Jinja2 sandbox escape via string formatting

In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. The sandbox is used to restrict what code can be evaluated when rendering untrusted, user-provided templates. Due to the way string formatting works in Python, the str.formatmap method could be used to escape the sandbox. This...

PYSEC-2019-220

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape...

April 2, 2019 — KB4489192 Cumulative update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019

April 2, 2019 — KB4489192 Cumulative update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019 Release Date: 04/02/2019 Version: .NET Framework 3.5 and 4.7.2 Improvements and fixes This update includes quality improvements. No new operating system features are...

MGASA-2019-0086 Updated python-django packages fix security vulnerability

If django.utils.numberformat.format -- used by contrib.admin as well as the floatformat, filesizeformat, and intcomma templates filters -- received a Decimal with a large number of digits or a large exponent, it could lead to significant memory usage due to a call to ':f'.format CVE-2019-6975...

USN-3890-1 python-django vulnerability

It was discovered that Django incorrectly handled formatting certain numbers. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

December 5, 2018—KB4469041 Preview of cumulative update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019

December 5, 2018—KB4469041 Preview of cumulative update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019 Release Date: 12/05/2018Version: .NET Framework 3.5 and 4.7.2 Improvements and fixes This update includes quality improvements. No new operating system...

CVE-2018-18357

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

Google Chrome Domain Spoofing Vulnerability (CNVD-2019-01764)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A domain spoofing vulnerability exists in Google Chrome. The vulnerability stems from the URL Formatter in Google Chrome mishandling obfuscated characters. A remote...

UBUNTU-CVE-2018-6107

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

UBUNTU-CVE-2018-6104

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 (KB 4459944)

Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 KB 4459944 Applies to: Microsoft .NET Framework 4.5.2 Notice This update is included in the Preview of Quality Rollup that's dated November 27, 2018. This update was previously released as part of the...

Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4459934)

Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 KB 4459934 Applies to: Microsoft .NET Framework 3.5.1 Notice This update is included in the Preview of Quality Rollup that's dated November 27, 2018. This update was previously...

Pulse Secure Desktop Formatting String Vulnerability

Pulse Secure Desktop is a suite of client software from Pulse Secure USA for endpoint devices that access Juniper Pulse Secure gateways. A formatting string vulnerability exists in Pulse Secure Desktop macOS versions 5.3RX prior to 5.3R5 and 9.0R1. A local attacker could exploit this vulnerabilit...

7-Technologies IGSS Vulnerabilities

Overview This advisory is a follow-up to ICS-ALERT-11-080-03 7-Technologies IGSS Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent researcher has identified eight vulnerabilities in 7-Technologies 7T IGSS SCADA human-machine interface HMI application. Each of t...

Description of the security update for Word 2013: July 10, 2018

Description of the security update for Word 2013: July 10, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

BST (Binary String Toolkit) - Quickly And Easily Convert Binary Strings For All Your Exploit Development Needs

The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes, such as those used to develop exploits in the security field. Features Dump files content to standard output in a binary string format...

CVE-2018-5177

A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox 60...

Buffer overflow

A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox 60...

CVE-2018-5177

A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox 60...

Mozilla Firefox XSLT Buffer Overflow Vulnerability

Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. A buffer overflow vulnerability exists in XSLT in Mozilla Firefox during number formatting. An attacker could exploit this vulnerability to cause a denial of service...