Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Improper Access Control in snipe/snipe-it

Description Regular users with DENY set to all models permissions can still view model information via the /models/id/clone endpoint due to no authorize'view' permission being set. Proof of Concept 1: Create regular user and set DENY to all permissions in asset models. 2: Login as the user 3:...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

How to Defend against App Impersonation in 2021

Most users who install applications through legitimate channels such as the Google Play Store or the Apple Store do so with complete trust that their information is safe from malicious attacks. This makes sense, because they’re the official app stores for across the globe. However, despite tight...

GitLab: RCE via WikiCloth markdown rendering if the `rubyluabridge` gem is installed

Summary One of the supported wiki formats is mediawiki which is rendered by WikiCloth via GitLab Markup: https://gitlab.com/gitlab-org/gitlab-markup/-/blob/v1.7.1/lib/github/markups.rbL24-28 ruby markup:wikicloth, /mediawiki|wiki/ do |content| wikicloth = WikiCloth::WikiCloth.new:data = content...

Smuggler - An HTTP Request Smuggling / Desync Testing Tool

An HTTP Request Smuggling / Desync testing tool written in Python 3 Acknowledgements A special thanks to James Kettle for his research and methods into HTTP desyncs And a special thanks to Ben Sadeghipour for beta testing Smuggler and for allowing me to discuss my work at Nahamcon 2020 IMPORTANT...

NewStart CGSL CORE 5.05 / MAIN 5.05 : git Vulnerability (NS-SA-2021-0141)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has git packages installed that are affected by a vulnerability: - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is simil...

USN-5116-2 linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...

USN-5116-1 linux, linux-bluefield, linux-gcp-5.4, linux-hwe-5.4, linux-kvm vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...

Fapro - Free, Cross-platform, Single-file mass network protocol server simulator

FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services. The goal is to support as many protocols as possible, and support as many deep interactions as possible for each protocol. Features Supported Running Modes: Local Machine Virtual Network Supported Protocols:...

GHSA-FHV8-FX5F-7FXF Prototype Pollution in the merge and clone helper methods

Impact Using merge and clone helper methods in the src/core/util.ts module will have prototype pollution. It will affect the popular data visualization library Apache ECharts, which is using and exported these two methods directly. Patches It has been patched in...

Prototype Pollution

zrender is vulnerable to prototype pollution. An attacker is able to inject malicious property using merge and clone helper methods in the src/core/util.ts causing prototype pollution via proto...

PT-2021-22477 · Apache · Apache Echarts

Name of the Vulnerable Software and Affected Versions: ZRender versions prior to 5.2.1 Apache ECharts versions prior to 5.2.1 Description: The issue results in prototype pollution when using merge and clone helper methods in the src/core/util.ts module. It affects Apache ECharts, which uses and...

Fedora: Security Advisory for partclone (FEDORA-2021-4dd269a76c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 33 Update: partclone-0.3.17-4.fc33

Partclone provides utilities to clone and restore used blocks on a partition and is designed for higher compatibility of the file system by using existing libraries, e.g. e2fslibs is used to read and write the ext2 partition...

[SECURITY] Fedora 34 Update: partclone-0.3.17-4.fc34

Partclone provides utilities to clone and restore used blocks on a partition and is designed for higher compatibility of the file system by using existing libraries, e.g. e2fslibs is used to read and write the ext2 partition...