Webmin version 1.850 suffers from server side request forgery, cross site request forgery, and cross site scripting vulnerabilities.
Source: Webmin 1.850 SSRF / CSRF / Cross Site Scripting
The post Webmin 1.850 SSRF / CSRF / Cross Site Scripting appear…
Microsoft Edge Chakra accesses uninitialized pointers in StackScriptFunction::BoxState::Box.
Source: Microsoft Edge Chakra StackScriptFunction::BoxState::Box Uninitialized Pointers
The post Microsoft Edge Chakra StackScriptFunction::BoxState::Box Unini…
The “String.prototype.replace” method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating “ImplicitCallFlags”. But “RegexHelper::StringReplace” calls the replace function without updating the flag. Therefore it fails to detect if a user function was called. Source: Microsoft Edge Chakra JIT […]
The post Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call appeared first on MondoUnix.
Microsoft Edge Chakra JIT compiler creates incorrect GenerateBailOut calling patterns.
Source: Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns
The post Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns appeared f…
The enlightened lockdown policy check for COM Class instantiation can be bypassed in MSHTML hosts leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).
Source: Microsoft Windows WLDP/MSHTML CLSID UMCI Bypass
The post Mi…
Shadowsocks-libev version 3.1.0 suffers from a remote command execution vulnerability.
Source: Shadowsocks-libev 3.1.0 Command Execution
The post Shadowsocks-libev 3.1.0 Command Execution appeared first on MondoUnix.
Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traffic can be brute forced. The latest commit 2ab8c6b on Sep 6, 2017 […]
The post Shadowsocks Log Manipulation / Command Execution appeared first on MondoUnix.
AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.
Source: AlienVault USM 5.4.2 Cross Site Request Forgery
The post AlienVault USM 5.4.2 Cross Site Request Forgery appeared first on MondoUnix.
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation. Source: Opentext Documentum […]
The post Opentext Documentum Content Server File Hijack / Privilege Escalation appeared first on MondoUnix.
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows any authenticated user the ability to replace content of security-sensitive dmr_content objects (for example, dmr_content related to …
