CVE-2017-10983

An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service...

CVE-2017-10983

An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service...

Fedora 26 : mingw-libtasn1 (2017-d5cf1a55ce)

Noteworthy changes in release 4.11 released 2017-05-27 stable - Introduced the ASN1TIMEENCODINGERROR error code to indicate an invalid encoding in the DER time fields. - Introduced flag ASN1DECODEFLAGALLOWINCORRECTTIME. This flag allows decoding errors in time fields even when in strict DER mode...

Oracle Linux 6 : kernel (ELSA-2017-1723)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1723 advisory. - mm enlarge stack guard gap Larry Woodman 1452729 1452730 CVE-2017-1000364 CVE-2017-1000366 - fs nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce...

SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2017:1838-1)

This update for gnutls fixes the following issues : - GNUTLS-SA-2017-4 / CVE-2017-7507: Fix crash in status response TLS extension decoding bsc1043398 - GNUTLS-SA-2017-3 / CVE-2017-7869: Fix out-of-bounds write in OpenPGP certificate decoding bsc1034173 - Address read of 4 bytes past the end of...

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to perform write operations beyond the memory boundaries, related to the function ipvideodecodeblockopcode0xA in...

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to perform write operations beyond the memory boundaries, related to the function ffh264SliceContextInit in libavcodec/h264dec.c...

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to perform out-of-memory writes, related to the decodezbuf function in libavcodec/pngdec.c...

Humax HG100R 2.0.6 - Backup File Download

Humax HG100R 2.0.6 - Backup File Download coding: utf-8 Exploit Title: Humax Backup file download Date: 29/06/2017 Exploit Author: gambler Vendor Homepage: http://humaxdigital.com Version: VER 2.0.6 Tested on: OSX Linux CVE : CVE-2017-7315 import sys import base64 import shodan import requests...

UBUNTU-CVE-2017-9994

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

Adobe Flash - Image Decoding Out-of-Bounds Read Exploit

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)

The Mozilla Firefox was updated to the new ESR 52.2 release, which fixes the following issues bsc1043960 : - MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder - MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading - MFSA 2017-16/CVE-2017-7751 Use-after-free with content...

Adobe Flash - Image Decoding Out-of-Bounds Read

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit: http://127.0.0.1/LoadImage.swf=read1.png Proof of Concept:...

Adobe Flash - Image Decoding Out-of-Bounds Read

Adobe Flash - Image Decoding Out-of-Bounds Read Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:...

Null pointer dereference

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...

CVE-2017-7507

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...

The vulnerability of the TrustZone component in the Android operating system allows a hacker to simplify the process of decoding messages.

The vulnerability of the TrustZone component in the Android operating system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can enable a remote attacker to simplify the process of decoding messages...

The vulnerability of the embedded file system (EFS) of the Android operating system allows a hacker to simplify the process of decoding messages.

The vulnerability of the embedded file system EFS of the Android operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can enable a malicious actor to simplify the process of decoding messages remotely...

UBUNTU-CVE-2017-7507

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...

[SECURITY] Fedora 25 Update: libtasn1-4.12-1.fc25

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...