CVE-2019-6477

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to...

Centova Cast 3.2.12 Denial Of Service

Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100%...

Centova Cast 3.2.12 - Denial of Service (PoC)

Centova Cast 3.2.12 - Denial of Service PoC Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova...

Centova Cast 3.2.12 - Denial of Service Exploit

Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100% CPU load on all...

Centova Cast 3.2.12 - Denial of Service (PoC)

Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100%...

LY Corporation: Request smuggling on admin-official.line.me could lead to account takeover

The reporter identified a request smuggling issue on admin-official.line.me TE.CL-type. The reporter clearly illustrated the impact without putting our users at risk or affecting the stability of our service. For this we would like to thank @shaolintw! This issue was the result of how our load...

The vulnerability of the multires_load_old_dm component in the software suite for creating 3D computer graphics in Blender allows a hacker to execute arbitrary code.

The vulnerability of the multiresloadolddm component in the software suite used for creating 3D computer graphics in Blender is due to a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created blend file...

Alibaba's Singles' Day Set Sales Records: Reinforces Mobile Optimization Lessons for All Retailers

On its 20th anniversary, Singles' Day 11 November, a popular Chinese shopping day meant to celebrate the status of those who are single, set a new one-day record of $38 billion in sales, a 26% increase over 2018 $30.7 billion, according to multiple media reports. However, according to Akamai data...

Heap overflow

In loadloggingconfig of qmivsservice.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs

Zombieload is back. This time a new variant v2 of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants RIDL and Fallout. Initially...

EulerOS 2.0 SP5 : libvirt (EulerOS-SA-2019-2210)

According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...

numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution

An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...

nodejs: Denial of Service with large HTTP headers

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

webkitgtk: Incorrect state management leading to universal cross-site scripting

A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously...

numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution

An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...

The vulnerability of the monitor for distributing electrical loads in Rockwell Automation’s Allen-Bradley PowerMonitor 1000, related to deficiencies in the verification of data entered by users, allows a intruder to gain access to the device.

The vulnerability of the Rockwell Automation Allen-Bradley PowerMonitor 1000 in terms of electrical load distribution is related to deficiencies in data validation by users. Exploiting this vulnerability allows a malicious actor to execute XSS attacks and gain access to the device...

The vulnerability of the Amphora load balancer software programs for OpenStack Octavia allows a hacker to gain access to protected information or execute arbitrary commands.

The vulnerability of the Amphora load balancer software for OpenStack Octavia relates to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain access to protected information or execute arbitrary commands by sending specially crafted HTTP...

CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

Amazon Linux 2 : http-parser (ALAS-2019-1322)

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

Amazon Linux 2 : java-11-openjdk (ALAS-2019-1338) (Spectre)

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...