DEBIAN-CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

Design/Logic Flaw

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

UBUNTU-CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

DEBIAN-CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

UBUNTU-CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

The vulnerability of the mod_session module in the Apache HTTP Server, related to the lack of consideration for the lifetime of a session, allows attackers to compromise the integrity of protected data.

The vulnerability of the modsession module in the Apache HTTP Server is related to the lack of time-out checking before session data is decoded. Exploiting this vulnerability allows an attacker to compromise the integrity of protected data...

DEBIAN-CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service NULL pointer dereference and out-of-array access or possibly have unspecified other impact via crafted HEVC data...

50m-ctf: Writeup

h1 50M CTF =========== This is my solution for the h1 ctf. On the 27th of february h1 posted this tweet: Since there is no link no any sort of challenge I supposed the challenges is self contained inside this tweet. My guess was the first clue is inside the embeded picture, and since the second o...

Design/Logic Flaw

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

50m-ctf: $50 million CTF Writeup

Summary: For a brief overview of the challenge you can take a look at the following image: F451370 Below I will detail each step that I took to solve the CTF, moreover all the bad assumptions that led me to a dead end in some cases. Twitter The CTF begins with this tweet: F451371 What is this...

CVE-2018-20032

A Denial of Service vulnerability related to message decoding in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemo...

Denial of service

A Denial of Service vulnerability related to message decoding in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemo...

CVE-2018-20032

A Denial of Service vulnerability related to message decoding in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemo...

NSS Netscape Certificate Sequences CERT_DecodeCertPackage() Crash

nss: CERTDecodeCertPackage crash with Netscape Certificate Sequences I noticed that the main entrypoint for decoding DER blobs in NSS, CERTDecodeCertPackage, actually handles multiple formats including PEM, PKCS7, and old Netscape Certificate Sequences. You can generate a Netscape Certificate...

DEBIAN-CVE-2019-9721

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...