Denial of Service (DoS)

Overview rubygems-update is an inbuilt rubygem for updating rubygems. Affected versions of this package are vulnerable to Denial of Service DoS via the extractfiles function in installer.rb, which does not check whether files exist before overwriting them, which allows user-assisted remote...

AMD Plays.tv 1.27.5.0 - plays_service.exe Arbitrary File Execution Exploit

Exploit for windows platform in category local exploits http://support.amd.com/en-us/download?cmpid=CCCOffline - Click "Automatically Detect - Download Now" Installation Automatically Installs "Raptr, Inc Plays TV Service" OR https://plays.tv/download Target OS: Windows Any Privilege: SYSTEM Type...

CVE-2018-6547

playsservice.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, contains an HTTP message parsing function that takes a user-defined path and writes non-user controlled data as SYSTEM to the file when the extractfiles...

RubyGems: Gem signature forgery

Summary Inconsistencies in how gem processes gem files make it possible to reuse a signature from an existing signed gem and apply it to arbitrary contents. The forged gem will install even with -P HighSecurity. The attached file multijson-1.12.2.gem is a forged version of the genuine...