Input validation

DISPUTED The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt...

CVE-2017-9230

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. Th...

CVE-2017-9230

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. Th...

CVE-2017-9230

CVE-2017-9230 is tied to a Bitcoin Proof-of-Work methodology issue: 80-byte block headers with varying 64-byte chunks and identical 16-byte tail, multiple candidate roots ending with the same 4 bytes, and sqrt-number calculations that can affect difficulty and independence of PoW executions. Conn...

Active vs. Passive Server Monitoring

Server monitoring is a requirement, not a choice. It is used for your entire software stack, web-based enterprise suites, custom applications, e-commerce sites, local area networks, etc. Unmonitored servers are lost opportunities for optimization, difficult to maintain, more unpredictable, and mo...

(Pwn2Own) Apple Safari B3 Optimization Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of B3...

Design/Logic Flaw

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...

Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to...

Apple WebKit Safari 10.0.2(12602.3.12.0.1) - operationSpreadGeneric Universal Cross-Site Scripting

Apple WebKit Safari 10.0.212602.3.12.0.1 - operationSpreadGeneric Universal Cross-Site Scripting 'use strict'; function spreada return ...a; let arr = Object.create1, 2, 3, 4; for let i = 0; i f.onload = null; try spreadf.contentWindow; catch e e.constructor.constructor'alertlocation'; ; f.src =...

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

UBUNTU-CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

CVE-2017-7892

CVE-2017-7892 affects Sandstorm Cap'n Proto / capnpproto prior to 0.5.3.1. The vulnerability stems from compiler optimization interacting with Cap'n Proto’s pointer arithmetic, allowing overflow in 32-bit builds and leading to remote crashes (segmentation fault) when processing crafted far pointe...

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

CVE-2017-6417

CVE-2017-6417 is a local code-injection vulnerability in Avira products (Total Security Suite 15.0 and earlier, Optimization Suite 15.0 and earlier, Internet Security Suite 15.0 and earlier, Free Security Suite 15.0 and earlier) enabling a local attacker to bypass the vendors’ self-protection and...

Microsoft Edge Charkra Incorrect Jit Optimization Exploit

Exploit for windows platform in category dos / poc Microsoft Edge: Chakra incorrect jit optimization with TypedArray setter. CVE-2017-0071 PoC: "use strict"; function funca, b, c a0 = 1.2; b0 = c; a0 = ; ----------------------- 2 return 0; ; a0.toString; main; In the above code, Chakra assumes th...

Microsoft Edge Charkra Incorrect Jit Optimization

Microsoft Edge: Chakra incorrect jit optimization with TypedArray setter. CVE-2017-0071 PoC: "use strict"; function funca, b, c a0 = 1.2; b0 = c; a0 = ; ----------------------- 2 return 0; ; a0.toString; main; In the above code, Chakra assumes that the type of |a| will be still a native float arr...

Virtual Desktop Optimization

...

[SECURITY] Fedora 25 Update: drupal7-metatag-1.21-1.fc25

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

[SECURITY] Fedora 24 Update: drupal7-metatag-1.21-1.fc24

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...