The vulnerability of the virtio_pci_remove handler’s implementation in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the virtiopciremove handler in the Astra Linux operating system’s kernel the loaded module drivers/virtio/virtiopci.ko is related to a memory release error. In the virtiopciprobe function, memory is allocated for vpdev, but the memory is not released in the virtiopciremove...

CVE-2019-12881

i915gemuserptrgetpages in drivers/gpu/drm/i915/i915gemuserptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service NULL pointer dereference and BUG or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0...

Command Injection

Overview All versions of soletta-dev-app are vulnerable to Command Injection. The package does not validate user input on the /api/service/status API endpoint, passing contents of the service query parameter to an exec call. This may allow attackers to run arbitrary commands in the system...

DEBIAN-CVE-2019-12779

libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames under /dev/shm and /tmp without OEXCL...

Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation

Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation While fuzzing Spidermonkey, I encountered the following commented and modified JavaScript program which crashes debug builds of the latest release version of Spidermonkey from commit...

Information Disclosure

Linux kernel is vulnerable to information disclosure vulnerability. This is because Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. A privileged user could read some memory contents...

Debian DSA-4443-1 : samba - security update

Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation. Details can be found in the upstream advisory at C Tenable Network Security, Inc. The...

Panasonic FPG-DEV-M Communications Adapter Detection

Binary data 755251.prm...

Improper Access Control

Linux kernel is vulnerable to improper access control. The vulnerability exists because the mm subsystem in the Linux kernel does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism. Local users could read or write to kernel memory locations in the first megabyte and bypass...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. blkrqmapuseriov function in the Linux kernel's block device implementation does not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a use-after-fre...

Authorization Bypass

kernel-rt is vulnerable to authorization bypass. A flaw was found in the way file permission checks for the /dev/cpu/x/msr files were performed in restricted root environments for example, when using a capability-based security model. A local user with the ability to write to these files could us...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. A flaw was found in the way file permission checks for the /dev/kmsg file were performed in restricted root environments for example, when using a capability-based security model. A local user able to write to this file could cause a denial of service...

CVE-2019-11463

A memory leak in archivereadformatzipcleanup in archivereadsupportformatzip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVELZMAH typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of th...

CVE-2019-11463

A memory leak in archivereadformatzipcleanup in archivereadsupportformatzip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVELZMAH typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of th...

CVE-2019-11463

A memory leak in archivereadformatzipcleanup in archivereadsupportformatzip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVELZMAH typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of th...

CVE-2019-6481

Abine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor Auth Bypass" attacks by using the "Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor request in a mobile app." approach,...

CVE-2019-6481

Abine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor Auth Bypass" attacks by using the "Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor request in a mobile app." approach,...

Microsoft Visio 2016 16.0.4738.1000 Denial Of Service

-⋆- coding: utf-8 -⋆- Created on Thu Feb 21 01:32:50 2019 @author: César """ Exploit Title: Microsoft Visio 2016 16.0.4738.1000 "Log in accounts" allows go on whit email formed by one thousand A in every of its parts [email protected] Descovered by: César Adrián Coronado Llanos Descovered...

Microsoft Visio 2016 16.0.4738.1000 - Log in accounts Denial of Service

Microsoft Visio 2016 16.0.4738.1000 - Log in accounts Denial of Service -⋆- coding: utf-8 -⋆- Created on Thu Feb 21 01:32:50 2019 @author: César """ Exploit Title: Microsoft Visio 2016 16.0.4738.1000 "Log in accounts" allows go on whit email formed by one thousand A in every of its parts...

NASM: Multiple vulnerabilities

Background NASM is a 80x86 assembler that has been created for portability and modularity. NASM supports Pentium, P6, SSE MMX, and 3DNow extensions. It also supports a wide range of objects formats ELF, a.out, COFF, etc, and has its own disassembler. Description Multiple vulnerabilities have been...