Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due a use-after-free UAF bug in Parse.cpp when an asynchronous arrow functions are used, which would allow a remote attacker to leave a bogus reference to the async identifier and execute arbitrary code in the context of the...

Kernel update: Virtuozzo ReadyKernel patch 67.0 for Virtuozzo 7.0.4 HF3 to 7.0.7 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo kernels 3.10.0-514.16.1.vz7.30.15 7.0.4 HF3 to 3.10.0-693.21.1.vz7.48.2 7.0.7 HF3. Vulnerability id: PSBM-90024 It was discovered that a special sequence of operations involving NFS server ...

Asynchronous Target Enumeration Tool: bscan

bscan is a command-line utility to perform active information gathering and service enumeration. At its core, bscan asynchronously spawns processes of well-known scanning utilities, repurposing scan results into highlighted console output and a well-defined directory structure. bscan was written ...

F5 Networks BIG-IP : iControl REST vulnerability (K24465120)

Race conditions in iControl REST may lead to commands executed with different privilege levels than expected. CVE-2017-6167 Impact Sending asynchronous tasks usingthe iControl REST API may be processed as the wrong user and resultin an error. C Tenable Network Security, Inc. The descriptive text...

kernel: AIO write triggers integer overflow in some protocols

Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression...

au.com.govlawtech:dvasopapi-client (=1.3.1), by.exonit.redmine.client:client-play-ws_2.11 (=4.0.0-RC2) +342 more potentially affected by CVE-2017-14063 via org.asynchttpclient:async-http-client (>=2.0.0-RC1 <=2.0.34)

org.asynchttpclient:async-http-client MAVEN version =2.0.0-RC1, =1.0, =1.23.0, =1.23.0, =1.2.2, =0.5.4, =0.9.1, =0.0.1, =0.1.13, =1.0, =2.7.0 and more Source cves: CVE-2017-14063 Source advisory: OSV:GHSA-93JQ-624G-4P9P...

async-http-client: Invalid URL parsing with '?'

Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...

tecrail Responsive FileManager Path Traversal Vulnerability

tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail that supports the uploading and management of videos, images and other files. A directory traversal vulnerability exists in the /filemanager/ajaxcalls.php file in versions of tecrail...

CVE-2018-12587

A cross-site scripting XSS vulnerability was found in valeuraddons German Spelling Dictionary v1.3 an Opera Browser add-on. Instead of providing text for a spelling check, remote attackers may inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar...

Reconnaissance and Vulnerability Scanning Tool: Raccoon

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan output...

[SECURITY] Fedora 28 Update: uwsgi-2.0.17.1-1.fc28

uWSGI is a fast pure C, self-healing, developer/sysadmin-friendly application container server. Born as a WSGI-only server, over time it has evolved in a complete stack for networked/clustered web applications, implementing message/object passing, caching, RPC and process management. It uses the...

[SECURITY] Fedora 28 Update: python-websockets-5.0.1-1.fc28

websockets is a library for developing WebSocket servers and clients in Python. It implements RFC 6455 with a focus on correctness and simplicity. It passes the Autobahn Testsuite. Built on top of Python=EF=BF=BD=EF=BF=BD=EF=BF=BDs asynchronous I/O support introduced in PEP 3156, it provides an A...

[SECURITY] Fedora 27 Update: libsoup-2.60.3-2.fc27

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

WeChat Pay SDK XXE Injection

Hi List, Title XXE in WeChat Pay Sdk WeChat leave a backdoor on merchant websites ------------------------------------------ Background aMobile payments surge to $9 trillion a year, changing how people shop, borrowaeven panhandlea, as WSJ.com once reported. As a payment security researcher, I...

CVE-2018-1000510

WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intentionally or unintentionally via CSRF by any logged in user. This vulnerability...

kernel: AIO write triggers integer overflow in some protocols

Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression...

kernel: AIO interface didn't use rw_verify_area() for checking mandatory locking on files and size of access

It was found that AIO interface didn't use the proper rwverifyarea helper function with extended functionality, for example, mandatory locking on the file. Also rwverifyarea makes extended checks, for example, that the size of the access doesn't cause overflow of the provided offset limits. This...

Remote code execution

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

Fi6S - IPv6 Network Scanner Designed To Be Fast

fi6s is a IPv6 port scanner designed to be fast. This is achieved by sending and processing raw packets asynchronously. The design and goal is pretty similar to Masscan, though it is not as full-featured yet. Building Building should be fairly easy on up-to-date distros. On Ubuntu 16.04 xenial it...

chromium-browser: Fullscreen UI spoof

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page...