CVE-2016-1662

extensions/renderer/gccallback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

UBUNTU-CVE-2016-1662

extensions/renderer/gccallback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

CVE-2016-1662

extensions/renderer/gccallback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

CVE-2016-1662

Removed by vendor...

GNU gcc Denial of Service Vulnerability (CNVD-2016-03013)

GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A security vulnerability exists in the libiberty demangler library of GNU gcc. An attacker could exploit the vulnerability to crash the host application...

GNU gcc memory misreference vulnerability (CNVD-2016-03093)

GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A memory misreference vulnerability exists in GNU gcc. An attacker can exploit the vulnerability to cause invalid writes with the help of the 'btypevec' parameter...

GNU gcc integer overflow vulnerability (CNVD-2016-03094)

GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An integer overflow vulnerability exists in the 'gnuspecial' method of GNU gcc. An attacker could exploit this vulnerability to cause an invalid write...

GNU gcc integer overflow vulnerability (CNVD-2016-03095)

GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. An integer overflow vulnerability exists in GNU gcc, which arises from a program's failure to properly handle data of type signed int. An attacker could exploit this vulnerability to...

chromium-browser: use-after-free in extensions

extensions/renderer/gccallback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

Mozilla Firefox Injection Vulnerability

Mozilla Firefox Health Report is a plug-in developed by the Mozilla Foundation for understanding the performance of the Firefox browser. It collects some usage data from the users, and then provides the stability and performance of the Firefox browser, as well as optimization tips. An injection...

American Fuzzy Lop Utilities: afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization afl-utils is a collection of utilities to assist fuzzing with american-fuzzy-lop afl . afl-utils includes tools for: automated crash sample collection, verification, reduction and analys...

Google makes it mandatory for Chrome Apps to tell Users what Data they collect

In Brief Chrome apps and extensions make things easier, but they can also do terrible things like spy on web users and collect their personal data. But, now Google has updated its browser’s User Data Policy requiring all Chrome extension and app developers to disclose what data they collect...

PHPmongoDB 1.0.0 - Multiple Vulnerabilities

Exploit Title: PHPmongoDB v1.0.0 - Multiple Vulnerabilities CSRF | HTMLor Iframe Injection | XSS Reflected & Stored Date: 14.04.2016 Exploit Author: Ozer Goker Vendor Homepage: http://www.phpmongodb.org Software Link: https://github.com/phpmongodb/phpmongodb Version: 1.0.0 Introduction A Tool...

PHPmongoDB 1.0.0 - Multiple Vulnerabilities

PHPmongoDB 1.0.0 - Multiple Vulnerabilities Exploit Title: PHPmongoDB v1.0.0 - Multiple Vulnerabilities CSRF | HTMLor Iframe Injection | XSS Reflected & Stored Date: 14.04.2016 Exploit Author: Ozer Goker Vendor Homepage: http://www.phpmongodb.org Software Link:...

How to Export SQL Logs

Purpose This article documents how to export logs from the two SQL database engines used by Veeam Backup & Replication: Microsoft SQL Server PostgreSQL Solution Microsoft SQL Server Log Collection The following steps require Microsoft SQL Server Management Studio SSMS. 1. Open Microsoft SQL Serve...

SUSE SLED12 / SLES12 Security Update : gcc5 (SUSE-SU-2016:0963-1)

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The update package also includes...

GetDataReport - Script to collect information to the client side

Script in PHP+JS for get information of target through a web application, use $SERVER functions and JS functions for get information of our client. Plugin WEBApps in some web applications need to collect information from the client to perform tasks with this plugin will be easier to work with the...

SUSE-SU-2016:0963-1 Security update for gcc5

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed: - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The following non-security issues...

The vulnerability of the Mac OS X operating system allows a perpetrator to trigger a phone number collection event without the user’s permission.

The vulnerability of the Reminders component in the Mac OS X operating system is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, acting remotely, to trigger a phone number collection event without user permission by clicking on the “tel” link...

Star Wars Force Collection - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Star Wars Force Collection published at the 'play' market has multiple vulnerabilities...