82 matches found
To protect the contract in case of hacking or detection of incorrect operation, it is necessary to add pause and blacklist functions
Lines of code Vulnerability details Impact Cases of hacking and self-identification of errors in contact often occur. To protect the contract in such a case, the pause and blacklist functions in the contract are usually used. This would provide protection for the DelegateToken.sol contract in cas...
Heap-based buffer overflow in function ins_compl_add
Description Heap-based buffer overflow in function inscompladd at insexpand.c:751 Version commit b8329db36a886355e6e9cb9986a3668fef78c438 HEAD - master, tag: v9.0.0044 Proof of Concept guest@elk:/trung$ valgrind ./vimlatest/src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ./poc/poc42min -c :qa!...
SUSE: Security Advisory (SUSE-SU-2018:3864-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libxml2: DoS caused by incorrect error detection during XZ decompression
A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash...
libxml2: Infinite loop caused by incorrect error detection during LZMA decompression
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251...
[SECURITY] Fedora 30 Update: openqa-4.6-18.20190716git5bfa647.fc30.2
openQA is a testing framework that allows you to test GUI applications on o ne hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA i...
SUSE-SU-2019:1553-1 Security update for openssl
This update for openssl fixes the following issues: - CVE-2018-0732: Reject excessively large primes in DH key generation bsc1097158 - CVE-2018-0734: Timing vulnerability in DSA signature generation bsc1113652 - CVE-2018-0737: Cache timing vulnerability in RSA Key Generation bsc1089039 -...
Google Android has an unspecified vulnerability (CNVD-2018-10068)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.Qualcomm MDM9635M, Qualcomm SD 400, and Qualcomm SD 800 are Qualcomm's central processing unit CPU products. (Qualcomm MDM9635M, Qualcomm SD 400 and Qualcomm SD 800 are Qualcomm's...
MGASA-2017-0335 Updated tcpdump packages fix security vulnerabilities
Summary for 4.9.2 tcpdump release Do not use getprotobynumber for protocol name resolution. Do not do any protocol name resolution if -n is specified. Improve errors detection in the test scripts. Fix a segfault with OpenSSL 1.1 and improve OpenSSL usage. Clean up IS-IS printing. Fix buffer...
libxml2: DoS caused by incorrect error detection during XZ decompression
A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash...
M.I.T. Researchers Debut Integer Overflow Debugger
Students from M.I.T. have devised a new and more efficient way to scour raw code for integer overflows, the troublesome programming bugs that serve as a popular exploit vector for attackers and often lead to the crashing of systems. Researchers from the school’s Computer Science and Artificial...
Fedora 20 : pigz-2.3.3-1.fc20 (2015-1510)
Update to 2.3.3, fixes CVE-2015-1191 : - Return zero exit code when only warnings are issued - Increase speed of unlzw Unix compress decompression - Update zopfli to current google state - Allow larger maximum blocksize -b, now 512 MiB - Do not require that -d precede -N, -n, -T options - Strip a...
DTLS Error Detection
Binary data 8286.prm...
DTLS Client Error Detection
Binary data 8287.prm...
HTTP 500 Detection
Binary data 6844.prm...
[Vega v1.0] Web Application Security Scanner
Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting XSS, inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux , OS X , and Window...
RHEL 5 : kernel (RHSA-2012:1481)
Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...
http-form-fuzzer NSE Script
Performs a simple form fuzzing against forms found on websites. Tries strings and numbers of increasing length and attempts to determine if the fuzzing was successful. Script Arguments http-form-fuzzer.minlength the minimum length of a string that will be used for fuzzing, defaults to 300000...
Fully automated MySQL5 boolean based enumeration tool
Fully automated MySQL5 boolean based enumeration tool Blackhatacademy Developers releases Fully automated MySQL5 boolean based enumeration tool. By default, this script will first determine username, version and database name before enumerating the informationschema information. When the -q flag ...
Fedora 11 : krb5-1.6.3-31.fc11 (2010-8796)
Shawn Emery discovered a remotely-triggerable NULL pointer dereference in the Kerberos GSS-API library which could be used to cause GSS-API-authenticated services to crash. This update incorporates fixes to instead correctly detect the error and return an error code. Note that Tenable Network...