Directory Traversal

Symphony is vulnerable to directory traversal attacks. The read function in the bundle readers does not sanitize user input, allowing a malicious user to traverse the directory...

CVE-2017-16654: Intl bundle readers breaking out of paths

More info at https://symfony.com/cve-2017-16654...

Github Token Leak

Overview Affected versions of aegir bundle and publish the current users github token to npm when aegir-release is executed. Recommendation Update to version 12.0.8 or later. If you used this module to do a release for your project you should invalidate the GitHub tokens that were leaked...

Directory Traversal

contao/core-bundle is vulnerable to directory traversal attacks. A logged in, back-end user can include and exclude local PHP files through URL manipulation...

UPDATE: OWASP Dependency-Check 2.1.0!

PenTestIT RSS Feed My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.0! What I like about this release...

Many of My E-Books for Cheap

Humble Bundle is selling a bunch of cybersecurity books very cheaply. You can get copies of Applied Cryptography, Secrets and Lies, and Cryptography Engineering -- and also Ross Anderson's Security Engineering, Adam Shostack's Threat Modeling, and many others. This is the cheapest you'll ever see...

CVE-2017-1000037

RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically...

Ubuntu 14.04 LTS / 16.04 LTS : NSS vulnerabilities (USN-3270-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3270-1 advisory. Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker...

USN-3270-1: NSS vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key...

USN-3270-1 nss vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key...

libreoffice: Heap-use-after-free in Bundle::GetIndex

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5288817537843200 Project: libreoffice Fuzzer: libFuzzerlibreofficecgmfuzzer Fuzz target binary: cgmfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: Heap-use-after-fre...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability in the lvm/wrapper/Bundle/EffectBundle.cpp function of the libeffects service of the Android operating system’s audio server is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Man-in-the-Middle Via Usage Of Insecure Source

These libraries are vulnerable to man-in-the-middle MitM attacks. This is because they download binary resources via HTTP, allowing MitM attacks. Also, it may potentially cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...

CVE-2016-6517

Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E encoded dot dot in the minifierBundleDir parameter to barebone.jsp...

CVE-2016-9012

CloudVision Portal CVP before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle...

CVE-2016-9012

CloudVision Portal CVP before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle...

CVE-2017-0399

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...

CVE-2017-0402

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without...

CVE-2017-0399

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...

CVE-2017-0400

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without...