CVE-2017-16579

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Retargetable Machine-Code Decompiler: RetDec

RetDec is a retargetable machine-code decompiler based on LLVM . The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code. Supported architectures 32...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.0 security update

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Mobotap Dolphin Browser for Android Arbitrary File Write Vulnerability

Mobotap Dolphin Browser for Android is a web browser for the Android platform from MoboTap. An arbitrary file write vulnerability exists in version 12.0.2 of Mobotap Dolphin Browser for Android. An attacker can exploit this vulnerability to overwrite executable files in the Dolphin Browser data...

Vivotek IP Cameras - Remote Stack Overflow (PoC)

Vivotek IP Cameras - Remote Stack Overflow PoC STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials...

CVE-2014-8358

Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 23.015.02.07.1014 and before V200R003B015D02SP08C1014 23.015.02.08.1014 use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a...

CVE-2017-17551

The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a...

Design/Logic Flaw

The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a...

TeamCity 2017.1.5 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits TeamCity 2017.1.5 - Weak file permissions - Privilege Escalation ===================================================== Vendor Homepage: http://www.jetbrains.com Date: 17 Oct 2017 Version : TeamCity Version: 2017.1.5 Build: 47175 Tested on:...

Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability

Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation. Chakra: CFG bypass due to a bug in ServerFreeAllocation CVE-2017-11874 Chakra JIT server exposes a ServerFreeAllocation method that can be used to free an existing JIT allocation for example when the corresponding function get...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-36672)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the dumprelocsinsection function in objdump.c in...

UBUNTU-CVE-2017-17122

The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...

Axis Communications MPQT/PACS Heap Overflow / Information Leakage

STX Subject: Axis Communications MPQT/PACS Heap Overflow and Information Leakage. Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis August 2017 PoC: https://github.com/mcw0/PoC Release date: December 1, 2017 Full Disclosure: 90 days due to the large volume o...

PT-2017-4320 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29.1 Description: The issue is related to an integer overflow in the dump relocs in section function of the objdump.c component. This allows a remote attacker to cause a denial of service, potentially leading to excessi...

USN-3485-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3485-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34507)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in the aoutgetexternalsymbols function in aoutx.h in the Binary File Descriptor BFD library used in GNU...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34502)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the pebfdreadbuildid function in peicode.h in the...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34508)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data, and assembly source code. A denial of service vulnerability exists in the coffslurplinetable function in coffcode.h in the Binary File Descriptor BFD library used in GNU...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34503)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because coffgen.c in the Binary File Descriptor BFD libra...

UBUNTU-CVE-2017-16827

The aoutgetexternalsymbols function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service slurpsymtab invalid free and application crash or possibly have unspecified other impact via a crafted E...