EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1444)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for...

CVE-2020-1015

An elevation of privilege vulnerability exists in the way that the User-Mode Power Service UMPS handles objects in memory, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011. Recent assessments: bwatters-r7 at...

Guarding against supply chain attacks—Part 2: Hardware risks

The challenge and benefit of technology today is that it’s entirely global in nature. This reality is brought into focus when companies assess their supply chains, and look for ways to identify, assess, and manage risks across the supply chain of an enterprise. Part 2 of the “Guarding against...

EVABS - Extremely Vulnerable Android Labs

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application...

Security update for teeworlds (moderate)

openSUSE Security Update: Security update for teeworlds Announcement ID: openSUSE-SU-2019:1793-1 Rating: moderate References: 1112910 1131729 Cross-References: CVE-2018-18541 CVE-2019-10877 CVE-2019-10878 CVE-2019-10879 Affected Products: openSUSE Leap 15.1 An update that fixes four vulnerabiliti...

Exploit for Integer Overflow or Wraparound in F5 Nginx

CVE-2017-7529-POC Affected Vulnerabilities This vulner...

Google Removes 85 Adware Apps That Infect 9 Million Android Users

Google has removed 85 apps from its Play Store after finding out that they were pushing aggressive, full-screen adware to Android users. With the rise in the mobile market, Adware has become one of the most prevalent mobile threats in the world. Adware has traditionally been used to aggressively...

Nextcloud: Missing memory corruption protection on Windows release built

Hi, we have noticed that the Windows Desktop Client doesn't enable the protections ASLR and DEP and others. These protections are per-default enabled since approximately 10 years in Visual Studio and are very important because they make exploitation a lot harder or even make some vulnerabilities...

Researchers Say More Spectre-Related CPU Flaws On Horizon

After another speculative execution side channel-related flaw has been disclosed in processors, security experts say that more may be on the horizon. Researchers on Monday disclosed Variant 4, a new speculative execution side channel category flaw that allows attackers to read privileged data...

GSA Bounty: Subdomain Takeover due to unclaimed domain pointing to AWS

Note: I know this is on an out of scope domain, however felt it should still be raised as it was the only subdomain of data.gov to be vulnerable. Issue Details The consultant identified that subdomain https://18f.domains.api.data.gov/ is pointing to dn9rrjaiux2m0.cloudfront.net via a DNS CNAME...

CVE-2017-12718

A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on t...

FreeBSD -- OpenSSL multiple vulnerabilities

Problem Description: Invoking SSLread/SSLwrite while in an error state causes data to be passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSLread/SSLwrite being...

X (Formerly Twitter): OS Command Execution on User's PC via CSV Injection

Summary: Twitter is vulnerable to CSV Injection. If an attacker can successfully exploit this, then they will compromise the PC of the user. The injection point is via a tweet on the main twitter.com site while the retrieval point is via the “Export Data” option on the analytics site. Description...

Satoshi Bomb

Let us discuss what defines the profitability of bitcoin mining, what principles for mining speed adaptation were initially embedded into it, and why these principles can lead to the failure of the cryptocurrency in the long run. We assume that the reader has an idea of basic Bitcoin mechanics su...

To Keep Players Happy, First Seek Understanding

Me: To keep your players happy - you need to understand why they're not. You: Uh, yeah obviously. Thanks. So what? Actually, I have a lot to say on the topic of keeping players happy. A few months back I wrote a quick post about Friction. Friction, as I defined it, is anything that prompts your...

CVE-2017-9230

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. Th...

CVE-2017-9230

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. Th...

PT-2017-18795 · Bitcoin · Bitcoind

Name of the Vulnerable Software and Affected Versions: Bitcoin affected versions not specified Description: The Bitcoin Proof-of-Work algorithm has an issue related to 80-byte block headers with varying initial 64-byte chunks followed by the same 16-byte chunk, and multiple candidate root values...

Android Security Bulletin—January 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Google devices through an over-the-air OTA update. The Google device firmware images have also been released to the Google Developer...

2016 Flare-On Challenge Solutions

I would like to thank the challenge authors this year: 1. Alexander Rich 2. Matt Williams @0xmwilliams 3. Dominik Weber 4. James T. Bennett @jtbennettjr 5. Tyler Dean 6. Josh Homan 7. Alex Berry 8. Nick Harbour @nickharbour 9. Jon Erickson @2130706433 10. FireEye Labs Advanced Vulnerability...