PT-2021-3582 · Selinux +6 · Selinux +6

Name of the Vulnerable Software and Affected Versions: SELinux version 3.2 Description: The issue is related to a use-after-free in the cil reset classpermission function of the CIL compiler in SELinux. This function is called from cil reset classperms set and cil reset classperms list. The...

perl: heap-based buffer overflow in regular expression compiler leads to DoS

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

The vulnerability of the `static ptrdiff_t finderrfunc` function in the `src/lj_err.c` file of the LuaJIT compiler, a programming language for Lua. This vulnerability allows an attacker to cause a service failure.

The vulnerability of the static ptrdifft finderrfunc function in the src/ljerr.c file of the LuaJIT compiler for the Lua programming language is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

HTTP Bridge - Send TCP Stream Packets Over Simple HTTP Request

I've wrote this program as a proof of concept to test the idea of be able to send tcp stream packets over simple http request like PUT, PATCH, POST, GET, without use a proxy way like CONNECT method. Also as a practice exercise to train my novice skill on rust language. Description These tool is...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2021-374)

This update for java-180-openjdk fixes the following issues : - Update to version jdk8u282 icedtea 3.18.0 - January 2021 CPU bsc1181239 - Security fixes + JDK-8247619: Improve Direct Buffering of Characters CVE-2020-14803 - Import of OpenJDK 8 u282 build 01 + JDK-6962725: Regtest...

Remote code execution

Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was...

Remote code execution via the `pretty` option.

Impact If a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was possible for them to achieve remote code execution on the node.js backend. Patches Upgrad...

Pug 注入漏洞

Pug is Pug open source an application . Provides ways to optimize html. Pug has an injection vulnerability that can be exploited by an attacker to compile the pretty option of the compiler...

SUSE-SU-2021:0665-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Update to version jdk8u282 icedtea 3.18.0 January 2021 CPU bsc1181239 Security fixes + JDK-8247619: Improve Direct Buffering of Characters CVE-2020-14803 Import of OpenJDK 8 u282 build 01 + JDK-6962725: Regtest...

WdToggle - A Beacon Object File (BOF) For Cobalt Strike Which Uses Direct System Calls To Enable WDigest Credential Caching

A Proof of Concept Cobalt Strike Beacon Object File which uses direct system calls to enable WDigest credential caching and circumvent Credential Guard if enabled. Additional guidance can be found in this blog post: https://outflank.nl/blog/?p=1592 Background This PoC code is based on the followi...

SSB - A Faster And Simpler Way To Bruteforce SSH Server

S ecure S hell B ruteforcer — A faster & simpler way to bruteforce SSH server. Installation from Binary Download a pre-built binary from releases page, unpack and run! Or: ▶ sudo curl -sSfL 'https://git.io/kitabisa-ssb' | sh -s -- -b /usr/local/bin from Source Need go1.14+ compiler installed and...

perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...

rust-toolset:rhel8 bug fix and enhancement update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. Rust Toolset has been updated to version 1.47.0 BZ1883839. For detailed information on changes in this release, see the AlmaLinux.1...

CVE-2021-21306 Denial of Service in Marked

Marked is an open-source markdown parser and compiler npm package "marked". In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is...

perl: heap-based buffer overflow in regular expression compiler leads to DoS

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

CentOS 8 : java-11-openjdk (CESA-2020:2970)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2970 advisory. - OpenJDK: Incorrect handling of access control context in ForkJoinPool Libraries, 8237117 CVE-2020-14556 - OpenJDK: Excessive memory usage in ImageIO...

GitHub Security Lab: ihsinme: CPP Add query for CWE-14 compiler removal of code to clear buffers.

This bug was reported directly to GitHub Security Lab...

Shellex - C-shellcode To Hex Converter, Handy Tool For Paste And Execute Shellcodes In Gdb, Windbg, Radare2, Ollydbg, X64Dbg, Immunity Debugger And 010 Editor

C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor. Are you having problems converting C-shellcodes to HEX maybe c-comments+ASCII mixed? Here is shellex. If the shellcode can be compiled in a C compiler...

The vulnerability of the compiler of the protobuf serialization library allows a hacker to execute arbitrary code.

The vulnerability of the protobuf serialization library compiler is related to an error in the processing of integer variables. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

In-the-Wild Series: Chrome Infinity Bug

This is part 2 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post. Posted by Sergei Glazunov, Project Zero This post only covers one of the exploits, specifically a renderer...