27 matches found
Uncaught Exception
Overview Affected versions of this package are vulnerable to Uncaught Exception in the preview component when processing input with an extra command line argument such as -pp. An attacker can cause the application to crash by providing crafted input that triggers an integer overflow, leading to t...
EUVD-2019-3157
Malware in sbrugna...
ReDoS in giskard's transformation.py (GHSL-2024-324)
ReDoS in Giskard text perturbation detector A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation...
GHSA-PJWM-CR36-MWV3 ReDoS in giskard's transformation.py (GHSL-2024-324)
ReDoS in Giskard text perturbation detector A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation...
Exploit for Incorrect Authorization in Polkit_Project Polkit
XDR-LabSetup.sh Description This program is used in conjun...
Cross-site Scripting in CKEditor4
Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing...
GHSA-4FC4-4P5G-6W89 Cross-site Scripting in CKEditor4
Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing...
Updated glib2.0 packages fix security vulnerabilities
Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2021-27218. Kevin Backhouse discovered that GLib incorrect...
Exploit for Incorrect Authorization in Polkit_Project Polkit
Polkit-exploit - CVE-2021-3560 Privilege escalation with polki...
Exploit for Incorrect Authorization in Polkit_Project Polkit
polkadots CVE-2021-3560 Local PrivEsc Exploit This e...
Ubuntu: Security Advisory (USN-4980-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4667-1 apt vulnerability
Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Aptdaemon vulnerabilities (USN-4664-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4664-1 advisory. Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test f...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Apport regression (USN-4171-6)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4171-6 advisory. USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the proble...
Ubuntu: Security Advisory (USN-4398-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-11484
Kevin Backhouse discovered an integer overflow in bsonensurespace, as used in whoopsie...
Integer overflow
Kevin Backhouse discovered an integer overflow in bsonensurespace, as used in whoopsie...
CVE-2019-11484
CVE-2019-11484 : An integer overflow in bson_ensure_space, as used by the Ubuntu/Whoopsie component, could allow a local attacker to cause denial of service, or potentially execute code or leak information when sending crash reports. Public documentation consistently ties the issue to Ubuntu’s wh...
SockPuppet: A Walkthrough of a Kernel Exploit for iOS 12.4
Posted by Ned Williamson, 20% on Project Zero Introduction I have a somewhat unique opportunity in this writeup to highlight my experience as an iOS research newcomer. Many high quality iOS kernel exploitation writeups have been published, but those often feature weaker initial primitives combine...
Ubuntu 16.04 LTS / 18.04 LTS : Apport vulnerabilities (USN-4171-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4171-1 advisory. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to...