CVE-2009-5155

In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...

SUSE-SU-2019:0480-1 Security update for supportutils

This update for supportutils fixes the following issues: Security issues fixed: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes bsc1118463. - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files bsc1118460. - CVE-2018-19639: Fixed a code...

CVE-2018-6687

Loop with Unreachable Exit Condition 'Infinite Loop' in McAfee GetSusp GetSusp 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows...

Design/Logic Flaw

Loop with Unreachable Exit Condition 'Infinite Loop' in McAfee GetSusp GetSusp 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows...

CVE-2019-7221

A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested =1 virtualization is enabled. This high resolution timerhrtimer runs when a L2 guest is active. After VM exit, the syncvmcs12 timer object is stopped. The...

Cryptocurrency Firm Loses $145 Million After CEO Dies With Only Password

QuadrigaCX, the largest bitcoin exchange in Canada, has claimed to have lost CAD 190 million nearly USD 145 million worth of cryptocurrency after the exchange lost access to its cold offline storage wallets. Reason? Unfortunately, the only person with access to the company's offline wallet, found...

Linux/x86 exit(0) Shellcode (5 bytes)

/ Exit.asm Author: Daniele Votta Description: Exit with no nulls. Tested on: i686 GNU/Linux Shellcode Length: 5 / include include / Disassembly of section .text: 00000000 : 0: 31 c0 xor eax,eax 2: 40 inc eax 3: cd 80 int 0x80 ======================= POC Daniele Votta ======================= /...

WordPress Yeloni Free Exit Popup 8.1.9 SQL Injection

Exploit Title : WordPress Yeloni Free Exit Popup Plugins 8.1.9 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : yeloni.com Software Download Link : downloads.wordpress.org/plugin/yeloni-free-exit-popup.zip Software...

Denial Of Service (DoS)

bind is vulnerable to denial of service DoS attacks. The vulnerability exists as ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...

Denial Of Service (Dos)

openldap is vulnerable to denial of service. An assertion failure and daemon exit occurs in slapd when an LDAP search query with attrsOnly set to true returns empty attributes. This allows a remote attacker to exploit the vulnerability to crash the process...

SUSE SLED12 / SLES12 Security Update : soundtouch (SUSE-SU-2018:3606-2)

This update for soundtouch fixes the following issues : CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service heap corruption from size inconsistency or possibly have unspecified other impact, as demonstrated by SoundStretch. bsc1108632 CVE-2018-17097: The...

SUSE-SU-2018:3606-2 Security update for soundtouch

This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service heap corruption from size inconsistency or possibly have unspecified other impact, as demonstrated by SoundStretch. bsc1108632 - CVE-2018-17097: The...

ALPINE-CVE-2018-12543

In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is published to Mosquitto that has a topic starting with $, but that is not $SYS, e.g. $test/test, then an assert is triggered that should otherwise not be reachable and Mosquitto will exit...

CVE-2018-17615

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17615

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader for Windows Memory Misreference Vulnerability (CNVD-2018-20650)

Foxit Reader for Windows is China's Foxit Foxit Software Corporation, a Windows-based platform for PDF document reader. A memory misreference vulnerability exists in the handling of the Mouse Exit event in Foxit Reader 9.2.0.9297 and earlier versions for Windows platforms, where the program fails...

Foxit Reader CheckBox Mouse Exit Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Mou...

CVE-2018-17231

Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack...

CVE-2018-17231

Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack...