96 matches found
`array!` macro is unsound when its length is impure constant
Affected versions of this crate did substitute the array length provided by an user at compile-time multiple times. When an impure constant expression is passed as an array length such as a result of an impure procedural macro, this can result in the initialization of an array with uninitialized...
Embedded security fails in ICS
Over the last 5 years, we’ve seen an increasing use of open-source software in ICS Industrial Control Systems devices, with a move away from traditional RTOS Real Time Operating System and proprietary software. We’ve seen RTUs Remote Terminal Units, HMIs Human-Machine Interfaces and even PLCs...
AZL-6306 CVE-2016-1585 affecting package apparmor for versions less than 2.13-16
In all versions of AppArmor mount rules are accidentally widened when compiled...
pcre: Out-of-bounds read in compile_bracket_matchingpath function (8.41/3)
The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression...
DEBIAN-CVE-2015-5195
ntpopenssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service segmentation fault via a crafted statistics or filegen configuration command that is not enabled during compilation...
Fedora 25 : qt5-qtwebengine (2017-ae1fde5fb8)
This update updates QtWebEngine to the 5.8.0 release. QtWebEngine 5.8.0 is part of the Qt 5.8.0 release, but only the QtWebEngine component is included in this update. The update fixes the following security issues in QtWebEngine 5.7.1: CVE-2016-5182, CVE-2016-5183, CVE-2016-5189, CVE-2016-5199,...
Microsoft Tears off the Band-Aid with EMET
Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit EMET. But for some time, the once-useful tool has been well on its way out to pasture. While EMET was never meant to be anything more than stopgap...
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
Design/Logic Flaw
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
PT-2016-7317
Name of the Vulnerable Software and Affected Versions Crypto++ versions through 5.6.4 Description The issue concerns the lack of documentation for a compile-time definition that disables assert calls, potentially allowing attackers to obtain sensitive information from process memory after an...
Bash: How to open TCP/UDP sockets
How to open TCP/UDP sockets using a built-in feature in Bash ? Bash shell has a built-in feature that allows to open TCP/UDP sockets using a simple syntax. This is very useful when tools like netcat are not installed or we don’t have the permission to use it. The syntax is $ exec...
Security Oriented Fuzzer: American Fuzzy Lop
American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage fo...
PEframe - Tool to perform static analysis on Portable Executable malware
PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...
Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
This vulnerability allows remote attackers to violate security policies on vulnerable installations of Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must run a malicious applet. The specific flaw allows malicious applets to connect to network...
CVE-2004-0256
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp...
Symlink Vulnerability in GNU libtool <1.5.2
Vulnerable: libtool 1.5.2 Not Vulnerable: libtool 1.5.2 Project website: http://www.gnu.org/software/libtool/libtool.html Description of libtool from website: "GNU libtool is a generic library support script. Libtool hides the complexity of using shared libraries behind a consistent, portable...