Command injection

A service which is hosted on port 6998 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...

CVE-2019-3026

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2019-2962

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-17662

ThinVNC 1.0b1 is vulnerable to an arbitrary file read via a ../../ThinVnc.ini directory traversal, allowing an attacker to read the password file and bypass authentication even when authentication is enabled. The root cause is a directory traversal flaw that exposes the authentication file in cle...

Postenum - A Clean, Nice And Easy Tool For Basic/Advanced Privilege Escalation Techniques

Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. Postenum tool is intended to be executed locally on a Linux box. Be more than a normal user. be the ROOT. USE ./postenum.sh option ./postenum.sh -s ./postenum.sh -c Options : -a : All -s : Filesyst...

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

Ubuntu: Security Advisory (USN-4149-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libsass:data_context_fuzzer: Use-of-uninitialized-value in std::__1::vector<std::__1::vector<Sass::SharedImpl<Sass::ComplexSelector>, std::

Project: https://github.com/sass/libsass.git Detailed Report: https://oss-fuzz.com/testcase?key=5721443934928896 Project: libsass Fuzzing Engine: libFuzzer Fuzz Target: datacontextfuzzer Job Type: libfuzzermsanlibsass Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

HTTP response splitting in WEBrick (Additional fix)

If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. This is the same issue as CVE-2017-17742. The previous fix was incomplete, which addressed the...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

EulerOS 2.0 SP8 : wavpack (EulerOS-SA-2019-2095)

According to the versions of the wavpack package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults...

The vulnerability of the SVG object processing mechanism in browsers such as Firefox ESR, Firefox, and the email client Thunderbird allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the SVG object processing mechanism in browsers such as Firefox ESR, Firefox, and the email client Thunderbird is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service interruptions...

WordPress music-store plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. music-store is an online music store plugin used in it. A cross-site scripting vulnerability exists in WordPress music-store plugin...

Emotet is back: botnet springs back to life with new spam campaign

After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control C2 server activity. But this morning, the Trojan started...