12 matches found
Agentic Fuzzing: Opportunities and Challenges
Fuzzers and static analyzers find many bugs but struggle with logic bugs in mature codebases. Triggering such a bug often requires multi-step reasoning that produces no distinctive execution feedback, and variants can appear across implementations too different for a single pattern to match. Rece...
AFL-ICP: Enhancing Industrial Control Protocol Reliability Via Specification-Guided Fuzzing
Industrial Control Protocols ICPs are critical to the reliability and stability of industrial infrastructure, yet their security is fundamentally compromised by a specification-blindness bottleneck. Modern fuzzers, constrained by observation-driven inference, struggle to penetrate deep protocol...
How a top bug bounty researcher got their start in security
As we kick off Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to spotlight one of the top performing security researchers who participates in the GitHub Security Bug Bounty Program, @xiridium! GitHub is dedicated to maintaining the security and reliability of the code that...
ROS-20241209-02
A vulnerability in some IntelR TDX modules is related to improper input validation. Exploitation of the vulnerability could allow a privileged attacker to potentially escalate privileges through local access. Vulnerability related to processor instruction sequencing causes unexpected behavior on...
CVE-2024-47177
...
ROS-20240708-01
Vulnerability in the HTTP/2 network protocol implementation of the cURL command line utility is related to memory release errors. memory freeing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the cURL command line...
Google Project Zero Detects a Record Number of Zero-Day Exploits in 2021
Google Project Zero called 2021 a "record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year. The development marks more than a two-fold jump from the previous maximum when 28 0-day exploits were tracked in 2015. In contrast, onl...
SQLancer - Detecting Logic Bugs In DBMS
SQLancer Synthesized Query Lancer is a tool to automatically test Database Management Systems DBMS in order to find logic bugs in their implementation. We refer to logic bugs as those bugs that cause the DBMS to fetch an incorrect result set e.g., by omitting a record. SQLancer operates in the...
Apple macOS Sierra 10.12.1 - physmem Local Privilege Escalation
Apple macOS Sierra 10.12.1 - physmem Local Privilege Escalation physmem physmem is a physical memory inspection tool and local privilege escalation targeting macOS up through 10.12.1. It exploits either CVE-2016-1825 or CVE-2016-7617 depending on the deployment target. These two vulnerabilities a...
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit
Exploit for linux platform in category local exploits Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14. The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950. An additional problem where...
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14. The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950. An additional problem where arbitrary commands can be called with the “Relaunch”...
White Wolf Labs #080826-1: Kyocera Mita Scanner File Utility (Multiple)
White Wolf Labs 080826-1: Kyocera Mita Scanner File Utility Multiple Product: Kyocera Mita Scanner File Utility 3.3.0.1 Platform: NA Requirements: NA Credits: Seth Fogie White Wolf Security http://www.whitewolfsecurity.com August 26, 2008 Risk Level: High - Unauthorized document upload / File...