CVE-2021-25476

An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE...

PT-2021-16666 · Google · Widevine Ta Log

Name of the Vulnerable Software and Affected Versions: Widevine TA log versions prior to SMR Oct-2021 Release 1 Description: An information disclosure issue allows attackers to bypass the ASLR protection mechanism in TEE. This affects the Widevine TA log, enabling potential exploitation...

The vulnerability in the `drivers/net/ethernet/xilinx/xilinx_emaclite.c` component of the Linux operating system allows a hacker to bypass the ASLR protection mechanism.

The vulnerability in the drivers/net/ethernet/xilinx/xilinxemaclite.c component of the Linux kernel is related to the use of uninitialized memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism...

CVE-2021-40697

Adobe Framemaker versions 2019 Update 8 and earlier and 2020 Release Update 2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...

CVE-2021-39865

Adobe Framemaker versions 2019 Update 8 and earlier and 2020 Release Update 2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...

The vulnerability of the Network Time Protocol NTP, related to insufficient protection of service data, allows attackers to trigger a service failure.

The vulnerability of the Network Time Protocol NTP is related to insufficient protection of service data during port randomization. Exploiting this vulnerability can allow a malicious actor to cause service failures by connecting through port 123...

CVE-2021-36074

Adobe Bridge versions 11.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim mus...

UBUNTU-CVE-2021-36045

XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

PT-2021-7066 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw in the processing of received ICMP errors, specifically ICMP fragment needed and ICMP redirect, allows an off-path remote user to quickly scan open UDP ports and bypass the sour...

CVE-2021-36010

Adobe Illustrator version 25.2.3 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must ope...

Bantam - A PHP Backdoor Management And Generation tool/C2 Featuring End To End Encrypted Payload Streaming Designed To Bypass WAF, IDS, SIEM Systems

An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation tool. Features end to end encryption with request unique encryption keys, and payload streaming designed to bypass WAF, IDS, SIEM systems...

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e. the real IOMEM pointer).

...

AZL-6589 CVE-2021-38205 affecting package kernel for versions less than 5.10.78.1-1

drivers/net/ethernet/xilinx/xilinxemaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer i.e., the real IOMEM pointer...

UBUNTU-CVE-2021-38205

drivers/net/ethernet/xilinx/xilinxemaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer i.e., the real IOMEM pointer...

Use of a Broken or Risky Cryptographic Algorithm in serghey-rodin/vesta

✍️ Description uniqid does not generate cryptographically secure strings, even if it did, supplying it with mtrand would render it insecure as an attacker would be able to gain access to a victim's account by simply knowing when they logged in, this could be used as a mass-account-takeover vector...

PT-2021-3760

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows versions prior to 15.2.3 HF2 Description A remote code execution vulnerability in the SolarWinds Serv-U product allows a threat actor to gain privileged access to the...

kernel: ICMP rate limiting can be used for DNS poisoning attack

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...

SUSE: Security Advisory (SUSE-SU-2012:0642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0565-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...