UBUNTU-CVE-2020-25603

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier e.g., smp...

CVE-2020-25603

CVE-2020-25603 affects Xen up to 4.14.x, where missing memory barriers in event-channel access/allocation allow lockless manipulation of event-channel state. A malicious guest could crash the hypervisor, causing a Denial of Service, with potential information leaks or privilege escalation. Public...

Missing memory barriers when accessing/allocating an event channel

ISSUE DESCRIPTION Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such sequence is missing appropriate memory barrier e.g smpmb to prevent both the compiler and CPU to re-order access. IMPACT A malicious guest may be able to cause a...

CRLFuzz - A Fast Tool To Scan CRLF Vulnerability Written In Go

A fast tool to scan CRLF vulnerability written in Go Installation from Binary The installation is easy. You can download a prebuilt binary from releases page, unpack and run! or with $ curl -sSfL http://git.io/get-crlfuzz | sh -s -- -b /usr/local/bin from Source If you have go1.13+ compiler...

USN-4501-1: LuaJIT vulnerability

It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service application crash or possibly expose sensitive information. CVE-2020-15890...

Monsoon - Fast HTTP Enumerator

A fast HTTP enumerator that allows you to execute a large number of HTTP requests, filter the responses and display them in real-time. Example Run an HTTP GET request for each entry in filenames.txt, hide all responses with the status code 403 or 404: Installation Building from source These...

Avcleaner - C/C++ Source Obfuscator For Antivirus Bypass

C/C++ source obfuscator for antivirus bypass. Build docker build . -t avcleaner docker run -v /dev/scrt/avcleaner:/home/toto -it avcleaner bash adapt /dev/scrt/avcleaner to the path where you cloned avcleaner sudo pacman -Syu mkdir CMakeBuild && cd CMakeBuild cmake .. make -j 2 ./avcleaner.bin...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2453-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2461-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

Malicious Package in appx-compiler

All versions of appx-compiler contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

Code Injection in swig/swig

Description SWIG is a compiler that integrates C and C++ with languages including Perl, Python, Tcl, Ruby, PHP, Java, C, D, Go, Lua, Octave, R, Scheme Guile, MzScheme/Racket, Scilab, Ocaml. SWIG can also export its parse tree into XML. One of the python tools of swig include a mkdist.py script...

@cowlick/analyzer (>=0.9.0 <=0.9.1), @cowlick/kag-compiler (>=0.9.0 <=0.9.1) +4 more potentially affected by CVE-2020-8244 via bl (=2.0.1)

bl NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.9.0, =0.9.0, =4.1.6, =1.2.0, =1.0.0, =1.0.0, =1.1.37 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

@cowlick/analyzer (>=0.10.0 <=0.11.0), @cowlick/kag-compiler (>=0.10.0 <=0.11.0) +1 more potentially affected by CVE-2020-8244 via bl (=3.0.0)

bl NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.10.0, =0.10.0, =1.0.0, =1.0.3 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

SUSE-SU-2020:2461-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

SUSE-SU-2020:2453-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

frames-simulator (>=1.0.8 <=1.0.9) potentially affected by CVE-2016-10649 via frames-compiler (=1.0.8)

frames-compiler NPM version =1.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on frames-compiler and may be impacted: - frames-simulator =1.0.8, =1.0.9 Source cves: CVE-2016-10649 Source advisory: OSV:GHSA-9CHW-XRWX-F86J...

frames-compiler downloads Resources over HTTP

Affected versions of frames-compiler insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

JITSploitation III: Subverting Control Flow

Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed i...

JITSploitation I: A JIT Bug

By Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in iOS...

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...