CVE-2020-0131

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...

Exploit for CVE-2020-2883

POC for weblogic CVE-2020-2883 poc1: bash javax.manageme...

Exploit for Deserialization of Untrusted Data in Oracle Access_Manager

CVE-2020-2555 is a remote code execution RCE vulnerability in Oracle WebLogic Server. It is caused by a deserialization bug in the com.tangosol.util.extractor.ReflectionExtractor class. The vulnerability allows an attacker to execute arbitrary code on the server by sending a specially crafted...

Google Android Resource Management Error Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A resource management error vulnerability exists in the parseTrackFragmentRun of the MPEG4Extractor.cpp file in Android version 10, which can be exploited by an attacker to cause a denial of...

CVE-2020-0088

In parseTrackFragmentRun of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Andro...

Exploit for Deserialization of Untrusted Data in Oracle Access_Manager

CVE-2020-2555 Weblogic com.tangosol.util.extractor.ReflectionE...

DEBIAN-CVE-2019-20093

The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file, because of ImageExtractor.cpp...

Memory Corruption Vulnerability in iPubsoft PDF Image Extractor

iPubsoft PDF Image Extractor is a PDF processing tool. A memory corruption vulnerability exists in iPubsoft PDF Image Extractor, which can be exploited by attackers to crash the program by constructing malformed PDF files...

CVE-2019-9262

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

CVE-2019-9262

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

CVE-2019-9262

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

GNU Libextractor Heap Buffer Overflow Vulnerability (CNVD-2020-20390)

GNU Libextractor is a set of libraries from the GNU Project for extracting metadata from files. A heap buffer overflow vulnerability exists in the 'EXTRACTORdviextractmethod' function in the plugins/dviextractor.c file in GNU Libextractor 1.9 and earlier. The vulnerability stems from a networked...

DEBIAN-CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

UBUNTU-CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

[SECURITY] [DLA 1833-2] bzip2 regression update

Package : bzip2 Version : 1.0.6-4+deb7u2 CVE ID : CVE-2019-12900 The original fix for CVE-2019-12900 in bzip2, a high-quality block-sorting file compressor, introduces regressions when extracting certain lbzip2 files which were created with a buggy libzip2. Please see https://bugs.debian.org/9312...

CVE-2019-2109

In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

UBUNTU-CVE-2019-2109

In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

Python-Iocextract - Advanced Indicator Of Compromise (IOC) Extractor

Advanced Indicator of Compromise IOC extractor. Overview This library extracts URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora. It includes some encoded and "defanged" IOCs in the output, and optionally decodes/refangs them. The Problem It is common practice...

Imperva Cloud WAF and Graylog, Part II: How to Collect and Ingest SIEM Logs

This guide gives step-by-step guidance on how to collect and parse Imperva Cloud Web Application Firewall WAF, formerly Incapsula logs into the Graylog SIEM tool. Read Part I to learn how to set up a Graylog server in AWS and integrate with Imperva Cloud WAF. This guide assumes: You have a clean...