29 matches found
CVE-2025-0525
CVE-2025-0525 affects Octopus Server. The issue centers on the Preview Import feature, which can be leveraged to determine whether a specific target file exists, enabling information disclosure that may aid further attacks against the server. The available sources describe the vulnerability as a ...
CVE-2025-0525
In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server...
Low: file security update
The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...
Google Open Sources Magika: AI-Powered File Identification Tool
Google has announced that it's open-sourcing Magika, an artificial intelligence AI-powered tool to identify file types, to help defenders accurately detect binary and textual file types. "Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to...
ghostscript, libgs security update
CentOS Errata and Security Advisory CESA-2019:2281 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
MD5 and SHA-1 Still Used in 2018
Last week, the Scientific Working Group on Digital Evidence published a draft document -- "SWGDE Position on the Use of MD5 and SHA1 Hash Algorithms in Digital and Multimedia Forensics" -- where it accepts the use of MD5 and SHA-1 in digital forensics applications: While SWGDE promotes the adopti...
Open Source IPS: Suricata
Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection IDS, inline intrusion prevention IPS, network security monitoring NSM and offline pcap processing. Suricata inspects the network traffic usi...
[SECURITY] Fedora 26 Update: file-5.30-11.fc26
The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats...
How to Identify the devices representing VHD files from iostat output ?
When measuring i/o performance of a VM, it is necceary to understand the i/o happening at the vdi layer. This article will help in relating the devices in iostat output to corresponding VHD...
Suricata 3.1 - Open Source IDS / IPS / NSM engine
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation OISF. Suricata is developed by the OISF and its supporting vendors. Top 3 Reasons You Should Try Suricat...
CVE-2015-8932
Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...
[SECURITY] Fedora 21 Update: file-5.22-2.fc21
The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats...
[SECURITY] Fedora 20 Update: file-5.19-7.fc20
The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats...
Oracle Linux 6 : file (ELSA-2014-1606)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1606 advisory. - fix CVE-2014-3479 cdfcheckstreamoffset boundary check - fix CVE-2014-3480 cdfcountchain insufficient boundary check - fix CVE-2014-0237...
Moderate: Red Hat Security Advisory: file security and bug fix update
Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
[SECURITY] Fedora 20 Update: file-5.19-1.fc20
The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats...
mount.cifs chdir() Arbitrary root File Identification
No description provided by source...
[Binwalk] Firmware Analysis Tool
Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules. Binwalk supports...
Novell File Reporter NFRAgent.exe VOL tag buffer overflow
Added: 10/12/2012 BID: 55268 OSVDB: 85503 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist...
mount.cifs chdir() Arbitrary root File Identification
Exploit for linux platform in category local exploits Blueliv Advisory 2012-004 - Discovered by: Jesus Olmos Gonzalez at Blueliv - Risk: 5/5 - Impact: 1/5 1. VULNERABILITY ------------------------- linux privileged and arbitrary chdir, this leads to an arbitary file identification as root. 2...