CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...

CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...

Vulnerability Spotlight: AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability

Piotr Bania of Cisco Talos discovered this vulnerability. Some AMD Radeon cards contain a remote code execution vulnerability in their ATIDXX64.DLL driver. AMD produces the Radeon line of hardware, which includes graphics cards and graphics processing units. This specific vulnerability exists on...

CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...

CVE-2019-16214

Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence which introduces a...

Code injection

Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence which introduces a...

CVE-2019-16214

Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence which introduces a...

CVE-2019-16214

CVE-2019-16214 affects Libra Core prior to 2019-09-03, where an erroneous regular expression for inline comments lets a nonstandard line-break character (\r) appear to terminate a comment in audits, potentially misleading readers about code execution. The Move module author could place // followe...

300 shades of gray: a look into free mobile VPN apps

The times, they are a changin'. When users once felt free to browse the Internet anonymously, post about their innermost lives on social media, and download apps with frivolity, folks are playing things a little closer to the vest these days. Nowadays, users are paying more attention to privacy a...

Microsoft Exchange – Code Execution

Gaining access to the mailbox of a domain user can lead to execution of arbitrary code by utilising the credentials that have been discovered. Various techniques have been discovered by Nick Landers and Etienne Stalmans that involve the abuse of Outlook common functionality in order to execute...

[SECURITY] Fedora 30 Update: wavpack-5.1.0-16.fc30

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

Scalable infrastructure for investigations and incident response

Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to th...

CVE-2019-12385

An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches even guest users can dump any data contained in the database sessions, hashed passwords, etc.. This may lead to a full compromise of...

UBUNTU-CVE-2019-12385

An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches even guest users can dump any data contained in the database sessions, hashed passwords, etc.. This may lead to a full compromise of...

CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

Design/Logic Flaw

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

August 13, 2019—KB4512482 (Security-only update)

August 13, 2019—KB4512482 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Security updates to Windows App Platform and Frameworks, Windows Wireless Networking, Windows Storage and Filesystems, Windows Server, Windows Input and...

Sql injection

In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. This issue is mitigated by the attacker needing permissions to create...

CVE-2019-14748

An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer or no mitigations implemented for file content checks; also, the output is not handled...