CVE-2017-14546

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to an "Error Code 0xe06d7363 starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...

NodeJS Debugger Command Injection

This module uses the "evaluate" request type of the NodeJS V8 debugger protocol version 1 to evaluate arbitrary JS and call out to other system commands. The port default 5858 is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration. Th...

[SECURITY] [DSA 3963-1] mercurial security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...

To DVRF（router flaws drone as an example the interpretation of JEB firmware flaws applications Part 1-the vulnerability warning-the black bar safety net

A, media In this series of articles, I will send everyone to the presentation if any application JEB MIPS Decompiler1to find and the application of the embedded equipment software flaws. In order to accomplish this obligation, we need to apply the Praetorian supplied to the DVRF（Damn Vulnerable...

Bytecode Viewer - A Java 8 Jar & Android Apk Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java...

Mozilla Firefox Remote Code Execution Vulnerability (CNVD-2017-223305)

Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. A remote code execution vulnerability exists in the Venkman script debugger in Mozilla Firefox version 2.0.0.8. A remote attacker can exploit this vulnerability to execute arbitrary code...

Microsoft Edge Chakra Heap Buffer Overflow

IsCoroutine ... else InterpreterStackFrame::Setup setupfunction, args; sizet varAllocCount = setup.GetAllocationVarCount; //printf"varAllocCount: %d%X\r\n", varAllocCount, varAllocCount; sizet varSizeInBytes = varAllocCount sizeofVar; // // Allocate a new InterpreterStackFrame instance on the...

Microsoft Edge Chakra NULL Pointer Dereference

spreadIndices = nullptr // This function emits the arguments for a call. // ArgOut's with uses immediately following defs. EmitArgListStartthisLocation, byteCodeGenerator, funcInfo, callSiteId; Js::RegSlot evalLocation = Js::Constants::NoRegister; // // If Emitting arguments for eval and assignin...

CVE-2007-5341

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8...

CVE-2007-5341

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8...

CVE-2007-5341

CVE-2007-5341 (Firefox Venkman RCE) : The connected documents confirm a remote code execution vulnerability in the Venkman script debugger of Mozilla Firefox, affecting versions before 2.0.0.8. They identify the affected component and vulnerable version but do not provide the underlying root caus...

Microsoft Edge Chakra - Heap Buffer Overflow Exploit

Exploit for windows platform in category dos / poc IsCoroutine ... else InterpreterStackFrame::Setup setupfunction, args; sizet varAllocCount = setup.GetAllocationVarCount; //printf"varAllocCount: %d%X\r\n", varAllocCount, varAllocCount; sizet varSizeInBytes = varAllocCount sizeofVar; // //...

[SECURITY] Fedora 25 Update: seamonkey-2.48-1.fc25

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

[SECURITY] Fedora 26 Update: seamonkey-2.48-1.fc26

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

[SECURITY] Fedora 26 Update: ocaml-4.04.0-10.fc26

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package comprises two batch compilers a fast bytecode compiler and an optimizing native-code compiler, an interactive toplevel system, parsing tools Lex,Yacc, a replay...

CVE-2017-10734

IrfanView version 4.44 32bit might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...

[SECURITY] [DLA 1005-1] mercurial security update

Package : mercurial Version : 2.2.2-4+deb7u4 CVE ID : CVE-2017-9462 Debian Bug : 861243 In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. For Debian 7...

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

Updated mercurial packages fix security vulnerability

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...

MGASA-2017-0182 Updated mercurial packages fix security vulnerability

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...