CVE-2014-9964

In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality...

CVE-2016-7824

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...

CVE-2016-7824

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...

CVE-2016-7824

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors...

CVE-2017-7564

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service secure world panic via vectors involving debug exceptions and debug registers...

CVE-2017-7564

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service secure world panic via vectors involving debug exceptions and debug registers...

Authentication flaw

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service secure world panic via vectors involving debug exceptions and debug registers...

CVE-2017-7564

Technical details about CVE-2017-7564 are not publicly provided in the supplied connected documents; the available information only restates a denial-of-service risk in ARM Trusted Firmware up to version 1.3. Monitor for updates.

CVE-2017-7564

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service secure world panic via vectors involving debug exceptions and debug registers...

PT-2017-17802

Name of the Vulnerable Software and Affected Versions ARM Trusted Firmware versions prior to 1.4 Description The issue allows attackers in the normal world to cause a denial of service, specifically a secure world panic, by exploiting vectors related to debug exceptions and debug registers in the...

Frequently Asked Questions During NetScaler MAS Troubleshooting

Citrix ADM, formerly NetScaler MAS The following section lists some of the frequently asked questions during diagnosis and troubleshooting of NetScaler MAS issues: How to verify the NetScaler MAS build version using CLI and support file? How does MAS fetch all the dashboard related data from...

Automattic: SSRF and local file disclosure in https://wordpress.com/media/videos/ via FFmpeg HLS processing

Summary FFmpeg is a video encoding software that appears to be used by wordpress.com for video processing for paid accounts. FFmpeg is known to process HLS playlists that may contain references to external files. I was able to fire this feature using GAB2 subtitle chunks inside an AVI file. After...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

Information disclosure

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

Exploit for Code Injection in Samba

Basic Setup Install Samba version 4.5.9 https://download...

Exploit for Code Injection in Samba

Basic Setup Install Samba version 4.5.9 https://download...

CVE-2017-9138

There is a debug-interface vulnerability on some Tenda routers FH1202/F1202/F1200: versions before 1.2.0.20. After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering...

Design/Logic Flaw

There is a debug-interface vulnerability on some Tenda routers FH1202/F1202/F1200: versions before 1.2.0.20. After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering...