2466 matches found
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on the upstream 4.14.13 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...
Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (110 bytes)
/ ; Title: Add map in /etc/hosts file - 110 bytes ; Date: 2014-10-29 ; Platform: linux/x8664 ; Website: http://osandamalith.wordpress.com ; Author: Osanda Malith Jayathissa @OsandaMalith global start section .text start: ;open xor rax, rax add rax, 2 ; open syscall xor rdi, rdi xor rsi, rsi push...
Denial of Service Vulnerability in ForceControl V7.2 Product NetServer.exe
ForceControl is the configuration software developed by ForceControl Technology for the general monitoring and control configuration software market. As the basic platform software in industrial automation software, ForceControl can provide solutions for all kinds of industries. A denial of servi...
Authentication flaw
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service assertion failure and application exit by leveraging "full" not necessarily admin privileges to post an invalid profile to the admin API, related to rgw/rgwiampolicy.cc, rgw/rgwbasictypes.h,...
CVE-2017-16818
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service assertion failure and application exit by leveraging "full" not necessarily admin privileges to post an invalid profile to the admin API, related to rgw/rgwiampolicy.cc, rgw/rgwbasictypes.h,...
CVE-2017-16818
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service assertion failure and application exit by leveraging "full" not necessarily admin privileges to post an invalid profile to the admin API, related to rgw/rgwiampolicy.cc, rgw/rgwbasictypes.h,...
CVE-2017-16818
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service assertion failure and application exit by leveraging "full" not necessarily admin privileges to post an invalid profile to the admin API, related to rgw/rgwiampolicy.cc, rgw/rgwbasictypes.h,...
CVE-2017-11019
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the fd allocated during the getmetadata was not closed even though the buffer allocated to the fd was freed. This resulted in a failure during exit sequence...
CVE-2017-16818
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service assertion failure and application exit by leveraging "full" not necessarily admin privileges to post an invalid profile to the admin API, related to rgw/rgwiampolicy.cc, rgw/rgwbasictypes.h,...
CVE-2017-16560
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes...
CVE-2017-16560
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes...
Exitmap - A Fast and Modular Scanner for TOR Exit Relays
Exitmap is a fast and modular Python-based scanner for Tor exit relays. Exitmap modules implement tasks that are run over a subset of all exit relays. If you have a background in functional programming, think of exitmap as a map interface for Tor exit relays: Modules can perform any TCP-based...
CVE-2017-14954
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call...
CVE-2017-13658
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service assertion failure and application exit in the DestroyImageInfo function in MagickCore/image.c...
Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH)
!/usr/bin/env python Exploit Title: Dup Scout Enterprise v 9.9.14 Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/setups/dupscoutentsetupv9.9.14.exe Version:...
Denial Of Service (DoS)
ImageMagick is vulnerable to denial of service DoS attacks. These attacks can be conducted because there is a missing NULL check in the ReadMATImage function which leads to an assertion failure and application exit from within the DestroyImageInfo function...
CVE-2017-13658
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service assertion failure and application exit in the DestroyImageInfo function in MagickCore/image.c...
CVE-2017-13658
Summary (CVE-2017-13658) ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3 is vulnerable due to a missing NULL check in ReadMATImage (coders/mat.c). This can trigger a denial of service (assertion failure and application exit) in DestroyImageInfo (MagickCore/image.c). Root cause is a NULL-checked...
AIX bind Advisory : bind_advisory14.asc (IV91214) (IV91253) (IV91254) (IV91255) (IV91256) (IV91257)
The version of bind installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists when handling malformed options sections. An unauthenticated, remote attacker can exploit this, via a specially crafted OPT resource record, to cause an...
CVE-2017-11692
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service assertion failure and application exit via a '!2' string...