CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Debian DSA-4201-1 : xen - security update

Multiple vulnerabilities have been discovered in the Xen hypervisor : - CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. - CVE-2018-10471 An error was discovered in the mitigations against Meltdown which...

Xen Denial of Service Vulnerability (CNVD-2018-10807)

Xen is an open source virtual machine monitor product developed by the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

DEBIAN-CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

CVE-2017-2802

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. ...

CVE-2017-2802

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. ...

Design/Logic Flaw

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. ...

CVE-2017-2802

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. ...

CVE-2017-2802

Dell Precision Optimizer contains a local privilege escalation in the PPO service (poaService.exe) via dll hijacking. The ati.dll loads atiadlxx.dll, which is not present in the installation directory; the loader searches directories on PATH for a matching dll, allowing an attacker with local acc...

Wireshark epan/dissectors/packet-pcp.c file memory leak vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the epan/dissectors/packet-pcp.c file in Wireshark...

Google Android High-precision timers component information disclosure vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA.High-precision timers are used in one of the precision timer plug-ins. An information disclosure vulnerability exists in the High-precision timers component of Android. A remote...

DNS Traffic Capture: DNSCAP

dnscap is a network capture utility designed specifically for DNS traffic. It produces binary data in pcap3 and other format. This utility is similar to tcpdump1, but has a number of features tailored to DNS transactions and protocol options. DNS-OARC uses dnscap for DITL data collections. Some o...

RedLogin - SSH Brute-force Tools

Red Login: SSH Brute-force Tools. Features: High speed and precision CLI Console based Run the arbitrary command after the attack is successful Default 'Uname -a' Telegram messanger support for sending reports via bot API Usage: Redlogin.exe Optional -telegram == List of targets ip list == List o...

Dell Precision Optimizer Local Privilege Escalation Vulnerability(CVE-2017-2802)

Summary An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege...

Buffer underrun vulnerability in Kernel.sprintf

There is a buffer underrun vulnerability in the sprintf method of Kernel module. If a malicious format string which contains a precious specifier is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused. In such situation, the result may contains heap, or th...

DEBIAN-CVE-2015-5219

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service infinite loop via a crafted NTP packet...

CVE-2015-5219

CVE-2015-5219 affects the Network Time Protocol (NTP) SNTP components, specifically the sntp utility, prior to version 4.2.7p366. The root cause is an incorrect type conversion in the ULOGTOD function (precision → double) which can cause a crafted NTP packet to trigger an infinite loop in sntp, l...

Vulnerability Spotlight: Dell Precision Optimizer and Invincea Vulnerabilities

Vulnerabilities discovered by Marcin ‘Icewall’ Noga of Cisco Talos.OverviewTalos are releasing advisories for vulnerabilities in the Dell Precision Optimizer application service software, Invincea-X and Invincea Dell Protected Workspace. These packages are pre-installed on certain Dell systems...

The vulnerability of the Android operating system’s loading image processing service allows a hacker to cause the device to freeze and restart.

The vulnerability of the Android operating system’s image loading processing service arises from a loss of precision in integer arithmetic. Exploiting this vulnerability can allow an attacker to cause the device to freeze and restart remotely...

Dell Precision Optimizer Local Privilege Escalation Vulnerability

Summary An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege...