Apple macOS High Sierra Security Security Bypass Vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple Inc. for Mac computers.Security component is one of the security components. A security bypass vulnerability exists in the Security component of Apple macOS High Sierra versions prior to 10.13. An attacker can exploit th...

Downloading and analyzing NVD CVE feed

In previous post "New National Vulnerability Database visualizations and feeds" I mentioned JSON NVD feed. Let's see what data it contains, how to download and analyse it. First of all, we need to download all files with CVEs from NVD database and save them to some directory. Unfortunately, there...

Multiple Thales nShield Connect Hardware Privilege Access Control Vulnerabilities

Thales nShield Connect hardware models 500 and others are networked HSM Hardware Security Module devices from Thales e-Security, USA. A security vulnerability exists in several models of Thales nShield Connect hardware. An attacker in close physical proximity could exploit this vulnerability to...

BSA-2017-380

Security Advisory ID : BSA-2017-380 Component : OpenVPN Revision : 1.0: Interim OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension. Affected Products Brocade is...

eapmd5pass 'extract_eapusername' function denial of service vulnerability

eapmd5pass is a penetration testing tool for attacks against the EAP-MD5 protocol. A security vulnerability exists in the 'extracteapusername' function in eapmd5pass version 1.4. A remote attacker can exploit this vulnerability by generating specially crafted network traffic to cause the eapmd5pa...

ALPINE-CVE-2017-11108

tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...

DEBIAN-CVE-2017-11108

tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...

CVE-2017-11100

When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swfFoldSprite function in lib/rxfswf.c...

DEBIAN-CVE-2017-7521

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension...

UBUNTU-CVE-2017-7521

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension...

Installer of CASL II simulator(self-extract format) may insecurely load Dynamic Link Libraries

Overview Installer of CASL II simulatorself-extract format provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this...

UBUNTU-CVE-2016-10377

In Open vSwitch OvS 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in lib/flow.c in the function miniflowextract, permitting remote bypass of the access control list enforced by the switch...

DEBIAN-CVE-2016-10377

In Open vSwitch OvS 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in lib/flow.c in the function miniflowextract, permitting remote bypass of the access control list enforced by the switch...

CVE-2017-8932

A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could possibly use this flaw to extract private keys when static ECDH was used...

CVE-2016-4313

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. dot dot in an archive file...

CVE-2016-4313

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. dot dot in an archive file...

CVE-2016-4313

CVE-2016-4313 affects eXtplorer 2.1.9 (and earlier) in the unzip/extract feature, enabling directory traversal and arbitrary file writes via crafted archives containing "../". Affected component is the unzip/extract functionality; root cause is path traversal in archive extraction. Reported impac...

icoutils: Buffer overflow in the extract_icons function

A vulnerability was found in icoutils, in the icotool program. An attacker could create a crafted ICO or CUR file that, when read by icotool, could result in memory corruption leading to a crash or potential code execution...

Docker Security Analysis Tools: dockerscan

Docker Security Analysis Tools Currently Docker Scan support these actions: Registry Delete: Delete remote image / tag Info: Show info from remote registry Push: Push and image like Docker client Upload: Upload random a file Image Analyze: Looking for sensitive information in a Docker image...

Design/Logic Flaw

Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page...