CVE-2016-4470

The keyrejectandlink function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service system crash via vectors involving a crafted keyctl request2 command...

CVE-2016-4485

The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...

CVE-2016-4538

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the zero, one, or two global variable, which allows remote attackers to cause a denial of service or possibl...

RHEL 6 : openssl (RHSA-2016:0996)

An update for openssl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

UBUNTU-CVE-2015-4178

The fspin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service system crash by leveraging user-namespace root access for an MNTDETACH umount2 system call, related to...

CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

CVE-2016-2419

media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as...

Google Chrome memory misreference vulnerability (CNVD-2016-01504)

Google Chrome is a web browser developed by the American company Google Google. A memory misreference vulnerability exists in the content/browser/webcontents/webcontentsimpl.cc file in versions of Google Chrome prior to 49.0.2623.75. A remote attacker can exploit this vulnerability to cause a...

CVE-2016-1641

Removed by vendor...

UBUNTU-CVE-2016-1641

Use-after-free vulnerability in content/browser/webcontents/webcontentsimpl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as...

x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version

x8664 Linux shellreversetcp with Password - Polymorphic Version. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes...

Linux Kernel prima WLAN Driver Heap Overflow

/ Coder: Shawn the R0ck, [email protected] Co-worker: Pray3r, [email protected] Compile: arm-linux-androideabi-gcc wextpoc.c --sysroot=$SYSROOT -pie ./a.out wlan0 Boom......shit happens as always;- / include include include include include include include include typedef unsigned char vU8t; defin...

CVE-2015-8741

The dissectppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

USN-2841-1 linux vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

Commons Collections the Java deserialization vulnerability in-depth analysis-vulnerability warning-the black bar safety net

0x01 background This year so far Java the greatest influence on vulnerability than this period of time lasts a fiery CommonsCollections deserialization vulnerability. In 2 0 1 5 year 1 1 May 6, FoxGlove security team@breenmachine published a lengthy blog post, borrowed from Java deserialization,...

CVE-2015-7762

rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement ACK packet, which allows remote attackers to obtain sensitive information by 1 conducting a replay attack or 2 sniffing the network...

Code injection

rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement ACK packet, which allows remote attackers to obtain sensitive information by 1 conducting a replay attack or 2 sniffing the network...

CVE-2015-7762

OpenAFS contains a vulnerability CVE-2015-7762 where rx/rx.c does not properly initialize the padding of an Rx ACK packet, enabling potential plaintext disclosure via replay or network sniffing. Affected: OpenAFS prior to 1.6.15 and prior to 1.7.33. Impact: information disclosure of previously pr...

Code injection

coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app...

Hacking Team Android browser attacks during the vulnerability analysis Stage0-vulnerability warning-the black bar safety net

A, vulnerability introduction Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through javascript to the virtual memory writ...