5111 matches found
Chromium: CVE-2022-0459 Use after free in Screen Capture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Trellix Launches Annual CTF Competition – Catmen Sanfrancisco!
Trellix Launches Annual CTF Competition – Catmen Sanfrancisco! By Trellix · February 1, 2022 This story was written by Steve Povolny. The Advanced Threat Research team, now with Trellix, is pleased to announce the return of our second annual Capture the Flag contest featuring 12 new challenges of...
Trellix Launches Annual CTF Competition – Catmen Sanfrancisco!
Trellix Launches Annual CTF Competition – Catmen Sanfrancisco! By Trellix · February 1, 2022 This story was written by Steve Povolny. The Advanced Threat Research team, now with Trellix, is pleased to announce the return of our second annual Capture the Flag contest featuring 12 new challenges of...
Cross-site Scripting (XSS) - Reflected in navigatecms/navigate-cms
Description Cross-Site Scripting is vulnerability which allows attackers to execute arbitrary javascript code in the browser of victim. Proof of Concept Parameter: id Payload: alertdocument.cookie Affected endpoints: On Firefox browser, visit: 1...
Denial Of Service (DoS)
wireshark:edge is vulnerable to denial of service. Crash in the RFC 7468 dissector allows denial of service via packet injection or crafted capture file...
Denial Of Service (DoS)
wireshark:edge is vulnerable to denial of service. Infinite loop in the BitTorrent DHT dissector allows denial of service via packet injection or crafted capture file...
Mageia: Security Advisory (MGASA-2014-0068)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MoonBounce: New malware deployed by APT41 in UEFI firmware
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...
CTF-All-In-One
This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Cheng, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...
GLSA-202105-21 : Tcpreplay: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202105-21 Tcpreplay: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Tcpreplay. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...
[SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
...
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
...
Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
...
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
...
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
...
Umbraco 环境问题漏洞
Umbraco is an open source Content Management System CMS written in C by Umbraco, Denmark. The Umbraco CMS is vulnerable to an environmental issue that could allow an attacker to change the URL that a user receives when resetting their password to point to the attacker's server, and when the user...
CVE-2021-24046
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0...
CVE-2021-24046
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0...
CVE-2021-24046
CVE-2021-24046 describes a logic flaw in Ray-Ban Stories device software that allows certain parameters, notably the video capture duration limit, to be modified through the Facebook View application. Affected are device software versions prior to 2107460.6810.0. The connected sources consistentl...