CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

UBUNTU-CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

CVE-2018-7570

CVE-2018-7570 affects GNU Binutils’ BFD library (libbfd) in Binutils 2.30, where assign_file_positions_for_non_load_sections in elf.c can cause a NULL pointer dereference/DoS when processing an ELF with a RELRO segment lacking a matching LOAD. Exploitation details are not provided in the document...

PT-2018-1904 · Qemu +5 · Qemu +5

Name of the Vulnerable Software and Affected Versions: Qemu affected versions not specified Description: The issue is related to the load multiboot function in Qemu, which can lead to an out-of-bounds read or write memory access when using multiboot. This can allow an attacker to execute arbitrar...

sam2p heap buffer overflow vulnerability (CNVD-2018-04649)

sam2p is a command-line utility that can convert many raster bitmap image formats such as GIF, JPG/JPEG and PNG to PostScript or PDF files. A heap buffer overflow vulnerability exists in the pcxLoadRaster function of inpcx.cpp in sam2p 0.49.4. An attacker can exploit this vulnerability via...

sam2p heap buffer overflow vulnerability (CNVD-2018-06417)

sam2p is a command-line utility that can convert many raster bitmap image formats such as GIF, JPG/JPEG and PNG to PostScript or PDF files. A heap buffer overflow vulnerability exists in the LoadPCX function of inpcx.cpp in sam2p 0.49.4. An attacker can exploit this vulnerability via specially...

Pdfium - Pattern Shading Integer Overflows

This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp rely on a helper function to compute the numb...

Coalition, Inc.: No authentication on email address for password reset functionality/ https://platform.thecoalition.com/forgot-password

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! Summary: It was observed that the forgo...

Remote Code Execution (RCE)

Superset is vulnerable to remote code execution RCE attacks. The application uses the unsafe yaml.load function, allowing a malicious user to inject and execute arbitrary code through a .yml file...

CVE-2018-1221: Gorouter websocket handling vulnerability | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions cf-deployment All versions prior to 1.14.0 routing-release All versions prior to 0.172.0 Description The Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers ALBs and...

PT-2018-2766 · Apache +5 · Apache Tomcat +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.0 through 7.0.84 Apache Tomcat versions 8.0.0.RC1 through 8.0.49 Apache Tomcat versions 8.5.0 through 8.5.27 Apache Tomcat versions 9.0.0.M1 through 9.0.4 Description: The issue is related to security constraints...

irssi/theme-load-fuzz: Heap-buffer-overflow in theme_format_expand_abstract

Project: https://github.com/irssi/irssi.git Detailed report: https://oss-fuzz.com/testcase?key=5860683188011008 Project: irssi Fuzzer: aflirssitheme-load-fuzz Fuzz target binary: theme-load-fuzz Job Type: aflasanirssi Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

irssi/theme-load-fuzz: Heap-buffer-overflow in theme_format_expand_abstract

Project: https://github.com/irssi/irssi.git Detailed report: https://oss-fuzz.com/testcase?key=5060418910289920 Project: irssi Fuzzer: aflirssitheme-load-fuzz Fuzz target binary: theme-load-fuzz Job Type: aflasanirssi Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

VMware Virtual Appliance updates address side-channel analysis due to speculative execution

a. VMware Virtual Appliance Mitigations for Bounds-Check bypass Spectre-1, and Rogue data cache load issues Meltdown CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to at worst arbitrary virtual memory read vulnerabilities across...

web2py Arbitrary Code Execution Vulnerability

web2py is a set of open source Web framework written in Python , it supports the rapid development of database-driven Web-based applications . A security vulnerability exists in the 'secureload' function of the gluon/utils.py file in versions of web2py prior to 2.14.2, which stems from the...

WordPress Core - 'load-scripts.php' Denial of Service(CVE-2018-6389)

According to wordpress.com, the WordPress platform powers 29% of the worldwide internet websites. In this article I am going to explain how Denial of Service can easily be caused to almost any WordPress website online, and how you can patch your WordPress website in order to avoid this...

CVE-2018-6389 WordPress Parameter Resource Consumption Remote DoS

Yesterday Monday, February 5, 2018, a zero-day vulnerability in WordPress core was disclosed, which allows an attacker to perform a denial of service DoS attack against a vulnerable application. The vulnerability exists in the modules used to load JS and CSS files. These modules were designed to...

DEBIAN-CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...