8293 matches found
Bypassing VirtualBox Process Hardening on Windows
Posted by James Forshaw, Project Zero Processes on Windows are securable objects, which prevents one user logged into a Windows machine from compromising another user’s processes. This is a pretty important security feature, at least from the perspective of a non-administrator user. The security...
CVE-2017-8257
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sderotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use...
Design/Logic Flaw
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sderotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use...
CVE-2017-8257
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sderotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use...
Threat Round-up for Aug 11 - Aug 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between August 11 and August 18. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior...
Salt win_useradd, salt-cloud and Linode driver information disclosure vulnerabilities
Salt aka SaltStack is a set of open source tools for managing infrastructure from SaltStack, Inc. winuseradd one of the user creation component; salt-cloud is a virtual machine configuration component; Linode driver is a server driver. A security vulnerability exists in winuseradd, salt-cloud, an...
Microsoft Edge - Out-of-Bounds Access when Fetching Source Exploit
Exploit for windows platform in category dos / poc // The attached JavaScript file causes an out-of-bounds access of the source buffer when fetching the source for one of the functions during delayed compilation. The out-of-bounds value is then treated as the pointer to the source. This is likely...
Microsoft Edge Chakra - 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule' Incorrectly Re-parses
GetOriginalEntryPoint : nullptr; if this-pCurrentFunction && this-pCurrentFunction-IsFunctionParsed Assertthis-pCurrentFunction-StartInDocument == pnode-ichMin; pCurrentFunction" is the consturctor, but "pnode" refers to the method "f". PoC: -- class MyClass fa printa; constructor 'use asm';...
Microsoft Edge - Out-of-Bounds Access when Fetching Source
Microsoft Edge - Out-of-Bounds Access when Fetching Source // The attached JavaScript file causes an out-of-bounds access of the source buffer when fetching the source for one of the functions during delayed compilation. The out-of-bounds value is then treated as the pointer to the source. This i...
Microsoft Edge Chakra - InterpreterStackFrame::ProcessLinkFailedAsmJsModule Incorrectly Re-parses
Microsoft Edge Chakra - InterpreterStackFrame::ProcessLinkFailedAsmJsModule Incorrectly Re-parses GetOriginalEntryPoint : nullptr; if this-pCurrentFunction && this-pCurrentFunction-IsFunctionParsed Assertthis-pCurrentFunction-StartInDocument == pnode-ichMin; pCurrentFunction" is the consturctor,...
Microsoft Edge Chakra - TryUndeleteProperty Incorrect Usage (Denial of Service)
Microsoft Edge Chakra - TryUndeleteProperty Incorrect Usage Denial of Service ::NoSlots return false; propertyIndex = deletedPropertyIndex; deletedPropertyIndex = staticcastTaggedInt::ToInt32object-GetSlotdeletedPropertyIndex; return true; bool...
Microsoft Edge Chakra TryUndeleteProperty Incorrect Usage
Microsoft Edge: Chakra: Incorrect usage of TryUndeleteProperty CVE-2017-8635 Chakra implemented the reuse of deleted properties of an unordered dictionary object with the following code. bool SimpleDictionaryUnorderedTypeHandler::TryReuseDeletedPropertyIndex DynamicObject const object,...
I Recommend This <= 3.8.1 - Authenticated SQL Injection
Plugin description: "This plugin allows your visitors to simply like/recommend your posts instead of comment on it." Active installs according to https://wordpress.org/plugins/i-recommend-this/: 40.000+ It's possible to inject SQL into the dotrecommends shortcode, if the check for IP addresses is...
PYSEC-2017-71
winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...
Design/Logic Flaw
winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...
UBUNTU-CVE-2015-6941
winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...
CVE-2015-6941
winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...
CVE-2015-6941
winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...
CVE-2015-6941
Salt CVE-2015-6941 affects Salt 2015.5.x before 2015.5.6 and 2015.8.x before 2015.8.1, where win_useradd, salt-cloud and the Linode driver leak password information in debug logs. Impact: password information is exposed in logs. Remediation: upgrade to Salt 2015.5.6 or 2015.8.1 as indicated by th...
CVE-2015-6941
Removed by vendor...