Flash - PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution

Source: https://code.google.com/p/google-security-research/issues/detail?id=224&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There’s an error in the PCRE engine version used in Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corrupti...

WebAssembly — New Standard for Powerful and Faster Web Apps

Google, Apple, Microsoft, and Mozilla have joined hands to create code for use in the future web browsers that promises up to 20 times faster performance. Dubbed WebAssembly or wasm for short, a project to create a new portable bytecode for the Web that will be more efficient for both desktop as...

MGASA-2015-0244 Updated redis package fixes security vulnerability

It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code CVE-2015-4335...

CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

DEBIAN-CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

UBUNTU-CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

Command injection

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

CVE-2015-4335

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

Debian DSA-3279-1 : redis - security update

It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

CVE-2015-4335 — Redis EVAL Lua Sandbox Escape

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command. Recent assessments: hrbrmstr at June 08, 2020 6:38pm UTC reported: Ben Murphy’s dissection — — is pretty thorough. Assessed Attacker Value: 5 Assessed Attacker Value: 5Assessed...

[SECURITY] [DSA 3279-1] redis security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3279-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini June 06, 2015 http://www.debian.org/security/faq -...

DSA-3279-1 redis - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3279-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Flash Player PCRE Regex Logic Error

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Adobe Flash Player PCRE Regex Vulnerability", 'Description' = %q This module exploits a vulnerability found in Adobe Flash Player. A...

Adobe Flash Player - PCRE Regex (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Adobe Flash Player PCRE Regex Vulnerability", 'Description' = %q This module exploits a vulnerability found in Adobe Flash Player. A...

OpenJDK Security Restriction Bypass Vulnerability

OpenJDK is the Java Platform, Standard Edition and related projects of the open source implementation of the collaborative platform . A security restriction bypass vulnerability exists in OpenJDK jarsigner. An attacker can exploit this vulnerability to bypass certain security restrictions because...

OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119)

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot...