CVE-2016-5039

The getattrvalue function in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted object with all-bits on...

UBUNTU-CVE-2016-8676

The getvlc2 function in getbits.h in Libav 11.9 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675...

Weak Diffie-Hellman Handshake Due To Truncated Secret Length

libssh2 is vulnerable to weak handshakes. The vulnerability happens because diffiehellmansha256 function in kex.c in libssh2 generates secret key of length 128 or 256 bits instead of 1023 or 2047 bits, allowing the attackers to intercept or decrypt SSH sessions using bits/bytes confusion bug...

DEBIAN-CVE-2017-5225

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value...

Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits

Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft website...

Cumulative Update for Windows 10: January 12, 2016

Cumulative Update for Windows 10: January 12, 2016 Summary This security update for Windows 10 includes improvements in the functionality of Windows 10 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security Update for Windows kernel to address elevation of privilege:...

Cumulative Update for Windows 10 Version 1511: January 12, 2016

Cumulative Update for Windows 10 Version 1511: January 12, 2016 Summary This security update for Windows 10 Version 1511 includes improvements in the functionality of Windows 10 Version 1511 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security update for Windows kerne...

MacOS Kernel < 10.12.2 / iOS < 10.2 - Broken Kernel Mach Port Name uref Handling Privileged Po

Exploit for multiple platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=959 Proofs of Concept: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40957.zip When sending and receiving mach messages from userspa...

unsorted bin attack analysis-vulnerability warning-the black bar safety net

One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...

CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...

CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...

Internet Bug Bounty: memcpy negative size parameter in php_resolve_path

Upstream Bug --- https://bugs.php.net/bug.php?id=73189 Summary -- Multiple PHP functions are vulnerable to negative size parameter in memcpy call through phpresolvepath. Some of the affected functions are: filegetcontents, fileputcontents, file, readfile, getmetatags, gzopen, readgzfile, gzfile,...

GLSA-201610-04 : libgcrypt: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201610-04 libgcrypt: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libgcrypt. Please review the CVE identifiers referenced below for details. Impact : Side-channel attacks can leak private key...

CVE-2016-3622

The fpAcc function in tifpredict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero error via a crafted TIFF image...

Facebook releases Osquery Security Tool for Windows

OSquery, an open-source framework created by Facebook that allows organizations to look for potential malware or malicious activity on their networks, was available for Mac OS X and Linux environments until today. But now the social network has announced that the company has developed a Windows...

Matroschka - Python Steganography Tool To Hide Images Or Text In Images

Матрёшка mɐˈtrʲɵʂkə is a command-line steganography tool written in pure Python. You can use it to hide and encrypt images or text in the least significant bits of pixels in an image. Encryption The encryption uses HMAC-SHA256 to authenticate the hidden data. Therefore the supplied MAC password i...

USN-3065-1 libgcrypt11, libgcrypt20 vulnerability

Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...

USN-3064-1 gnupg vulnerability

Felix Dörre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...

libtiff: out-of-bounds read/write with malformed TIFF image in tiff2pdf

LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tifnext.c to verify that the BitsPerSample value is 2, and the t2psamplelabsignedtounsigned function in tiff2pdf...

swfstrings swf_GetBits function 't-data' denial of service vulnerability

SWFTools is a set of software tools for SWF manipulation and creation of utility authoring. swfstrings is a text parsing tool. swftools0.9.2 and previous versions of swfstrings program swfGetBits function 't-data' is empty, resulting in access to the contents of the null pointer, triggering a...