[SECURITY] Fedora 26 Update: mingw-libtasn1-4.12-1.fc26

libtasn1 is the ASN.1 library used in GNUTLS. This package contains the MinGW Windows cross compiled libtasn1 library...

[SECURITY] Fedora 26 Update: mingw-gnutls-3.5.11-1.fc26

GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...

DEBIAN-CVE-2016-10253

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the...

Security update for java-1_8_0-openjdk (important)

OpenJDK Java was updated to jdk8u111 icedtea 3.2.0 to fix the following issues: Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks bsc1005522 + S8156794: Extend data shari...

[SECURITY] Fedora 25 Update: mingw-gnutls-3.5.5-2.fc25

GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...

Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Overlayfs Privilege Escalation', 'Description' = %q This module attempts ...

Samsung Pay vulnerability in-depth analysis-vulnerability warning-the black bar safety net

2 0 1 6 7 1 4 number, from United States, California, Modesto Community College Salvador Mendoza published an article titled Samsung Pay:Tokenized Numbers, Flaws andIssues of the article, said the discovery of the Samsung Pay the Token of security. In the same year 8 on No. 4, which at the Black...

[SECURITY] Fedora 23 Update: glibc-arm-linux-gnu-2.24-2.fc23

This is a Cross Compiled version of the GNU C Library, which can be used to compile and link binaries for the arm-linux-gnu platform, instead of for the native platform...

[SECURITY] Fedora 24 Update: glibc-arm-linux-gnu-2.24-2.fc24

This is a Cross Compiled version of the GNU C Library, which can be used to compile and link binaries for the arm-linux-gnu platform, instead of for the native platform...

[SECURITY] Fedora 25 Update: glibc-arm-linux-gnu-2.24-2.fc25

This is a Cross Compiled version of the GNU C Library, which can be used to compile and link binaries for the arm-linux-gnu platform, instead of for the native platform...

Cross Platform DNS Recon Tool: Sonar

Sonar is a reconnaissance tool for enumerating sub domains. It was modeled after Knock and DNSRecon though explicitly not written in Python to avoid the limitations of threading and dependencies. Sonar is statically compiled meaning it has no dependencies and even dynamically builds the default...

[SECURITY] Fedora 23 Update: mingw-pcre-8.38-1.fc23

Cross compiled Perl-compatible regular expression library for use with ming w32. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regula...

PT-2018-12657

Name of the Vulnerable Software and Affected Versions libmspack versions prior to 0.7alpha Description An issue was discovered in mspack/chmd.c where it does not reject blank CHM filenames. Recommendations For versions prior to 0.7alpha, update to version 0.7alpha or later to resolve the issue. A...

Microsoft Compiled HTML Help Remote Code Execution

!/usr/bin/php pocEhsan Noreddini shot : http://ehsann.info/proof/MicrosoftCompiledHTMLhelpRCE.png Original Code : http://ehsann.info/exploit/5.txt video : http://ehsann.info/video/MicrosoftCompiledHTMLhelpRCE.mp4 print "Microsoft Compiled HTML Help - Remote Code Execution Exploit \r\n"; $port=80;...

The vulnerability of the Kaspersky Anti-Virus antivirus protection allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of Kaspersky Anti-Virus lies in the overflow of buffers in the stack. Exploiting this vulnerability can allow a malicious actor to cause service interruptions or execute arbitrary code during the scanning process using CHM files...

PT-2015-6598

Name of the Vulnerable Software and Affected Versions libmspack versions prior to 0.5 Description The issue concerns the chmd init decomp function in chmd.c, which does not properly validate the reset interval. This allows remote attackers to cause a denial of service, resulting in a divide-by-ze...

UBUNTU-CVE-2015-1326

python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...

[SECURITY] Fedora 21 Update: mingw-libgcrypt-1.6.3-1.fc21

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a Windows cross-compiled version of the library...

[SECURITY] Fedora 21 Update: mingw-gnutls-3.3.14-1.fc21

GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...

[SECURITY] Fedora 21 Update: mingw-libtasn1-4.4-1.fc21

libtasn1 is the ASN.1 library used in GNUTLS. This package contains the MinGW Windows cross compiled libtasn1 library...