CVE-2017-17319

Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application,...

CVE-2017-17319

Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application,...

Security Advisory - Information Disclosure Vulnerability on Huawei Smartphones

There is an information disclosure vulnerability on Huawei smartphones. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel...

DEBIAN-CVE-2017-18193

fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...

DEBIAN-CVE-2018-1000030

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are...

QuarkslaB Dynamic binary Instrumentation: QBDI

QuarkslaB Dynamic binary Instrumentation QBDI is a modular, cross-platform and cross-architecture DBI framework. It aims to support Linux, macOS, Android, iOS and Windows operating systems running on x86, x86-64, ARM and AArch64 architectures. Information about what is a DBI framework and how QBD...

Scientific Linux Security Update : sssd on SL7.x x86_64 (20171205)

Security Fixes : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use thi...

PT-2017-17012 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.9.13 Description: A race condition exists in the Linux kernel, specifically in the net/packet/af packet.c file, which can be exploited by local users through a multithreaded application that makes PACKET FANOU...

DEBIAN-CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

CVE-2014-9914

Summary of CVE-2014-9914 (Linux kernel) : A race condition in ip4_datagram_release_cb within net/ipv4/datagram.c (kernel before 3.15.2) can be exploited by a local user to gain privileges or cause a denial of service (use-after-free) due to incorrect locking assumptions during multithreaded IPv4 ...

CVE-2016-8605

CVE-2016-8605 affects GNU Guile: the mkdir path temporarily changes the process umask to 0, allowing a race in multithreaded apps to create files with insecure permissions (e.g., 0777) in affected versions prior to Guile 2.0.13; remediation is upgrading to Guile 2.0.13 or later. Related CVE-2016-...

Xitami Web Server 5.0a0 - Denial of Service

Xitami Web Server 5.0a0 - Denial of Service !/usr/bin/env python X5 Webserver 5.0 Remote Denial Of Service Exploit Vendor: iMatrix Product web page: http://www.xitami.com Affected version: 5.0a0 Summary: X5 is the latest generation web server from iMatix Corporation. The Xitami product line...

OpenDoor - OWASP Directory Access Scanner

This application scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application. This software is written for informational purposes and is an open source product under the GPL license...

OWASP Directory Access scanner

OWASP Directory Access scanner This application scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application. This software is written for informational purposes and is an open source...

Xplico v1.1.1 - Open Source Network Forensic Analysis Tool (NFAT)

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

Wordbrutepress - Wordpress Brute Force Multithreading with Standard and XML-RPC Login Method

Wordpress Brute Force Multithreading with standard and xml-rpc login method written in python. Features: 1. Multithreading 2. xml-rpc brute force mode 3. http and https protocols support 4. Random User Agent 5. Big wordlist support Usage: Standard login request: python wordbrutepress.py -S -t...

Network Forensic Analysis Tool: Xplico

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

OpenSSL 'ssl3_get_new_session_ticket()' memory misreference vulnerability

OpenSSL is an open source SSL implementation used to implement strong encryption for network communications. A two-time memory misreference error vulnerability in OpenSSL ssl3getnewsessionticket allows a remote server to return a specially crafted NewSessionTicket message to connect to a...

Maligno v2.0 - Metasploit Payload Server

Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...

Hash Manager - Recovering passwords to hashes

The software is designed for recovering passwords to hashes, and it features the following: Supports over 330 hashing algorithms. Contains over 50 additional utilities for handling hashes, passwords, and dictionaries. Unlimited loadable hashes, dictionaries, rules, and masks. Multithreading. 64...