Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-debug-devel package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The libc6.1-dbg package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libxpm4-dbg package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-debug package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

CVE-2 0 1 5-7 5 4 7 analysis and use-vulnerability and early warning-the black bar safety net

0x01 analysis This vulnerability analysis and how to build a test environment k0 chef in seebug and mrh God in the drops of the articles are written very in detail, in the following reference to Annex A of the original address. I was standing on the shoulders of Giants to write some of your own i...

PT-2019-15837 · Luajit +3 · Luajit +3

Name of the Vulnerable Software and Affected Versions: LuaJIT versions 2.0.5 and earlier Moonjit versions prior to 2.1.2 Description: The issue involves a type confusion problem in the debug.getinfo function, which can lead to arbitrary memory write or read operations due to mishandling of certai...

Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...

Microsoft Windows Kernel - 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode applications via an undocumented gdi32!NamedEscape API...

Microsoft Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Microsoft Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption MS16-074 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of...

http-aspnet-debug NSE Script

Determines if a ASP.NET application has debugging enabled using a HTTP DEBUG request. The HTTP DEBUG verb is used within ASP.NET applications to start/stop remote debugging sessions. The script sends a 'stop-debug' command to determine the application's current configuration state but access to R...

CVE-2016-4087

Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets...

CVE-2016-4087

CVE-2016-4087 affects Huawei S12700 switches pre-V200R008C00SPC500 and S5700 switches pre-V200R005SPH010. When the device Debug switch is on, processing crafted DNS packets can cause a denial of service or remote code execution due to an input validation/checksum vulnerability in the affected Hua...

Malware-Laced Porn Apps Behind Wave of Android Lockscreen Attacks

Incidents of Android lockscreen malware masquerading as porn apps are a growing concern to security analysts who are forecasting an uptick in attacks. Once infected, Android users bitten by this malware appear to be locked out of their device and are forced to undergo a complex extraction of the...

Error: "A Configuration Error Occurred. Please Try Again" On XenMobile Server 10 While Adding App to Web Console

When adding an app via XenMobile Web Interface hosted on Apple’s App Store and error occurs “A configuration error occurred. Please try again,” when clicking save When collecting XenMobile 10 Debug Logs we see the following: 015-05-14T15:36:35.447-0500 | CF61DC628850C45E | ERROR |...

PT-2016-3144 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.6.1 Description: The issue is related to the ring buffer resize function in the kernel's profiling subsystem, which mishandles certain integer calculations. This can be exploited by local users to gain...

Input checksum vulnerability in several Huawei switches

The S5700 series switches are Huawei's full Gigabit Ethernet switches for large-bandwidth access and Ethernet multi-service aggregation. the S12700 series switches are agile switches specially designed and developed for the core of next-generation campus networks. An input checksum vulnerability...

Adobe Analytics AppMeasurement for Flash Library Cross-Site Scripting Vulnerability

Adobe Analytics AppMeasurement for Flash Library is a component based on the Flash Library and used to compile Flash or Flex applications. A cross-site scripting vulnerability in Adobe Analytics AppMeasurement for Flash Library, when debugTracking is enabled in the program, could be exploited by...

CVE-2016-1036

Cross-site scripting XSS vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

FreeBSD : PJSIP -- TCP denial of service in PJProject (e21474c6-031a-11e6-aa86-001999f8d30b)

The Asterisk project reports : PJProject has a limit on the number of TCP connections that it can accept. Furthermore, PJProject does not close TCP connections it accepts. By default, this value is approximately 60. An attacker can deplete the number of allowed TCP connections by opening TCP...

ISC BIND buffer.c REQUIRE Assertion Failure Denial of Service (CVE-2015-8705)

A denial-of-service vulnerability has been reported in BIND DNS package bind9. The vulnerability is due to improper conversion of OPT resource records ECS options to text format. A remote, unauthenticated attacker could exploit this vulnerability against Recursive or Authoritative DNS servers tha...