NSA Opens Github Account — Lists 32 Projects Developed by the Agency

The National Security Agency NSA — the United States intelligence agency which is known for its secrecy and working in the dark — has finally joined GitHub and launched an official GitHub page. The NSA employs genius-level coders and brightest mathematicians, who continually work to break codes,...

Freeware Advanced Audio Coder (FAAC) 1.28 - Denial of Service

Freeware Advanced Audio Coder FAAC 1.28 - Denial of Service Freeware Advanced Audio Coder FAAC multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= FAAC is an encoder for a lossy sound compression scheme specified in MPEG-2 Part 7 and MPEG-4 Part ...

Freeware Advanced Audio Coder (FAAC) 1.28 Denial Of Service

Freeware Advanced Audio Coder FAAC multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= FAAC is an encoder for a lossy sound compression scheme specified in MPEG-2 Part 7 and MPEG-4 Part 3 standards and known as Advanced Audio Coding AAC. This...

Freeware Advanced Audio Coder (FAAC) 1.28 - Denial of Service

Freeware Advanced Audio Coder FAAC multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= FAAC is an encoder for a lossy sound compression scheme specified in MPEG-2 Part 7 and MPEG-4 Part 3 standards and known as Advanced Audio Coding AAC. This...

Arbitrary shell execution

Security Advisory - This release contains a fix for a security advisory related to the improper handling of a shell command - A properly crafted filename would allow for arbitrary code execution when using the --filter=gitmodified command line option - All version 3 users are encouraged to upgrad...

Learn How to Code: Get 10 Best Online Training Courses for Just $49

Struggling to learn how to code? If you’re looking to 'learn how to code' and seeking a career as an expert-level programmer, you should know how to play with codes and make your own. It's no secret that mastering a coding language or two can put you at the top of the job market – thanks to the...

flash-plugin: multiple code execution issues fixed in APSB17-15

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

UBUNTU-CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

Memory corruption

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3068

CVE-2017-3068 is an Adobe Flash Player vulnerability affecting versions up to 25.0.0.148 (and earlier) where memory corruption in the Advanced Video Coding (AVC) engine could allow an attacker to execute arbitrary code. Several advisories note a remote code-execution risk via crafted SWF content ...

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution...

[ASA-201705-8] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201705-8 ========================================= Severity: Critical Date : 2017-05-09 CVE-ID : CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Package : flashplugin Type : arbitrary code execution Remote : Yes Li...

HE-AAC+ Codec aacplusenc.c File Denial of Service Vulnerability

HE-AAC+ Codec aka libaacplus is a library that provides audio codecs. A security vulnerability exists in the aacplusenc.c file in HE-AAC+ Codec version 2.0.2. A remote attacker could exploit this vulnerability to cause a denial of service application crash via a specially crafted audio file...

GLSA-201703-04 : cURL: Certificate validation error

The remote host is affected by the vulnerability described in GLSA-201703-04 cURL: Certificate validation error cURL and applications linked against libcurl support OCSP stapling, also known as the TLS Certificate Status Request extension using the CURLOPTSSLVERIFYSTATUS option. When telling cURL...

cURL: Certificate validation error

Background cURL is a tool and libcurl is a library for transferring data with URL syntax. Description cURL and applications linked against libcurl support “OCSP stapling”, also known as the TLS Certificate Status Request extension using the CURLOPTSSLVERIFYSTATUS option. When telling cURL to use...

FreeBSD : cURL -- ocsp status validation error (311e4b1c-f8ee-11e6-9940-b499baebfeaf)

The cURL project reports : SSLVERIFYSTATUS ignored curl and libcurl support 'OCSP stapling', also known as the TLS Certificate Status Request extension using the CURLOPTSSLVERIFYSTATUS option. When telling curl to use this feature, it uses that TLS extension to ask for a fresh proof of the server...