DEBIAN-CVE-2020-29371

An issue was discovered in romfsdevread in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:2034-1 Rating: important References: 1050549 1067665 1170630 1172873 1175306 1175721 1176855 1176983 1177397 1177703 1177819 1177820 1178182 1178393 1178589 1178686 1178765 1178782 1178838 1178853...

Ubuntu 20.10 : c-ares vulnerability (USN-4638-1)

The remote Ubuntu 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4638-1 advisory. c-ares could be made to denial of service if it received a specially crafted DNS request. Tenable has extracted the preceding description block directly from the Ubun...

GLSA-202011-18 : Apache Ant: Insecure temporary file

The remote host is affected by the vulnerability described in GLSA-202011-18 Apache Ant: Insecure temporary file A previous fix for a security vulnerability involving insecure temporary files has been found to be incomplete. Impact : A local attacker could perform symlink attacks to overwrite...

api-dev.cinenews.be Cross Site Scripting vulnerability OBB-1492969

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

git-lfs Remote Code Execution

/ Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go Discovered by Dawid Golunski https://legalhackers.com https://exploitbox.io Affected RCE exploit: Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken / SmartGit /...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS.Lack of validation in getrawsocket in drivers/vhost/net.c of an skfamily field allows to attacker perform ioctl2 calls on the '/dev/vhost-net' device may use this flaw to crash the kernel...

Out Of Bound Writes (OOB)

kernel-rt is vulnerable to out of bound writes attacks. A user or process able to access the /dev/kvm device could use this flaw to crash the system, resulting in a denial of service...

libvirt: leak of /dev/mapper/control into QEMU guests

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

Linux: noexec option on /dev/shm

The noexec mount option specifies that the filesystem cannot contain executable binaries. Setting this option on a file system prevents users from executing programs from shared memory. This deters users from introducing potentially malicious software on the system. SPDX-FileCopyrightText: 2020...

UBUNTU-CVE-2020-16127

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

Local file disclosure / path traversal within WEB-INF in Crucible - CVE-2020-29446

Affected versions of Atlassian Dev Tools allow remote attackers to browse local files via an Insecure Direct Object References IDOR vulnerability in WEB-INF in Fisheye/Crucible. The affected versions are before version 4.8.5. Affected versions: version 4.8.5 Fixed versions: 4.8.5 4.9.0...

Local file disclosure / path traversal within WEB-INF in Crucible - CVE-2020-29446

Affected versions of Atlassian Dev Tools allow remote attackers to browse local files via an Insecure Direct Object References IDOR vulnerability in WEB-INF in Fisheye/Crucible. The affected versions are before version 4.8.5. Affected versions: version 4.8.5 Fixed versions: 4.8.5 4.9.0...

Local file disclosure / path traversal within WEB-INF in Crucible - CVE-2020-29446

Affected versions of Atlassian Dev Tools allow remote attackers to browse local files via an Insecure Direct Object References IDOR vulnerability in WEB-INF in Fisheye/Crucible. The affected versions are before version 4.8.5. Affected versions: version 4.8.5 Fixed versions: 4.8.5 4.9.0...

Local file disclosure / path traversal within WEB-INF in Crucible - CVE-2020-29446

Affected versions of Atlassian Dev Tools allow remote attackers to browse local files via an Insecure Direct Object References IDOR vulnerability in WEB-INF in Fisheye/Crucible. The affected versions are before version 4.8.5. Affected versions: version 4.8.5 Fixed versions: 4.8.5 4.9.0...

Metasploit Wrap-Up

Hacktoberfest 2020 is happening Metasploit is proud to announce that we're participating in Hacktoberfest 2020. Presented by DigitalOcean, Intel, and DEV, Hacktoberfest is an annual celebration of open-source software during the month of October. The first 70,000 participants to submit 4 pull...

ALPINE-CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

IoTMap - Research Project On Heterogeneous IoT Protocols Modelling

IoTMap is a tool that models IoT networks using one or multiple protocols simultaneously. This is work in progress, as a part of a PhD thesis on Internet Of Things security. This repository is regularly updated as new results are obtained. This project supports 3 protocol as this time : BLE, ZigB...

@ieremeev/app (>=3.0.1 <=4.1.1), @meetup/swarm-docs (=0.7.10-beta.0) +7 more potentially affected by unknown CVE via serve (>=10.0.0 <=10.1.1)

serve NPM version =10.0.0, =3.0.1, =0.1.0, =0.0.12, =0.0.0, =0.0.10, =0.0.1, =0.0.10 Source cves: unknown CVE Source advisory: OSV:GHSA-48GC-5J93-5CFQ...

Command Injection in soletta-dev-app

All versions of soletta-dev-app are vulnerable to Command Injection. The package does not validate user input on the /api/service/status API endpoint, passing contents of the service query parameter to an exec call. This may allow attackers to run arbitrary commands in the system. Recommendation ...