250 matches found
CVE-2023-3943 Multiple buffer overflow in ZkTeco-based OEM devices
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects...
HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries And Systems
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. Its robust capabilities include thorough checks of various binary exploitation protection mechanisms, including Stack Canary, RELRO, randomizations ASLR, PIC,...
CVE-2024-4159 Protection mechanisms
Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information...
Protection mechanisms (CVE-2024-4159)
Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information...
Fedora 39 : python3.12 (2023-d577604e6a)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d577604e6a advisory. Security fix for CVE-2023-27043 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
CVE-2023-51764
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mail messages with ...
CVE-2023-6355
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug. This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b distributed in 9.00.1507 MR1, 8.90 prior to vCR8.90.231204a distributed in...
Siemens SICAM P850 and SICAM P855 Improper Neutralization of Input During Web Page Generation (CVE-2022-29882)
A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P855 All versions V3.00. Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses th...
GLSA-202305-16 : Vim, gVim: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202305-16 Vim, gVim: Multiple Vulnerabilities - Use after free in utfptr2char in GitHub repository vim/vim prior to 8.2.4646. CVE-2022-1154 - heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...
CVE-2021-3923
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...
K28622040: Python vulnerability CVE-2019-9948
Security Advisory Description urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call. CVE-2019-9948 Impac...
How to instrument system applications on Android stock images
By Vitor Ventura This post is the result of research presented at Recon Montreal 2022. Two slide decks are provided along with this research . One is the presentation showing the whole process and how to do it on Google Play Protect services. The other one is a workshop on how to do it on an...
CVE-2022-20696 Cisco SD-WAN vManage Software Unauthenticated Access to Messaging Services Vulnerability
A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. This vulnerability exists because the messaging...
Missing Cryptographic Step in OWASP Enterprise Security API for Java
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protectio...
Missing Cryptographic Step in OWASP Enterprise Security API for Java
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic...
GHSA-H892-X453-86WC Pippo RCE Vulnerability
Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling...
vim buffer overflow vulnerability (CNVD-2022-55222)
vim is a UNIX-based editor. vim versions prior to 8.2.4763 contain a buffer overflow vulnerability that stems from a failure to properly validate data boundaries when performing operations on memory in the software skiprange. An attacker could exploit this vulnerability to cause a software crash,...
Security Bulletin: Vulnerabilities in Open Source OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2177 CVE-2000-1254 CVE-2016-2178).
Summary Open Source OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...
Mageia: Security Advisory (MGASA-2014-0059)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Validation Bypass
Mozilla Firefox is vulnerable to validaiton bypass. does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting XSS protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210...