Amazon Linux 2 : SDL (ALAS-2020-1500)

The version of SDL installed on the remote host is prior to 1.2.15-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1500 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave....

EulerOS Virtualization 3.0.2.2 : glusterfs (EulerOS-SA-2020-2187)

According to the versions of the glusterfs packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak...

tigervnc security update

CentOS Errata and Security Advisory CESA-2020:3875 An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

USN-4587-1 italc vulnerabilities

Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055...

Ubuntu 16.04 LTS : iTALC vulnerabilities (USN-4587-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4587-1 advisory. Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these...

spice and spice-gtk security update

spice 0.14.0-9.0.2.el79.1 - Add ARM support 0.14.0-9.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355 spice-gtk 0.35-5.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355...

spice and spice-gtk security update

spice 0.14.2-1.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355 spice-gtk 0.37-1.2 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355...

EulerOS Virtualization for ARM 64 3.0.6.0 : libXrender (EulerOS-SA-2020-2020)

According to the versions of the libXrender package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds...

Debian DLA-2385-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-3874 Kernel buffers allocated by the SCTP network protocol were not limited by the memory cgroup controller. A local user could potentially us...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2020-2119)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-2035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libXrender (EulerOS-SA-2020-2020)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-2090)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.CVE-2018-10805 - ImageMagick version 7.0.7-28...

Multiple buffer overflows in the printf functionality in SQLite as used in Apple iOS before 8.4 and OS X before 10.10.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

...

The Basics of Exploit Development 5: x86-64 Buffer Overflows

In this article we will be covering a technique similar to the one in the first installment of this series, however, with the twist in that this exploit will be of a 64-bit process running on Windows 10. Due to the nature of modern operating systems and the exploit mitigation techniques they...

CVE-2020-14936

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmpoiddecodeoid may overwrite memory areas beyond the provided...

CVE-2020-14936

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmpoiddecodeoid may overwrite memory areas beyond the provided...

CVE-2020-14935

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. When a bulk get...

CVE-2020-14934

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. If the number of variables in the request exceeds the...

pwntools

This is an offensive tool for exploit development and CTF Capture The Flag framework. The tool is called pwntools and is used for exploit development and CTF challenges. It provides a set of tools and libraries for exploiting vulnerabilities and solving CTF challenges. The tool is written in Pyth...