Security Bulletin: ClassLoader manipulation with Apache Struts affecting Rational Application Developer (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is bundled by IBM Rational Application Developer for WebSphere Software. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...

Debian DLA-2092-1 : qtbase-opensource-src security update

In Qt5's plugin loader code as found in qtbase-opensource-src, it was possible to side-load plugins from 'the' local folder in addition to a system-widely defined library path. For Debian 8 'Jessie', this problem has been fixed in version 5.3.2+dfsg-4+deb8u4. We recommend that you upgrade your...

Debian: Security Advisory (DLA-2092-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-8093

A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2017-1199)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper access control

Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networkin...

CVE-2019-2267

Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networkin...

CVE-2019-2267

Summary: CVE-2019-2267 affects Qualcomm closed‑source components in Snapdragon platforms (Auto, Compute, Connectivity, Mobile, etc.). The issue is caused by improper access control that allows locked regions to be modified via other interfaces in the secure boot loader image. This could impact bo...

OpenBSD - Dynamic Loader chpass Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...

DEBIAN-CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

UBUNTU-CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

OpenBSD Dynamic Loader chpass Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...

Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System

An Obfuscation-Neglect Android Malware Scoring System Concepts Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way. W...

Apache Solr Remote Code Execution via Velocity Template

This module exploits a vulnerability in Apache Solr 'Apache Solr Remote Code Execution via Velocity Template', 'Description' = %q This module exploits a vulnerability in Apache Solr = 8.3.0 which allows remote code execution via a custom Velocity template. Currently, this module only supports Sol...

OpenBSD 6.x - Dynamic Loader Privilege Escalation Exploit

Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration Acknowledgments...

OpenBSD 6.x - Dynamic Loader Privilege Escalation

OpenBSD 6.x - Dynamic Loader Privilege Escalation Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents...

OpenBSD 6.x - Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...