libreoffice: Heap-buffer-overflow in MakePreview

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5385827211280384 Project: libreoffice Fuzzer: libFuzzerlibreofficeepsfuzzer Fuzz target binary: epsfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type...

[SECURITY] Fedora 24 Update: ikiwiki-3.20170111-1.fc24

Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins...

libreoffice: Crash in WinMtfOutput::DrawText

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6116030539628544 Project: libreoffice Fuzzer: libFuzzerlibreofficewmffuzzer Fuzz target binary: wmffuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type...

Commix 1.6 - Automated All-In-One OS Command Injection And Exploitation Tool

Commix short for comm and i njection e x ploiter is an automated tool written by Anastasios Stasinopoulos @ancst that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities...

openSUSE Security Update : libgit2 (openSUSE-2016-1450)

libgit2 was updated to fix two security issues. These security issues were fixed : - CVE-2016-8568: Read out-of-bounds in gitoidnfmt bsc1003810. - CVE-2016-8569: DoS caused by a NULL pointer dereference in gitcommitmessage bsc1003810. This update was imported from the SUSE:SLE-12-SP2:Update updat...

Git < 2.0 Privilege Escalation Vulnerability - Windows

Git is prone to a privilege escalation vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Design/Logic Flaw

Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. NOTE: 2.x is unaffected...

CVE-2016-9274

CVE-2016-9274 : In Git for Windows 1.x, an untrusted search path vulnerability allows local privilege escalation via a Trojan horse git.exe in the current working directory. The issue affects Git for Windows 1.x; Git 2.x is not affected. The root cause is the ability to execute a malicious git.ex...

CVE-2016-9274

Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. NOTE: 2.x is unaffected...

What the Fuzz: Radamsa

What the Fuzz: Radamsa Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestingly different outputs...

[SECURITY] Fedora 23 Update: libgit2-0.23.4-2.fc23

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

[SECURITY] Fedora 25 Update: libgit2-0.24.2-2.fc25

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

Spade - Android APK Backdoor Embedder

Quick and handy APK backdoor embedder with metasploit android payloads. Requirements metasploit Installation and execution Then you can download smap by cloning the Git repository: git clone https://github.com/suraj-root/spade.git cd spade/ ./spade.py Demo video Video YouTube: Download Spade...

Raptor Web Application Firewall

Raptor Web Application Firewall Raptor Web Application Firewall is a simple web application firewall made in C, using KISS principle , to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path...

libenom - Make Fast and Easy Payloads with MSFvenom

Libenom is a tool created for make more easy and fast the creation of payloads with MSFvenom and get all the data generated ordered. Requirements A linux distribution for pentesting or Ubuntu, Debian, Mint Recommended Kali Linux 2.0 sana or 2016.1 rolling, Parrot OS, Blackarch, Dracos ,Lionsec...

Manalyze - A static analyzer for PE executables

Manalyzer is a free service which performs static analysis on PE executables to detect undesirable behavior. A static analyzer for PE files Manalyze was written in C++ for Windows and Linux and is released under the terms of the GPLv3 license . It is a robust parser for PE files with a flexible...

CVE-2016-2865

The GIT Integration component in IBM Rational Team Concert RTC 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 and Rational Collaborative Lifecycle Management 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 allows remote authenticated users to obtain sensitive information via a malformed...

File Traversal Protection Bypass on Error Reporting

PMASA-2016-15 Announcement-ID: PMASA-2016-15 Date: 2016-05-25 Updated: 2016-05-26 Summary File Traversal Protection Bypass on Error Reporting Description A specially crafted payload could result in the error reporting component exposing whether an arbitrary file exists on the file system and the...

Updated mercurial packages fix security vulnerability

This update fixes possible arbitrary code execution when converting Git repos. Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This...

Amazon Linux: Security Advisory (ALAS-2016-697)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...