[SECURITY] Fedora 44 Update: python-pycparser-2.22-8.fc44

pycparser is a complete parser for the C language, written in pure Python. It is a module designed to be easily integrated into applications that need to parse C source code...

[SECURITY] Fedora 41 Update: xmedcon-0.25.3-1.fc41

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

[SECURITY] Fedora 43 Update: xmedcon-0.25.3-1.fc43

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

Fuzzing iOS code on macOS at native speed

Or how iOS apps on macOS work under the hood Posted by Samuel Groß, Project Zero This short post explains how code compiled for iOS can be run natively on Apple Silicon Macs. With the introduction of Apple Silicon Macs, Apple also made it possible to run iOS apps natively on these Macs. This is...

SUPERNOVA malware discovered on SolarWinds Orion server

The Cybersecurity and Infrastructure Security Agency CISA has reported finding the SUPERNOVA web shell collecting credentials on a SolarWinds Orion server. These observations were made during an incident response to an Advanced Persistent Threat APT actor’s year-long compromise of an enterprise...

Flawfinder - A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code

This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential security flaws. It can be a useful tool for examining software for vulnerabilities, and it can also serve as a simple introduction to static source code analysis tools more...

Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation

Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1079 Windows: Runtime Broker ClipboardBroker EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: The Runtime...

Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)

Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation MS16-124 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=871 Windows: NtLoadKeyEx Read Only Hive Arbitrary File Write EoP Platform: Windows 10 10586 not tested 8.1 Update 2 or Windows 7...

Triangle MicroWorks Improper Input Validation

OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in multiple Triangle MicroWorks’ products and third‑party components. Triangle MicroWorks has produced an update that mitigates this vulnerability. Adam Crain has...

linux/x86 setuid(0) & execve(/bin/sh,0,0) shellcode 27 bytes

No description provided by source. ----------- C Source Code ----------- / Smallest GNU/Linux x86 setuid0 && execve"/bin/sh",0,0 Shellcode without NULLs Coded by Chema Garcia aka sch3m4 + [email protected] + http://opensec.es Shellcode Size: 27 bytes Date: 13/11/2008 / include stdio.h const char...

CVE-2008-2310

Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service application crash via a crafted string in 1 C++ or 2 Java source code...

CVE-2008-2310

Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service application crash via a crafted string in 1 C++ or 2 Java source code...