tcpdump: Heap buffer overflow in the EXTRACT_16BITS function

tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...

Diggy - Extract Enpoints From APK Files

Diggy can extract endpoints/URLs from apk files. It saves the result into a txt file for further processing. Dependencies apktool Usage ./diggy.sh /path/to/apk/file.apk You can also install it for easier access by running install.sh After that, you will be able to run Diggy as follows: diggy...

CVE-2018-8711

A local file inclusion issue was discovered in the WooCommerce Products Filter aka WOOF plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woofredrawwoof action. The vulnerability is due to the lack of args/input validation on renderhtml before allowing it to be...

CVE-2018-8711

A local file inclusion issue was discovered in the WooCommerce Products Filter aka WOOF plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woofredrawwoof action. The vulnerability is due to the lack of args/input validation on renderhtml before allowing it to be...

Input validation

A local file inclusion issue was discovered in the WooCommerce Products Filter aka WOOF plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woofredrawwoof action. The vulnerability is due to the lack of args/input validation on renderhtml before allowing it to be...

[SECURITY] Fedora 26 Update: freexl-1.0.5-1.fc26

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

DEBIAN-CVE-2018-7648

An issue was discovered in mj2/opjmj2extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line...

CVE-2017-2744

The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 12.7.26.1...

Synology DiskStation Manager Directory Traversal Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music and more. A directory traversal vulnerability exists in SYNO.FileStation.Extract in Synology DSM versions 6.0.x...

UBUNTU-CVE-2017-17682

In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted wpg image file that triggers a ReadWPGImage call...

Synology Router Manager Path Traversal Vulnerability

Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology. A directory traversal vulnerability exists in SYNO.FileStation.Extract in versions of SRM prior to 1.1.5-6542-4. A remote attacker can exploit this vulnerability to write arbitrary files with th...

CVE-2017-15895

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager SRM before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the destfolderpath parameter...

CVE-2017-15893

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the destfolderpath parameter...

PT-2017-14272 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions 6.0.x before 6.0.3-8754-3 Synology DiskStation Manager DSM versions 5.2-5967-6 and earlier Description: A directory traversal issue in the SYNO.FileStation.Extract component allows remote authenticate...

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

fatcat - FAT Filesystems Explore, Extract, Repair, And Forensic Tool

This tool is designed to manipulate FAT filesystems, in order to explore, extract, repair, recover and forensic them. It currently supports FAT12, FAT16 and FAT32. Tutorials & examples Building and installing You can build fatcat this way: mkdir build cd build cmake .. make And then install it:...

Apple macOS High Sierra Security Security Bypass Vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple Inc. for Mac computers.Security component is one of the security components. A security bypass vulnerability exists in the Security component of Apple macOS High Sierra versions prior to 10.13. An attacker can exploit th...

Downloading and analyzing NVD CVE feed

In previous post "New National Vulnerability Database visualizations and feeds" I mentioned JSON NVD feed. Let's see what data it contains, how to download and analyse it. First of all, we need to download all files with CVEs from NVD database and save them to some directory. Unfortunately, there...

Multiple Thales nShield Connect Hardware Privilege Access Control Vulnerabilities

Thales nShield Connect hardware models 500 and others are networked HSM Hardware Security Module devices from Thales e-Security, USA. A security vulnerability exists in several models of Thales nShield Connect hardware. An attacker in close physical proximity could exploit this vulnerability to...

BSA-2017-380

Security Advisory ID : BSA-2017-380 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension. Affected Products Brocade is...