The vulnerability of Xen hypervisors allows a perpetrator to obtain confidential information or cause service failures.

The vulnerability of Xen hypervisors is related to insufficient checking of the ports accessed by the attackers. Exploiting this vulnerability can allow a remote attacker to cause service failures or obtain confidential information such as changing the zero pointer...

IBM Informix 12.10 DB-Access Buffer Overflow Exploit

IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to inse...

SUSE-SU-2017:1812-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-10911: blkif responses leaked backend stack data, which allowed unprivileged guest to obtain sensitive information from the host or other guests XSA-216, bsc1042863 - CVE-2017-10912: Page transfer might have...

SUSE-SU-2017:1777-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate authentication bypass. bnc1041445 - CVE-2015-4680: Add a configuration option to allow checking of all intermediate certificates for revocations. bnc935573 The...

Cross-site Request Forgery (CSRF)

Moodle is vulnerable to cross-site request forgery CSRF attacks. These attacks are possible because it does not have enough session checking in enrol/imsenterprise/importnow.php during import of IMS Enterprise identities. This can allow a malicious user to hijack administrator's authentication...

IBM DB2 Connect 9.7 < FP11 Special Build 36621 / 10.1 < FP6 Special Build 36610 / 10.5 < FP8 Special Build 36605 / 11.1.2 < FP2 Multiple Vulnerabilities (Windows)

According to its version, the installation of IBM DB2 Connect on the remote Windows host is either 9.7 prior to Fix Pack 11 Special Build 36621, 10.1 prior to Fix Pack 6 Special Build 36610, 10.5 prior to Fix Pack 8 Special Build 36605, or 11.1.2 prior to Fix Pack 2. It is, therefore, affected by...

The vulnerability of the Android operating system, which allows a hacker to bypass the certificate verification process

The vulnerability of the Android operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to bypass certificate verification...

The vulnerability of the Android operating system, which allows a hacker to bypass the certificate verification process

The vulnerability of the Android operating system is related to errors in pointer checking during the execution of system calls for QTEE. Exploiting this vulnerability allows a remote attacker to bypass certificate verification...

IBM Db2 Command Line Processor Buffer Overflow Vulnerability (Jun 2017)

IBM Db2 is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescription...

CVE-2017-1297

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 includes DB2 Connect Server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159...

Stack overflow

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 includes DB2 Connect Server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159...

CVE-2017-1297

CVE-2017-1297 affects IBM DB2 for Linux/UNIX/Windows (including DB2 Connect Server). The vulnerability is a stack-based buffer overflow caused by improper bounds checking in the CLP path, which could allow a local attacker to execute arbitrary code. In affected IBM DB2 LUW releases (notably 9.2/1...

Arbitrary Object Creation And Arbitrary Code Execution

mathjs is vulnerable to arbitrary object creation and arbitrary code execution attacks. The attacks exist because it does not properly check whether the methods being called are safe methods i.e., the method being called is not defined on the the prototype of the native object. For example,...

Updated libytnef packages fix security vulnerabilities

Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat fi...

MGASA-2017-0174 Updated libytnef packages fix security vulnerabilities

Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat fi...

LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing

LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1206 Missing bounds-checking in AVI stream parsing When parsing AVI files, CAVIFileParser uses the stream count from the AVI header to allocate backing storage for storing...

LG MRA58K - &#039;ASFParser::ParseHeaderExtensionObjects&#039; Missing Bounds-Checking

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1222 There is a memcpy in ASFParser::ParseHeaderExtensionObjects which doesn't check that the size of the copy is smaller than the size of the source buffer, resulting in an out-of-bounds heap read. The vulnerable code appears to b...

Apple macOS 10.12.3 / iOS < 10.3.2 - Userspace Entitlement Checking Race Condition Exploit

Exploit for multiple platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1223 One way processes in userspace that offer mach services check whether they should perform an action on behalf of a client from which they have received a message is by...

Easy Chat Server 3.1 Buffer Overflow

Exploit Title: Easy Chat Server User Registeration Buffer Overflow SEH Date: 09/10/2017 Software Link: http://echatserver.com/ecssetup.exe Exploit Author: Aitezaz Mohsin Vulnerable Version: v2.0 to v3.1 Vulnerability Type: Buffer Overflow Severity: Critical Tested on: Windows XP Sp3 Eng...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system is related to insufficient checking of descriptors. Exploiting this vulnerability can allow a local attacker to enhance their privileges through a specially created application...