Intel Trace Analyzer And Collector 缓冲区错误漏洞

Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. Intel Trace Analyzer and Collector suffers from a buffer error vulnerability that stems from a potential security flaw in Intel Trace Analyzer and...

Denial of Service in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. - Vulnerability ID: OTF-012 - Vulnerability type: Denial of Service - Threat level: Moderate Description: The receive mode...

[SECURITY] Fedora 33 Update: medusa-2.2-14.20181216git292193b.fc33

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. Flexible user input. Target information...

[SECURITY] Fedora 34 Update: medusa-2.2-17.20181216git292193b.fc34

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. Flexible user input. Target information...

gcc security and bug fix update

8.5.0-3.0.2 - Fix Orabug 33451471 and backport CTF/BTF enhancements ctfc: Free CTF container elements in ctfcdeletecontainer ctf: Do not warn for CTF not supported for GNU GIMPLE ICE in btffinalize when compiling with -gbtf PR debug/102507, Orabug 33451471 Reviewed-by: Jose E. Marchesi 8.5.0-3.0....

LeakDB - Web-Scale NoSQL Idempotent Cloud-Native Big-Data Serverless Plaintext Credential Search

LeakDB is a tool set designed to allow organizations to build and deploy their own internal plaintext "Have I Been Pwned"-like service. The LeakDB tool set can normalize, deduplicate, index, sort, and search leaked data sets on the multi-terabyte-scale, without the need to distribute large files ...

[SECURITY] Fedora 34 Update: condor-8.8.15-1.fc34

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

WARCannon - High Speed/Low Cost CommonCrawl RegExp In Node.js

WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl data Easily load Common Crawl datasets for parallel processing Scale compute capabilities to asynchronously crunch through WARCs at...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 PoC Introdução Este é um exploit para o CV...

PT-2021-8251 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the io init wq offload function of the Linux kernel's io uring component. This leak occurs when io uring enter is called in parallel, causing t...

Security Bulletin: IBM Spectrum Scale is affected by a security vulnerability (CVE-2016-0263)

Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2, V4.1 and IBM General Parallel File System V3.5, that could allow a local user, under special circumstances, to escalate their privileges or cause a denial of service when the mmapplypolicy comma...

Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by a security vulnerability (CVE-2016-0392)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow a local attacker to inject commands into setuid file parameters and execute commands as root. Vulnerability Details CVEID: CVE-2016-0392 DESCRIPTION: IBM General Parallel File...

Security Bulletin: IBM General Parallel File System is affected by security vulnerabilities (CVE-2015-0197, CVE-2015-0198, CVE-2015-0199)

Summary Security vulnerabilities have been identified in current levels of GPFS V4.1, V3.5, and V3.4: - could allow a local attacker which only has a non-privileged account to execute programs with root privileges CVE-2015-0197 - may not properly authenticate network requests and could allow an...

Security Bulletin: Vulnerability in RC4 stream cipher affects GPFS V3.5 for Windows (CVE-2015-2808) / Enabling weak cipher suites for IBM General Parallel File System is NOT recommended

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects OpenSSH for GPFS V3.5 for Windows. Additionally, with the recent attention to RC4 “Bar Mitzvah” Attack for SSL/TLS, this is a reminder to NOT enable weak or export-level cipher suites for IBM General Parallel File System GPFS. Vulnerability...

Out-of-bounds

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.Dequantize, an attacker can trigger a read from outside of bounds of heap allocated data. The...

PYSEC-2021-197

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.RaggedTensorToTensor. This is because the...

CVE-2021-21341

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 PoC Introduction This is an exploit for the...

curl: Data race conditions reported by helgrind when performing parallel DNS queries in libcurl

While running binary built from curl git repo file "docs/examples/10-at-a-time.c" under valgrind specifically with the helgrind tool, reports race condition in getaddrinfo calls. Using the latest curl/libcurl from github repo. From the valgrind documentation "Helgrind is a Valgrind tool for...

curl: Parallel upload hangs curl if upload file not found

Attempting to upload -T a not found file with parallel -Z flag present, will cause curl to get stuck and never terminate, potentially stalling scripts that make use of this particular flags. curl -T blabla-notexists -Z upload.example.com www.google.com www.cnn.com www.apple.com Same issue occurs ...