graphicsmagick/coder_XCF_fuzzer: Use-of-uninitialized-value in AlphaCompositePixel

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5069895264894976 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderXCFfuzzer Fuzz target binary: coderXCFfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...

NEW: Vulnerability and Assessment Scanning for Your AWS Cloud Databases

Scuba is a free and easy-to-use tool that uncovers hidden security risks. Scuba is frequently updated with content from Imperva’s Defense Center researchers. With Scuba you can: Scan enterprise databases for vulnerabilities and misconfigurations Identify risks to your databases Get recommendation...

skia/path_deserialize: Heap-buffer-overflow in SkPath::moveTo

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5078673775394816 Project: skia Fuzzer: libFuzzerskiapathdeserialize Fuzz target binary: pathdeserialize Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...

[SECURITY] Fedora 26 Update: monit-5.25.1-1.fc26

monit is a utility for managing and monitoring, processes, files, directori es and devices on a UNIX system. Monit conducts automatic maintenance and repa ir and can execute meaningful causal actions in error situations...

Dr. Mine - Tool To Aid Automatic Detection Of In-Browser Cryptojacking

Dr. Mine is a node script written to aid automatic detection of in-browser cryptojacking. The most accurate way to detect things that happen in a browser is via browser itself. Thus, Dr. Mine uses puppeteer to automate browser thingy and catches any requests to online cryptominers. When a request...

[SECURITY] Fedora 27 Update: torbrowser-launcher-0.2.9-1.fc27

Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...

February 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

February 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

February 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution

LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution Via Binary Path Manipulation Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free document management system that is designe...

WordPress Update Breaks Automatic Update Feature—Apply Manual Update

WordPress administrators are once again in trouble. WordPress version 4.9.3 was released earlier this week with patches for a total 34 vulnerabilities, but unfortunately, the new version broke the automatic update mechanism for millions of WordPress websites. WordPress team has now issued a new...

[SECURITY] Fedora 26 Update: clamav-0.99.3-1.fc26

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 27 Update: clamav-0.99.3-1.fc27

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 26 Update: clamav-0.99.2-18.fc26

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

libreoffice/htmlfuzzer: Bad-cast to SwTableBox from SwClient in DelBoxNode

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=4979545733070848 Project: libreoffice Fuzzer: libFuzzerlibreofficehtmlfuzzer Fuzz target binary: htmlfuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash...

Autorize - Automatic Authorization Enforcement Detection Extension For Burp Suite

Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert, and Federico Dotta, a security expert at Mediaservice.net. Autorize was designed to help security testers by performing automatic...

curl/curl_fuzzer_http: Index-out-of-bounds in fuzz_handle_transfer

Detailed report: https://oss-fuzz.com/testcase?key=5049873339514880 Project: curl Fuzzer: libFuzzercurlfuzzerhttp Fuzz target binary: curlfuzzerhttp Job Type: libfuzzerubsancurl Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: fuzzhandletransfer curlfuzzer.cc...

open62541/fuzz_binary_message: Heap-use-after-free in UA_SecureChannel_deleteMembersCleanup

Project: https://github.com/open62541/open62541.git Detailed report: https://oss-fuzz.com/testcase?key=5921003369660416 Project: open62541 Fuzzer: aflopen62541fuzzbinarymessage Fuzz target binary: fuzzbinarymessage Job Type: aflasanopen62541 Platform Id: linux Crash Type: Heap-use-after-free READ...

Fedora 27 : libidn2 (2017-09b1c3f099)

Libidn2 2.0.4 released 2017-08-30 =================================== - Fix integer overflow in bidi.c/isBidi - Fix integer overflow in punydecode.c/decodedigit - Improve docs - Fix idnafree to idnfree - Update fuzzer corpora Note that Tenable Network Security has extracted the preceding...

PyroBatchFTP < 3.19 - Buffer Overflow

============================================= MGC ALERT 2018-001 - Original release date: December 22, 2017 - Last revised: January 12, 2018 - Discovered by: Manuel García Cárdenas - Severity: 7,5/10 CVSS Base Score ============================================= I. VULNERABILITY...