An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this....
6.5CVSS
7.7AI Score
0.006EPSS
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this....
6.5CVSS
7.7AI Score
0.006EPSS
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this....
7.9AI Score
0.006EPSS
Summary An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under...
8.2AI Score
0.001EPSS
tl;dr: this is not an audit and I take no responsibility for your backups, but I had a quick look at the crypto and I think I'm going to use restic for my personal backups. I keep hearing good things about restic. I am redoing my storage solution, and restic seems to tick all the boxes for my...
-0.6AI Score
tl;dr: this is not an audit and I take no responsibility for your backups, but I had a quick look at the crypto and I think I'm going to use restic for my personal backups. I keep hearing good things about restic. I am redoing my storage solution, and restic seems to tick all the boxes for my...
7AI Score
Rowhammer Attacks Come to MLC NAND Flash Memory
The Rowhammer attacks developed by Google more than two years ago put the focus on hardware front and center. That research allowed attackers to flip dynamic random access memory (DRAM) bits in order to induce those memory cells to change their state. Google’s research enabled kernel-level...
2.2AI Score
Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability
Summary An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under...
8.8CVSS
-0.1AI Score
0.001EPSS
WordPress FancyProductDesigner 3.4.2 Stored XSS Vulnerability
WordPress FancyProductDesigner plugin versions prior to 3.4.2 suffer from a persistent cross site scripting vulnerability due to improper sanitization, allowing malicious .svg file...
6.5AI Score
0.3AI Score
Threat Outbreak Alert RuleID28255: Email Messages Distributing Malicious Software on March 13, 2017
Medium Alert ID: 53004 First Published: 2017 March 13 13:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID28255) may contain the following...
0.1AI Score
GitLab: Gitlab.com is vulnerable to reverse tabnabbing. (#2)
Dear GitLab bug bounty team, Summary Gitlab.com is vulnerable to reverse tabnabbing in issues, comments, etc. This is the same type of issue as https://hackerone.com/reports/211065, but far worse since in the previous report only a user with developer access to a project could view the...
0.2AI Score
The Microsoft DirectX graphics kernel subsystem elevation of privilege vulnerability MS16-062)
来源: 腾讯科恩实验室官方博客 作者: Daniel King (@long123king) 如何攻破微软的Edge浏览器 攻破微软的Edge浏览器至少需要包含两方面基本要素:浏览器层面的远程代码执行(RCE: Remote Code Execution)和浏览器沙箱绕过。 浏览器层面的远程代码执行通常通过利用Javascript脚本的漏洞完成,而浏览器的沙箱绕过则可以有多种方式,比如用户态的逻辑漏洞,以及通过内核漏洞达到本地提权(EoP: Escalation of Privilege)。...
7.9AI Score
0.001EPSS
Paragon Initiative Enterprises: Not using Binary::safe* functions for substr/strlen function
Several places in the code don't use Binary::safe or CryptoUtil::safe functions, but use raw functions instead (strlen/substr) which can act as mb_funcname instead (not count bytes for strlen/etc...) 1....
-0.1AI Score
Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)
当指定的元素设置white-space属性为pre-line时,IE会通过AllocData2Pos函数分配内存,并通过CTreeDataPos来实例化该内存块。 CTreeDataPos将作为CTreePos,其中保存了CTreePos对应元素(white-space属性为pre-line的元素)的CTreeNode地址,同时将其加入DOM树。...
7.1AI Score
Windows Vista / 7 lpksetup. exe the DLL-hijacking-vulnerability warning-the black bar safety net
/* Exploit: Windows Vista/7 lpksetup.exe (oci.dll) DLL Hijacking Vulnerability Extension: the . mlc Author: Tyler Borland ([email protected]) Date: 10/20/2010 Tested on: Windows 7 Ultimate (Windows Vista Ultimate/Enterpries and Windows 7 Enterprise should be vulnerable as well) Effect:...
-0.1AI Score
0.4AI Score
Microsoft Windows Vista - lpksetup.exe oci.dll DLL Loading Arbitrary Code Execution
Microsoft Windows Vista - lpksetup.exe oci.dll DLL Loading Arbitrary Code...
0.5AI Score
Microsoft Windows Vista - 'lpksetup.exe oci.dll' DLL Loading Arbitrary Code Execution
...
7.4AI Score
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown...
7.1AI Score
0.001EPSS
Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified...
6.7AI Score
0.003EPSS
Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified...
7.2AI Score
0.003EPSS
Cross site request forgery (csrf)
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown...
7.6AI Score
0.001EPSS
JVN#36925871: e-Pares vulnerable to session fixation
e-Pares is a system that manages facility (conference rooms, etc.) information. e-Pares contains a session fixation vulnerability. ## Impact A remote attacker impersonating a logged in user may perform arbitrary operations. As a result, disclosure or alteration of information may occur. ##...
6.3AI Score
0.003EPSS
JVN#82465391: e-Pares vulnerable to cross-site request forgery
e-Pares is a system that manages facility (conference rooms, etc.) information. e-Pares contains a cross-site request forgery vulnerability. ## Impact If a user views a malicious page while logged into e-Pares, facility reservation data may be altered. ## Solution Update the Software Update to the....
6.3AI Score
0.001EPSS
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation
No description provided by...
6.7AI Score
0.001EPSS
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation In protected mode, cpl is usually equal to the two least significant bits of the cs register. However, there is an exception: in Virtual-8086 mode, the cpl is always 3 (least privileged), regardless of the value of the...
0.4AI Score
0.001EPSS