are affected by arbitrary file upload and command injection vulnerabilities, leading to pre-authentication remote command execution with root privileges on the NAS.
dddda20f7202ce5358af06526c5259d1f75a28b841ba2fcc6fd3fd23682bb880
WordPress LifterLMS plugin version 4.21.0 suffers from a persistent cross site scripting vulnerability.
20b27b98b2e22747764f7a39e413c4251aa23f2a701c00e2bc61df557d7309b3
Selenium version 3.141.59 remote code execution exploit.
31a04d36d587ab0a205023d11f001f9667bf27577d83ddca22b7e833833f61a8
An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy (SCP).
f6519f57eed331c93ca5644c3a83e240cb6fe2ee50133663e8ee3dad642af551
The IoT Controller web application includes a NodeJS module, node-red, which has the capability for users to read or write to local files on the IoT Controller. With the elevated privileges the web application runs as, this allowed for reading and writing to any file on the IoT Controller filesystem.
ab0f31561d42610f5ba5969c33fa30d3f807865c8f1eaac846a5b376b04319c7
A Python script (web.py) for a Dockerized webservice contains a directory traversal vulnerability, which can be leveraged by an authenticated attacker to view the contents of directories on the IoT Controller.
671f09dc7253e2fd4b96a2bd934c4db733ea5c114369ba82a1d81b35d72836f3
An undocumented, administrative-level, hard-coded web application account exists in the IoT Controller OVA which cannot be changed by the customer.
2486beac57efb14715dc2756e1ddce5fd0beb0268fa52ef3547894a1a7be04a5
Hard-coded, system-level credentials exist on the Ruckus IoT Controller OVA image, and are exposed to attackers who mount the filesystem.
df1716ceee1afc4991054f7d3e009a901d7b28289e89a2bebb461c0a64b3b1d9
API keys for CommScope Ruckus are included in the IoT Controller OVA image, and are exposed to attackers who mount the filesystem.
b4f5b79b878528d1365915db1dfcf08d2ea164bfda75ebc9baab1499e553cb33
Three API endpoints for the IoT Controller are accessible without authentication. Two of the endpoints result in information leakage and consumption of computing/storage resources. The third API endpoint that does not require authentication allows for a factory reset of the IoT Controller.
a8546049f222180c6bd593bbd28ea7a598ba7bbcd08ac8c48b4f8ac76357ba7c
Ubuntu Security Notice 4969-2 - USN-4969-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service. Various other issues were also addressed.
e9cc2d12e74cf591ba5ef27f62ce025cf56eca8cf710a2e58d5e1102895452d6
Ubuntu Security Notice 4969-1 - Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service.
be06ea6c2a98df3627755ff70eeb0760f093153455bffd6255cef51b438c3d29
Red Hat Security Advisory 2021-2139-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.2.0 serves as a replacement for Red Hat Data Grid 8.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, and server-side request forgery vulnerabilities.
26b79e23d99e81d46adcd853630427afc565a8681dad9bf539101220d92dd7b9
Gentoo Linux Security Advisory 202105-39 - Multiple vulnerabilities have been found in Ceph, the worst of which could result in privilege escalation. Versions less than 14.2.21 are affected.
7ab3522f846f6a648172b2520a0ceaea2ea557ede4081b724f6d25d68464c1a9
Red Hat Security Advisory 2021-2136-01 - An Openshift Logging bug fix release addresses an index validation issue.
8f9746dfa68f5ebe03798d9f8686052c21773b749d26577fe45138585199782b
Ubuntu Security Notice 4968-1 - It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code.
836e6f2c1fadbf1f7e75b0617c9bff905779ac807e186968f98c72a2f7cf62a7
Gentoo Linux Security Advisory 202105-38 - A vulnerability in nginx could lead to remote code execution. Versions less than 1.21.0 are affected.
20572af334a8f1e1ee046ba9e037e28de9c8585c3e1753cd1216bebc3019b5be