CVE-2019-13224

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

Spyse.Py - Python API Wrapper And Command-Line Client For The Tools Hosted On Spyse.Com

Python API wrapper and command-line client for the tools hosted on spyse.com. "Spyse is a developer of complete DAAS Data-As-A-Service solutions for Internet security professionals, corporate and remote system administrators, SSL / TLS encryption certificate providers, data centers and business...

Aerotech Npaq 6U Servo Drives Detection

Binary data 763925.prm...

Firefox Send — Free Encrypted File Transfer Service Now Available For All

Mozilla has made it easy for you to share large files securely and privately with whomever you want, eliminating the need to depend upon less secure free third-party services or file upload tools that burn a hole in your pocket. Mozilla has finally launched its free, end-to-end encrypted...

October 18, 2018—KB4462921 (Preview of Monthly Rollup)

October 18, 2018—KB4462921 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4462926 released October 9, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses th...

CVE-2018-12401

Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...

CVE-2018-12401

CVE-2018-12401 affects Mozilla Firefox prior to 63.0. The vulnerability is triggered by loading certain special resource URIs with optional parameters after a ‘?’, causing a non-exploitable crash and potential denial of service. No exploitation details are provided in the documents beyond this cr...

runc security update

1.0.0-19.rc5.git4bb1fe4.0.3.el7 - Apply patch for CVE-2019-5736 Wiekus Beukes 1.0.0-19.rc5.git4bb1fe4.0.2.el7 - update Go version to 1.10.8, fix version string Laszlo Laca Peter 1.0.0-19.rc5.git4bb1fe4.0.1.el7 - Tuning .spec file 2:1.0.0-19.rc5.git4bb1fe4 - release v1.0.0rc5...

[SECURITY] Fedora 28 Update: php-horde-Horde-Image-2.5.4-1.fc28

An Image utility API, with backends for: GD GIF PNG SVG SWF ImageMagick convert command line tool Imagick Extension Optional dependency: php-pecl-imagick...

SQLite report about CVE-2019-19959

Malicious SQL statement causes a NULL pointer dereference in the Zipfile virtual table extension and denial-of-service. This is only possible when the optional Zipfile virtual table extension is deployed, which is not the case in default builds. details...

Certificate Based Authentication on Gateway Insight

With Client Authentication enabled on an SSL virtual server, the NetScaler appliance asks for the Client Certificate during the SSL handshake. The appliance checks the certificate presented by the client for normal constraints, such as the issuer signature and expiration date. Here are some use...

October 18, 2018—KB4463105 (Preview of Monthly Rollup)

October 18, 2018—KB4463105 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4463097 released October 9, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...

November 27, 2018—KB4467687 (Preview of Monthly Rollup)

November 27, 2018—KB4467687 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4467706 released November 13, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses...

Lynis 2.7.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20721)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the way the JavaScript engine in Foxit PDF Reader handles Optional Content Groups. A remote attacker...

September 20, 2018—KB4458315 (Preview of Monthly Rollup)

September 20, 2018—KB4458315 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4458010 released September 11, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: No...

Foxit Reader for Windows Memory Misreference Vulnerability (CNVD-2018-20654)

Foxit Reader for Windows is China's Foxit Foxit Software Corporation, a Windows-based platform for PDF document reader. A memory misreference vulnerability exists in the handling of OCG objects in Foxit Reader 9.2.0.9297 and earlier versions for Windows platforms, where the program fails to detec...

Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...

ZDResearch Advanced Web Hacking Training 2018 – Learn Online

Are you looking to master web hacking? Interested in a bug-hunting career? Do you want to land a job in cybersecurity? Are you already working as a security engineer, but want to further advance or refine your skills? If yes, read on. ZDResearch Advanced Web Hacking AWH course, including optional...

August 15, 2017—KB4034659 (Preview of Monthly Rollup)

August 15, 2017—KB4034659 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4034665 released August 8, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addressed an...