Slack: Linux Desktop application slack executable does not use pie / no ASLR

The slack binary from the Linux desktop application is no position independent executable: $ file usr/lib/slack/slack usr/lib/slack/slack: ELF 64-bit LSB executable, x86-64, version 1 SYSV, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, stripped pie executables...

GHSA-C2VR-2C89-PH88 Downloads Resources over HTTP in node-bsdiff-android

Affected versions of node-bsdiff-android insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on th...

Hacking AIS

Maritime AIS, or ‘Automatic Identification System’ is used for broadcast and reception of vessel position and information alerts. It has proved invaluable since its introduction in the 1990s and has undoubtedly helped prevent many marine accidents, collisions and related incidents. Previous...

Siemens SPCanywhere App Vulnerabilities

OVERVIEW Karsten Sohr, Bernhard Berger, and Kai Hillmann from the TZI-Bremen, Kim Schlyter, Seyton Bradford, and Richard Warren from FortConsult, and Stefan Schuhmann have identified vulnerabilities in the Siemens SPCanywhere mobile application. Siemens has produced a new mobile application calle...

GHSA-PH8P-2G97-9654 Downloads Resources over HTTP in jstestdriver

Affected versions of jstestdriver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

PHP Scripts Mall Naukri/Shine/Jobsite Clone Script Denial of Service Vulnerability

PHP Scripts Mall Naukri/Shine/Jobsite Clone Script is a PHP and MySQL based job site system script by PHP Scripts Mall India. A denial of service vulnerability exists in PHP Scripts Mall Naukri/Shine/Jobsite Clone Script version 3.0.4. A remote attacker can exploit this vulnerability to cause a...

CVE-2018-15185

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service page update outage via crafted PHP and JavaScript code in the "Current Position" field...

CVE-2018-15185

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service page update outage via crafted PHP and JavaScript code in the "Current Position" field...

GHSA-M79W-4MQV-R39F windows-seleniumjar downloads Resources over HTTP

Affected versions of windows-seleniumjar insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution o...

ikst Downloads Resources over HTTP

Affected versions of ikst insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on the behavior of t...

Semrush: Stored XSS in '' Section and WAF Bypass

Summary Stored Cross-site Scripting XSS is the most dangerous type of Cross Site Scripting. Web applications that allow users to store data are potentially exposed to this type of attack. stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores...

CVE-2018-13843

An issue has been found in HTSlib 1.8. It is a memory leak in bgzfgetline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library such as test/testbgzf.c in the original report and is not a library issue...

CVE-2018-4855

CVE-2018-4855 affects Siemens SICLOCK TC100/TC400 (All versions). Root cause is unencrypted storage of passwords in client configuration files and during network transmission, enabling an attacker in a privileged position to obtain device access passwords. Public details describe an information d...

CVE-2016-10671

mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is ...

CVE-2016-10570

pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary ...

Remote code execution

selenium-download downloads the latest versions of the selenium standalone server and the chromedriver. selenium-download before 2.0.7 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the...

Remote code execution

ibmdb is an asynchronous/synchronous interface for node.js to IBM DB2 and IBM Informix. ibmdb before 1.0.2 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...

White House Eliminates Cybersecurity Position

The White House has eliminated the cybersecurity coordinator position. This seems like a spectacularly bad idea...

CVE-2018-10825

Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy BLE communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack...

Design/Logic Flaw

A vulnerability has been identified in Siveillance VMS Video for Android All versions V12.1a 2018 R1, Siveillance VMS Video for iOS All versions V12.1a 2018 R1. Improper certificate validation could allow an attacker in a privileged network position to read data from and write data to the encrypt...