CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...

CVE-2017-8905

CVE-2017-8905 affects Xen 4.6.x on 64-bit platforms. A failsafe callback is mishandled, which could allow a PV guest OS user to execute arbitrary code on the host (XSA-215). Connected sources confirm the issue and reference the XSA-215 advisory; SUSE notes CVE-2017-8905 in security updates. No ex...

CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...

CVE-2017-8304

An issue was discovered on Accellion FTA devices before FTA912180. courier/1000@/oauth/playground/callback.html allows XSS with a crafted URI...

ALPINE-CVE-2017-8301

LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSLgetverifyresult is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx...

Fedora 25 : php-pear-CAS (2017-2a90185a04)

Changes in version 1.3.5 - Security Fixes : - Fix possible authentication bypass in validateCAS20 228 Gregory Boddin - Bug Fixes : - Fix file permissions non-executable 177 Remi Collet - Fixed translations Greek and Japanese 192 ikari7789 - Fix errors under phpdbg 204 MasonM - Fix logout...

Fedora 24 : php-pear-CAS (2017-d9d620366e)

Changes in version 1.3.5 - Security Fixes : - Fix possible authentication bypass in validateCAS20 228 Gregory Boddin - Bug Fixes : - Fix file permissions non-executable 177 Remi Collet - Fixed translations Greek and Japanese 192 ikari7789 - Fix errors under phpdbg 204 MasonM - Fix logout...

DEBIAN-CVE-2017-8071

drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service deadlock via unspecified vectors...

ShadowBroker release of NSA tools in the Esteemaudit vulnerability reproduction process-vulnerability warning-the black bar safety net

Recently the infamous equation tissue kit again is disclosed, TheShadowBrokers in steemit. com blog provides related message. The following is one of Esteemaudit vulnerability reproduction process. Preparation IP System information Use Note 192.168.146.132 Windows xp Attack aircraft Need Ann...

Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)

We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k! NtUserPaintMenuBar system call, or more specifically, through the user32! fnINLPUAHDRAWMENUITEM user-mode callback 107 on Windows...

Microsoft Windows Kernel - win32kfull!SfnINLPUAHDRAWMENUITEM Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1192 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the...

Microsoft Windows Kernel - win32kfull!SfnINLPUAHDRAWMENUITEM Stack Memory Disclosure

Microsoft Windows Kernel - win32kfull!SfnINLPUAHDRAWMENUITEM Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1192 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10...

DEBIAN-CVE-2017-7618

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue...

UBUNTU-CVE-2017-7618

crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggering EBUSY on a full queue...

Apple WebKit JSCallbackData UXSS

Apple Webkit: UXSS with JSCallbackData CVE-2017-2442 Here is the definition of |JSCallbackData| class. This class is used to call a javascript function from a DOM object. class JSCallbackDataStrong : public JSCallbackData public: JSCallbackDataStrongJSC::JSObject callback, void :...

Apple Webkit - JSCallbackData Universal Cross-Site Scripting

Apple Webkit - JSCallbackData Universal Cross-Site Scripting globalObject-vm, callback JSC::JSObject callback return mcallback.get; JSDOMGlobalObject globalObject return JSC::jsCastmcallback-globalObject; JSC::JSValue invokeCallbackJSC::MarkedArgumentBuffer& args, CallbackType callbackType,...

Apple Webkit - 'JSCallbackData' Universal Cross-Site Scripting

globalObject-vm, callback JSC::JSObject callback return mcallback.get; JSDOMGlobalObject globalObject return JSC::jsCastmcallback-globalObject; JSC::JSValue invokeCallbackJSC::MarkedArgumentBuffer& args, CallbackType callbackType, JSC::PropertyName functionName, NakedPtr& returnedException return...

VK.com: Подмена SSL-сертификата для любой группы в секции Управление группой->Работа с API неавторизированным пользователем.

Недостаточная проверка при загрузке SSL-сертификата для Callback API...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:0714-1)

This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed bsc1028391 : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js...

CVE-2016-8863

Heap-based buffer overflow in the createurllist function in gena/genadevice.c in Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an...