CVE-2019-3851

A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page...

Joomla! 3.0.x < 3.9.4 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - Lack of ACL checks in sample data plugins affects Joomla 3.8.0 through 3.9.3 - XSS in comconfig JSON handler affects Joomla 3.2.0 through 3.9.3 - XSS in itemtitle layout...

All Intel processors are facing new attacks SPOILER, the software level is no solution-vulnerability warning-the black bar safety net

Researchers at Intel memory subsystem private implementation found address speculation of a vulnerability, it will leak memory layout information, flipping the bits of the Rowhammer attack easier to perform. SPOILER attack is different from the raging Spectre attack, it does not mention the right...

CVE-2019-8277

UltraVNC revision 1211 contains multiple memory leaks CWE-665 in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...

[20190302] - Core - XSS in item_title layout

The itemtitle layout in edit views lacks escaping, leading to a XSS vulnerability...

HDF HDF5 Buffer Overflow Vulnerability

HDF5 is a data model, library, and file format for storing and managing data. A buffer overflow vulnerability exists in H5Olayoutencode in H5Olayout.c in HDF HDF5 1.10.4 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service via a specially crafted HDF5 file...

DEBIAN-CVE-2019-8396

A buffer overflow in H5Olayoutencode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."...

UBUNTU-CVE-2019-8396

A buffer overflow in H5Olayoutencode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."...

Vulnerability Spotlight: Adobe Acrobat Reader DC text field remote code execution vulnerability

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Executive summary Adobe Acrobat Reader DC contains a vulnerability that could allow an attacker to remotely execute code on the victim’s machine. If the attacker tricks the user into opening a specially crafted PDF with specific...

CVE-2018-20774

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field...

CVE-2018-20772

Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...

CVE-2018-20774

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field...

CVE-2018-20774

CVE-2018-20774 affects Frog CMS 0.9.5, with a cross-site scripting (XSS) vulnerability in the admin/?/layout/edit/1 Body field. The root cause is improper input handling that allows injecting script into a form field which is subsequently rendered without sufficient sanitization, enabling client-...

Multiple Apple Products Kernel Out-of-Bounds Read Vulnerability

Apple iOS is an operating system developed for mobile devices; macOS Sierra, macOS High Sierra, and macOS Mojave are different versions of a specialized operating system developed for Mac computers; tvOS is a smart TV operating system. Kernel is one of the kernel components. An out-of-bounds read...

Valve: GoldSrc: Buffer Overflow in DELTA_ParseDelta function leads to RCE

Description The bug is triggered by 2 packets. First one is svcdeltadescription which describes memory layout of such structures as eventt, weapondatat, ... It is sent as a list of fields' descriptions: type, offset and others. Next, DELTAParseDelta fills these structures when corresponding delta...

Multiple Apple Products Kernel Information Disclosure Vulnerability

Apple iOS, tvOS, watchOS, and macOS High Sierra are products of Apple Inc. Apple iOS is an operating system for mobile devices; tvOS is a smart TV operating system; watchOS is a smart watch operating system; and macOS High Sierra is a specialized operating system developed for Mac computers. Sier...

Integer overflow

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...

CVE-2019-6250

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...

Notes on Self-Publishing a Book

In this post I would like to share a few thoughts on self-publishing a book, in case anyone is considering that option. As I mentioned in my post on burnout, one of my goals was to publish a book on a subject other than cyber security. A friend from my Krav Maga school, Anna Wonsley, learned that...

CVE-2018-20484

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation...