4310 matches found
USN-3625-1 perl vulnerabilities
It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...
Solving Ad-hoc Problems with Hex-Rays API
Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is possible to extend it and include a powerful decompiler by purchasing an additional license from Hex-Rays. The ability to switch between disassembled a...
Solving Ad-hoc Problems with Hex-Rays API
Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is possible to extend it and include a powerful decompiler by purchasing an additional license from Hex-Rays. The ability to switch between disassembled a...
tcpdump: Heap buffer overflow in the EXTRACT_16BITS function
tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...
CVE-2017-18224
A flaw was found in the Linux kernel that fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode. This allows local users to cause a denial of service by modifying a certain ecpos field...
CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...
DEBIAN-CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...
CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...
CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...
CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Joyent SmartOS SMBIOC_TREE_RELE elevation of privilege vulnerability
Joyent SmartOS is a set of open source operating system from Joyent, USA. A security vulnerability exists in the SMBIOCTREERELE ioctl in Joyent SmartOS release-20170803-20170803T064301Z, which stems from a program's failure to detect the existence of an object before performing an operation on it...
The vulnerability of the operatorGroupTreeSelectContent.xhtml component on the HPE Intelligent Management Center PLAT software platform allows a attacker to execute arbitrary code.
The vulnerability of the operatorGroupTreeSelectContent.xhtml component in the HPE Intelligent Management Center PLAT software platform is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code using the...
CVE-2017-18193
fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...
kingstree.familytreeguide.com XSS vulnerability
Open Bug Bounty ID: OBB-560183 Description| Value ---|--- Affected Website:| kingstree.familytreeguide.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Fedora 26 : kernel (2018-57e732b89f)
The 4.14.18 stable update contains a number of important fixes across the tree, including some additional spectre mitigation. ---- The 4.14.17 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description bloc...
Open Source Static Code Analyser: StaCoAn
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL’s of API’s Decryption keys Major coding...
CVE-2018-3607
XXXTreeNode method SQL injection remote code execution RCE vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations...
Taxonomy Term Reference Tree Widget - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-006
This module provides an expandable tree widget for the Taxonomy Term Reference field in Drupal 7. The module doesn't sufficiently sanitize the output of its own defined field formatter. This vulnerability is mitigated by the fact that an attacker must have a role with the permission that allows t...
horton-family-tree.com XSS vulnerability
Open Bug Bounty ID: OBB-537432 Description| Value ---|--- Affected Website:| horton-family-tree.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...