GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.

...

CVE-2020-3524

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

CVE-2020-3524

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

CVE-2020-3524 Cisco IOS XE ROM Monitor Software Vulnerability

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

LY Corporation: Debugging panel exposure

Vulnerability description not provided...

Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale

Microsoft is dedicated to working with the community and our customers to continuously improve and tune our platform and products to help defend against the dynamic and sophisticated threat landscape. Earlier this year, we announced that we would replace the existing software testing experience...

CVE-2020-25280

An issue was discovered on Samsung mobile devices with Q10.0 Exynos and MediaTek chipsets software. Unauthenticated attackers can execute LTE/5G commands by sending a debugging command over USB. The Samsung ID is SVE-2020-16979 September 2020...

Command injection

An issue was discovered on Samsung mobile devices with Q10.0 Exynos and MediaTek chipsets software. Unauthenticated attackers can execute LTE/5G commands by sending a debugging command over USB. The Samsung ID is SVE-2020-16979 September 2020...

CVE-2020-25280

An issue was discovered on Samsung mobile devices with Q10.0 Exynos and MediaTek chipsets software. Unauthenticated attackers can execute LTE/5G commands by sending a debugging command over USB. The Samsung ID is SVE-2020-16979 September 2020...

Exploit for CVE-2014-7911

This is a local root exploit for Nexus5 Android 4.4.4KTU84P. The exploit is based on the CVE-2014-7911 vulnerability, which is a privilege escalation vulnerability in the Android operating system. The exploit is designed to gain root access on the device. The exploit is implemented in Java and us...

Browsertunnel - Surreptitiously Exfiltrate Data From The Browser Over DNS

Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing dns-prefetch, a feature intended to reduce the perceived latency of websites by doing DNS lookups in the background for specified domains. DNS traffic does not appear in the browser'...

welpwn

This is an exploit module for a vulnerability in a binary, targeting a heap-based buffer overflow. The module is part of the PwnContext framework, which is a Python library for exploitation and reverse engineering. The module is designed to exploit a vulnerability in a binary that allows for a...

CVE-2019-4701

IBM Security Guardium Data Encryption GDE 3.0.0.2 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 171936...

Code injection

IBM Security Guardium Data Encryption GDE 3.0.0.2 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 171936...

CVE-2019-4701

CVE-2019-4701 concerns IBM Guardium Data Encryption (GDE) 3.0.0.2, where active debugging code can create unintended entry points. Connected sources (CNVD-2020-50543) describe a cross-site scripting vulnerability in GDE 3.0.0.2 related to this issue, attributed to an unintended debugger entry. Th...

CVE-2019-4701

IBM Security Guardium Data Encryption GDE 3.0.0.2 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 171936...

CVE-2020-7705

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE .These vulnerabilities have been fixed in GDE 4.0.0.0. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2019-4713 DESCRIPTION: IBM Guardium Data Encryption GDE could allow a...

Phantom-Evasion

This is a Python antivirus evasion tool called Phantom-Evasion. It is free software, licensed under the GNU General Public License GPL version 3. The tool is designed to evade detection by antivirus software and is intended for educational or research purposes only. The tool consists of several...

OSV-2020-1448 Global-buffer-overflow in vte_write_debug

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22203 Crash type: Global-buffer-overflow READ 1 Crash state: vtewritedebug sendprimaryda doesc...