Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

F5 Networks BIG-IP : NodeJS vulnerability (K37111863)

Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate...

DragonCrack

DragonCrack a C++ Crackme with an RPGStyle story-line. You have to escape the dungeon and retrieve the key. There is a Dragon in the dungeon that fights back by casting spells upon you anti-debugging techniques there is a twist at the end and you will discover that the key was always you knew...

Windows Exploitation Tricks: Abusing the User-Mode Debugger

Posted by James Forshaw, Google Project Zero I've recently been adding native user-mode debugger support to NtObjectManager. Whenever I add new functionality I have to do some research and reverse engineering to better understand how it works. In this case I wondered what access you need to debug...

openSUSE Security Update : Chromium (openSUSE-2019-548)

This update for Chromium to version 67.0.3396.99 fixes multiple issues. Security issues fixed bsc1095163 : - CVE-2018-6123: Use after free in Blink - CVE-2018-6124: Type confusion in Blink - CVE-2018-6125: Overly permissive policy in WebUSB - CVE-2018-6126: Heap buffer overflow in Skia -...

openSUSE Security Update : nodejs6 (openSUSE-2019-234)

This update for nodejs6 to version 6.16.0 fixes the following issues : Security issues fixed : - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation bsc1113652 - CVE-2018-5407: Fixed a hyperthread port content side channel attack aka 'PortSmash' bsc1113534 - CVE-2018-12120...

openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:0234-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cheat Engine - A Development Environment Focused On Modding

Cheat Engine is an open source tool designed to help you with modifying single player games running under window so you can make them harder or easier depending on your preferencee.g: Find that 100hp is too easy, try playing a game with a max of 1 HP, but also contains other usefull tools to help...

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0395-1)

This update for nodejs6 to version 6.16.0 fixes the following issues : Security issues fixed : CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation bsc1113652 CVE-2018-5407: Fixed a hyperthread port content side channel attack aka 'PortSmash' bsc1113534 CVE-2018-12120: Fixe...

Interview with a malware hunter: Jérôme Segura

In our series "Interview with a malware hunter," our feature role today goes to Jérôme Segura, Malwarebytes’ Head of Threat Intelligence and world-renowned exploit kits researcher. The goal of this series is to introduce our readers to our malware intelligence crew by involving them in these Q&A...

Security update for nodejs4 (important)

openSUSE Security Update: Security update for nodejs4 Announcement ID: openSUSE-SU-2019:0088-1 Rating: important References: 1113534 1113652 1117625 1117626 1117627 1117629 1117630 Cross-References: CVE-2018-0734 CVE-2018-12116 CVE-2018-12120 CVE-2018-12121 CVE-2018-12122 CVE-2018-12123...

SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0117-1)

This update for nodejs4 fixes the following issues : Security issues fixed : CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation bsc1113652 CVE-2018-5407: Fixed a hyperthread port content side channel attack aka 'PortSmash' bsc1113534 CVE-2018-12120: Fixed that the debugge...

dnSpy - .NET Debugger And Assembly Editor

dnSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing a...

[SECURITY] Fedora 29 Update: radare2-3.2.0-1.fc29

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

[SECURITY] Fedora 28 Update: radare2-3.2.0-1.fc28

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

Notepad++: Security check failure or stack buffer overrun (crash)

poc.py 1 Run poc.py 2 Open notepad++.exe 3 Go to "Define language..." 4 Use tab "Comment and Number" 5 Open 1stfield.txt and copy content to clipboard 6 Paste clipboard on "Comment line style in field Open" 7 Open 2ndfield.txt and copy content to clipboard 8 Paste clipboard on "Comment line style...

Privilege Escalation

gdb is vulnerable to privilege escalation attacks. The vulnerability exists as GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python...

CVE-2018-6140

Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...

CVE-2018-6139

Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...