Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

Windows IKEEXT AuthIP Unvalidated GSS_ID Privilege Escalation

The Windows IKEEXT service does not verify the SPN when performing AuthIP authentication leading to leaking authentication tokens to untrusted systems.

Packet Storm
#csrf#ubuntu#vulnerability#windows
SAP NetWeaver ABAP IGS Memory Corruption

The SAP NetWeaver ABAP IGS service suffers from multiple memory corruption vulnerabilities.

Online Course Registration 1.0 SQL Injection

Online Course Registration version 1.0 suffers from a blind boolean-based remote SQL injection vulnerability.

SAP NetWeaver ABAP Gateway Memory Corruption

The SAP NetWeaver ABAP Gateway service suffers from multiple memory corruption vulnerabilities.

Ubuntu Security Notice USN-5116-2

Ubuntu Security Notice 5116-2 - It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information. Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly compute the access permissions for shadow pages in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

SAP NetWeaver ABAP Dispatcher Service Memory Corruption

SAP NetWeaver ABAP Dispatcher service suffers from memory corruption vulnerabilities. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system causing the system to crash and rendering it unavailable.