17000 matches found
CVE-2019-1010024
CVE-2019-1010024 affects GNU Libc (glibc). The description in the initial document states a mitigation bypass with the impact that an attacker may bypass ASLR by leveraging the cache of thread stack and heap. Upstream and some vendor notes indicate this is treated as a non-security bug and not a ...
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
CVE-2019-1010022
CVE-2019-1010022: GNU Libc nptl has a stack guard bypass via a stack-buffer vulnerability. The description notes attackers could bypass stack guard protections by exploiting a stack overflow in the attack vector, with upstream comments claiming this is treated as a non-security bug and “no real t...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
PT-2019-11440 · Gnu +1 · Glibc +1
Name of the Vulnerable Software and Affected Versions: GNU Libc affected versions not specified Description: The issue is related to a mitigation bypass, where an attacker may bypass ASLR using the cache of thread stack and heap. The component affected is glibc. It is noted that upstream comments...
PT-2019-11439
Name of the Vulnerable Software and Affected Versions: GNU Libc affected versions not specified Description: The issue is related to a mitigation bypass in the nptl component, allowing an attacker to bypass stack guard protection. This can be exploited by using a stack buffer overflow vulnerabili...
PT-2019-11441 · Gnu +1 · Glibc +1
Name of the Vulnerable Software and Affected Versions: glibc affected versions not specified Description: The issue concerns a mitigation bypass in glibc, allowing an attacker to potentially guess the heap addresses of pthread-created threads. The vendor's stance is that ASLR bypass itself is not...
Sahi Pro 8.0.0 - Remote Command Execution Exploit
Exploit for java platform in category web applications Exploit Title: Sahi Pro V8.0.0 - Unauthenticated Remote Command Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://sahipro.com Software Link:...
Fedora Update for kernel-headers FEDORA-2019-69c132b061
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)
/ ;Category: Shellcode ;Title: GNU/Linux x86 - execve /bin/sh using JMP-CALL-POP technique 21 bytes ;Author: kiriknik ;Date: 01/07/2019 ;Architecture: Linux x86 =========== Asm Source =========== global start section .text start: jmp short callshellcode shellcode: pop ebx xor eax,eax mov al, 11 i...
Moodle <= 3.1.17, 3.4.x <= 3.4.8, 3.5.x <= 3.5.5, 3.6.x <= 3.6.3 Multiple Vulnerabilities
Moodle is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation;...
Fedora Update for pdns FEDORA-2019-2ed768623e
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-13050
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...
UBUNTU-CVE-2019-13050
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...
wget2/wget_options_fuzzer: Stack-buffer-overflow in _compare_tag
Project: https://gitlab.com/gnuwget/wget2.git Detailed report: https://oss-fuzz.com/testcase?key=5670699290591232 Project: wget2 Fuzzer: libFuzzerwget2wgetoptionsfuzzer Fuzz target binary: wgetoptionsfuzzer Job Type: libfuzzerasanwget2 Platform Id: linux Crash Type: Stack-buffer-overflow READ 8...
GNU Binutils Heap Buffer Overflow Vulnerability (CNVD-2019-22404)
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A heap buffer overflow vulnerability exists in bfddoprnt in bfd.c in the Binary File Descriptor BFD library used in GNU Binutils 2.32. The...
EulerOS 2.0 SP8 : binutils (EulerOS-SA-2019-1642)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access...