Microsoft Windows Trusted Boot Security Feature Bypass Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A security feature bypass vulnerability exists in Microsoft Windows. An attacker can exploit this vulnerability to disable code integrity checking, load signed...

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=525 Fuzzing packed executables found the attached crash, it might be usable as an information leak as part of another bug, so filing as a low-risk bug. If I had t...

Kaspersky AntiVirus - PE Unpacking Integer Overflow

Kaspersky AntiVirus - PE Unpacking Integer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=526 Fuzzing of packed executables found the attached crash. 0:022 g 83c.bbc: Access violation - code c0000005 first chance First chance exceptions are reported before an...

Kaspersky AntiVirus - PE Unpacking Integer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=526 Fuzzing of packed executables found the attached crash. 0:022 g 83c.bbc: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected...

OS X Install.framework suid Helper Privilege Escalation Vulnerability

Exploit for macOS platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=314 The private Install.framework has a few helper executables in /System/Library/PrivateFrameworks/Install.framework/Resources, one of which is suid root: -rwsr-sr-x ...

Vulnerabilities of iOS and Mac OS X operating systems, which allow attackers to bypass the code signing protection mechanism

The vulnerability of iOS and Mac OS X operating systems is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass the code signing mechanism by adding code to the created executable file...

CVE-2015-2132

Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors...

Manipulating Microsoft WSUS to Own Enterprises

LAS VEGAS – Windows Server Update Services WSUS is your friend, if you run an enterprise IT shop, because it facilitates the download and distribution of security patches, service pack installations and hardware driver updates among others. Two researchers this week at the Black Hat conference,...

Oracle Linux 6 : kernel (ELSA-2015-1272)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1272 advisory. - fs take imutex during preparebinprm for setid executables Mateusz Guzik 1216269 CVE-2015-3339 - fs pipe: fix pipe corruption and iovec overrun on...

kernel security, bug fix, and enhancement update

2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...

chromium-browser: Settings allowed executable files to run immediately after download in unsepcified

Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to...

Google Chrome Arbitrary Code Execution Vulnerability (CNVD-2015-04903)

Google Chrome is an open source WEB browser. Google Chrome's automatic open list handling suffers from a security vulnerability that allows attackers to build malicious WEB pages, trick users into parsing them, and allow executable files to be executed immediately after download...

Microsoft Internet Explorer EditWith Broker API Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer running in either Protected Mode or Enhanced Protected Mode. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...

IBM InfoSphere DataStage Elevation of Privilege Vulnerability

IBM InfoSphere DatIBM InfoSphere DataStage is a suite of ETL Extract, Transform, and Load tools from IBM that provide data integration solutions with a graphical interface, and are part of the IBM suite of information platform solutions and IBM InfoSphere. A security vulnerability exists in IBM...

HackerOne: Reflected File Download attack allows attacker to 'upload' executables to hackerone.com domain

Hi hackerone team, I'm a friend of Peiying and am looking for a position at hackerone. While playing around with your product, I found a serious vulnerability in your application: it allows attackers to craft executables on the hackerone.com domain rather than the sandboxed one on S3. 1. attacker...

[SECURITY] Fedora 21 Update: mingw-binutils-2.25-1.fc21

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

[SECURITY] Fedora 20 Update: mingw-binutils-2.24-5.fc20

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

BitRaider Streaming Client 1.3.3.4098 - Local Privilege Escalation

BitRaider Streaming Client 1.3.3.4098 Local Privilege Escalation Vulnerability Vendor: BitRaider, LLC Product web page: http://www.bitraider.com Affected version: 1.3.3.4098 Summary: BitRaider is a video game streaming and download service. Desc: BitRaider contains a flaw that leads to...

Offset2lib - Bypassing Full ASLR On 64 bit Linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2014-1204-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title:...

CCH Wolters Kluwer PFX Engagement <= v7.1 Local Privilege Escalation

Exploit for windows platform in category local exploits Exploit Title: CCH Wolters Kluwer PFX Engagement Windows 8, 2003, 2008, 2012 CVE : 2014-9113 Product Affected: CCH Wolters Kluwer PFX Engagement = v7.1 This vulnerability has been reference checked this against multiple installs. This...