1410 matches found
Microsoft Windows 'libjpeg' Information Disclosure Vulnerability (KB4015383)
This host is missing an important security update according to Microsoft Security update KB4015383 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
chicken -- multiple vulnerabilities
CHICKEN reports: CVE-2017-6949: Unchecked malloc call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault CVE-2017-9334: "length" crashes on improper lists CVE-2017-11343: The randomization factor of the symbol table was set before...
Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
UBUNTU-CVE-2017-5400
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
UBUNTU-CVE-2015-2877
DISPUTED Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection CAIN attack. NOTE: the vendor states...
The ASLR protection mechanism is a breakthrough attack technical analysis-vulnerability warning-the black bar safety net
Recently, hardware-based attacks have been started by Rowhammer memory leaks or bypass the address space layout randomization protection mechanisms to attack the system, these attacks are based on the processor's memory management unit MMU with a page table interactive interactive manner. These...
dirsearch - Brute Force Directories and Files in Websites
dirsearch is a simple command line tool designed to brute force directories and files in websites. Operating Systems supported Windows XP/7/8/10 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions -e|--extensions asp,php Reporting plain text, JSON...
The vulnerability of the Linux operating system, which allows a perpetrator to trigger a service failure or cause other effects
The vulnerability of the freelist-randomization function in the Linux operating system is related to errors in number processing. Exploiting this vulnerability can allow a malicious actor to cause service failures or other adverse effects locally...
Design/Logic Flaw
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
UBUNTU-CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities
Binary data 9928.prm...
PT-2017-1184 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.8.x through 4.9.x before 4.9.5 Linux kernel version 4.9.x before 4.9.5 Description: The freelist-randomization feature in the Linux kernel allows local users to cause a denial of service, resulting in duplicate freelis...
CVE-2016-8334
A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR...