Fi6S - IPv6 Network Scanner Designed To Be Fast

fi6s is a IPv6 port scanner designed to be fast. This is achieved by sending and processing raw packets asynchronously. The design and goal is pretty similar to Masscan, though it is not as full-featured yet. Building Building should be fairly easy on up-to-date distros. On Ubuntu 16.04 xenial it...

chromium-browser: Fullscreen UI spoof

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page...

CVE-2018-6097

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page...

CVE-2018-6106

An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page...

Workspace Environment Management (WEM): Active Directory search improvements in WEM 4.6

Introduction The Active Directory AD system built into the WEM Administration Console and WEM Infrastructure Server has been refactored in WEM 4.6 to improve performance and stability. Although AD searches performed by the WEM Console and WEM Infrastructure server in previous WEM versions have...

js-jquery: XSS in responses from cross-origin ajax requests

REJECTED CVE This CVE has been rejected. This candidate is a duplicate of CVE-2015-9251. Note: All CVE users should reference CVE-2015-9251 instead of this candidate...

PT-2018-18256 · Asyncssh +2 · Asyncssh +2

Name of the Vulnerable Software and Affected Versions: AsyncSSH versions prior to 1.12.1 Description: The issue arises from the SSH server implementation not properly checking whether authentication is completed before processing other requests. This allows a customized SSH client to bypass the...

DokuWiki Reflection File Download Vulnerability

DokuWiki is a German software developer Andreas Gohr developed a PHP-based Wiki engine , it is mainly used for small and medium-sized team and personal website knowledge base management , and provides version control , full-text search and permission control and other functions . A security...

OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

CVE-2017-16857

It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the...

Design/Logic Flaw

It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the...

CVE-2017-16857

It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the...

CVE-2017-16857

It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the...

USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

Lazy async SVG rasterisation

Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...

OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

[SECURITY] Fedora 25 Update: libsoup-2.56.1-1.fc25

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

[SECURITY] Fedora 26 Update: libsoup-2.58.2-1.fc26

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

[SECURITY] Fedora 25 Update: mingw-c-ares-1.13.0-1.fc25

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...