CVE-2019-10844

nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...

CVE-2019-10844

CVE-2019-10844 affects Sony Neural Network Libraries (nnabla) – nbla/logger.cpp in libnnabla.a up to v1.0.14. The root cause is that code relies on the HOME environment variable, which is untrusted, enabling potential influence on behavior via the user’s HOME value. Public references in Red Hat a...

Sony Neural Network Libraries Input Validation Error Vulnerability

Neural Network Libraries is a deep learning framework designed for research, development and production. An input validation error vulnerability exists in nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries nnabla 1.0.14 and earlier. The vulnerability stems from the software's...

PT-2019-18719 · Green Hills +1 · Integrity Rtos +1

Name of the Vulnerable Software and Affected Versions: Green Hills INTEGRITY RTOS version 5.0.4 Description: An issue was discovered in the Interpeak IPCOMShell TELNET server. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to...

GHSA-3C87-R9F7-QFGQ Downloads Resources over HTTP in macaca-chromedriver-zxa

Affected versions of macaca-chromedriver-zxa insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executi...

Downloads Resources over HTTP in macaca-chromedriver-zxa

Affected versions of macaca-chromedriver-zxa insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executi...

EUVD-2019-13103

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

Denial Of Service (DoS)

glibc is vulnerable to denial of service DoS attacks. The vulnerability exists as an off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to...

Directory Traversal

glibc is vulnerable to directory traversal attacks. The vulnerability exists through multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a...

Arbitrary Code Execution

dbus is vulnerable to arbitrary code execution attacks. The vulnerability exists as libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUSSYSTEMBUSADDRESS...

Information Disclosure

managesieve is vulnerable to information disclosure attacks. The vulnerability exists as the environment variable SIEVEPASSWORD is disclosed when displaying usage help...

GNU inetutils 1.9.4 telnet.c Overflows

GNU inetutils = 1.9.4 telnet.c multiple overflows ================================================== GNU inetutils is vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. Most modern...

MariaDB Client 10.1.26 - Denial of Service Exploit

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

MariaDB Client 10.1.26 Denial Of Service

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

MariaDB Client 10.1.26 - Denial of Service (PoC)

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

[SECURITY] Fedora 27 Update: libconfuse-3.2.2-1.fc27

libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and lists of values strings, integers, floats, booleans or other sections, as well as some other features such as single/double-quoted strings, environment variab...

Cmd and Conquer: De-DOSfuscation with flare-qdb

When Daniel Bohannon released his excellent DOSfuscation paper, I was fascinated to see how tricks I used as a systems engineer could help attackers evade detection. I didn’t have much to contribute to this conversation until I had to analyze a hideously obfuscated batch file as part of my job on...

Updated lilypond packages fix security vulnerability

lilypond does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks CVE-2017-17523...

Solaris EXTREMEPARR dtappgather Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...

Solaris 'EXTREMEPARR' dtappgather Privilege Escalation

This module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any...