CVE-2020-13775

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network...

CVE-2020-13775

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network...

UBUNTU-CVE-2020-13775

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network...

CVE-2020-13775

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network...

CVE-2020-13775

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network...

PT-2020-13674 · Znc · Znc

Name of the Vulnerable Software and Affected Versions: ZNC versions 1.8.0 through 1.8.1-rc1 Description: The issue allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network. This can be exploited by attackers ...

(Pwn2Own) Amazon Echo Show Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon Echo Show. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

shadowbroker

This repository, bahuwang/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploit modules and tools...

CVE-2019-5304

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset...

Input validation

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset...

CVE-2019-5304

CVE-2019-5304 affects Huawei devices and is rooted in insufficient input validation for MPLS Echo Request messages, causing a buffer error that can allow an unauthenticated remote attacker to reset the device. Documents designate affected products broadly as Huawei switches/routers and related Cl...

CVE-2019-5304

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset...

Exploit for CVE-2018-11776

Struts2-057/CVE-2018-11776两个版本RCE漏洞分析（含EXP） Ivan@360云影实验室 2018年08月24日 0x01 前言 ========= 2018年8月22日，Apache Strust2发布最新安全公告，Apache Struts2存在远程代码执行的高危漏洞（S2-057/CVE-2018-11776），该漏洞由Semmle Security Research team的安全研究员Man YueMo发现。该漏洞是由于在Struts2开发框架中使用namespace功能定义XML配置时，namespace值未被设置且在上层动作配置（Action...

Security Advisory - Buffer Error Vulnerability in Some Huawei Products

There is a buffer error vulnerability in some Huawei products. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset...

Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers

Another Pwn2Own has drawn to a close, with Team Fluoroacetate researchers Amat Cama and Richard Zhu taking home the Master of Pwn title for the third year in a row. Overall, contestants in the Tokyo 2019 event earned more than $315,000 over the two-day hacking contest, for uncovering 18 different...

This Week in Security News: Amazon Echo Hacked at Pwn2Own Tokyo 2019 and Ransomware Attacks Hit Spanish Companies

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a ransomware that is attacking Spanish companies and how nearly 50 adware apps were found on Google Play. Also, read about how a...

Threat Source newsletter (Oct. 24, 2019)

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Never assume that a malware family is really dead. We’ve done it time and time again with things like Emotet, and Gustuff is proving it...

EulerOS Virtualization for ARM 64 3.0.2.0 : bash (EulerOS-SA-2019-1942)

According to the version of the bash package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LCCTYPE...

EulerOS 2.0 SP5 : bash (EulerOS-SA-2019-1911)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LCCTYPE environment variable, are...

Webmin 1.920 - Remote Code Execution

!/bin/sh CVE-2019-15107 Webmin Unauhenticated Remote Command Execution based on Metasploit module https://www.exploit-db.com/exploits/47230 Original advisory: https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html Alternative advisory spanish:...