CrackMeJ1

This is a multi-staged crackme that implements several protections for antidebugging. Objective: Find the keys 3 to solve the crackme and make a keygen Hint: Run it on a VM :- / Crack Me by jSacco // This crack me uses antidebugging techniques such as: VM Detection , Traps and IsDebuggerPresent /...

BSA-2019-785

Security Advisory ID : BSA-2019-785 Component : BMC/IPMI Revision : 1.0: Initial The ASPEED ast2400 and ast2500 Baseband Management Controller BMC hardware and firmware implement Advanced High-performance Bus AHB bridges, which allow arbitrary read and write access to the BMC's physical address...

CVE-2018-13366

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol...

CVE-2018-13366

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol...

CVE-2018-13366

CVE-2018-13366 describes an information-disclosure in Fortinet FortiOS 6.0.1 and 5.6.7 and earlier, where the FortiGate serial number is exposed via the hostname field in PPTP connection-control setup packets. The root cause is the PPTP hostname field leaking device identity; impact is partial co...

CVE-2018-13366

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol...

Magic ISO Maker 5.5(build 281) - Serial Code Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: Magic Iso Maker 5.5build 281 - "Serial Code" Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.magiciso.com Software Link: http://www.magiciso.com/SetupMagicISO.exe Version: 5.5build 281 Tested on: Windows 10 Proof of Concept: 1.- Run t...

Magic ISO Maker 5.5(build 281) - Serial Code Denial of Service (PoC)

Magic ISO Maker 5.5build 281 - Serial Code Denial of Service PoC -- coding: utf-8 -- Exploit Title: Magic Iso Maker 5.5build 281 - "Serial Code" Denial of Service PoC Date: 03/04/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.magiciso.com Software Link:...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3933-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3933-1 advisory. It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range...

USN-3933-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3933-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an information leak vulnerability existed in the Bluetooth...

USN-3933-1: Linux kernel vulnerabilities

It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could possibly expose sensitive information kernel memory. CVE-2017-1000410 It was discovered that the USB serial device driver in the Linux...

CVE-2019-5518

VMware ESXi 6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001, Workstation 15.x before 15.0.4, 14.x before 14.1.7, Fusion 11.x before 11.0.3, 10.x before 10.1.6 contain an out-of-bounds read/write vulnerability in the virtual USB 1.1 UHCI Universal Host...

Huawei AP4050DN-E Improper Authentication Vulnerability

The Huawei AP4050DN-E is a wireless access point device from Huawei China. A security vulnerability exists in the Huawei AP4050DN-E prior to version V200R009C00, which originates from a program that fails to properly authenticate the serial port. An attacker can exploit the vulnerability to conne...

XHCI for EDK2 Buffer Overflow Vulnerability

XHCI for EDK2 is a USB 3.0 controller support used in EDK2. A stack overflow vulnerability exists in XHCI for EDK2. A local attacker could exploit this vulnerability to cause a denial of service...

openSUSE Security Update : qemu (openSUSE-2019-1005)

This update for qemu fixes the following issues : Security issue fixed : - CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb operations bsc1114529. Non-security issue fixed : - Fixed serial console issue that triggered a qemu-kvm bug bsc1108474. This update was imported from the...

Security Advisory - Improper Authentication Vulnerability in Some Huawei AP Products

There is an improper authentication vulnerability in some Huawei AP products. Due to the improper implementation of authentication for the serial port, an attacker could exploit this vulnerability by connecting to the affected products and run a series of commands. Vulnerability ID:...

CVE-2018-17167

PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Machine Host Name" or "Server Serial Number" field in the clustering configuration, 2 "name" field in the Edit Group configuration, 3 "Rule Name" field in the Access Control configuration, 4...

CAs Reissue Over One Million Weak Certificates

Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half th...

Intel USB 3.0 Creator Utility Privilege License and Access Control Vulnerability

Intel USB 3.0 Creator Utility is a tool for installing USB 3.0 drivers from Intel USA. A privilege-granting and access control vulnerability exists in the Intel USB 3.0 Creator Utility. An attacker could exploit the vulnerability to elevate privileges...

USN-3910-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflushmerge mount option correctly. An attacker could use this to cause a denial of service system crash. CVE-2017-18241 It was discovered that the procfs filesystem did not properly handle processes...