Pdfium - Pattern Shading Integer Overflows

Pdfium - Pattern Shading Integer Overflows This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp re...

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Exploit

Exploit for multiple platform in category dos / poc Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds reads when rendering usin...

Pdfium - Pattern Shading Integer Overflows Exploit

Exploit for multiple platform in category dos / poc This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in...

Pdfium - Pattern Shading Integer Overflows

This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp rely on a helper function to compute the numb...

Fixed in Apache Tomcat 7.0.85

Important: Security constraint annotations applied too late CVE-2018-1305 Security constraints defined by annotations of Servlets were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was...

Fixed in Apache Tomcat 8.0.50

Important: Security constraint annotations applied too late CVE-2018-1305 Security constraints defined by annotations of Servlets were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was...

sewing.patternreview.com XSS vulnerability

Open Bug Bounty ID: OBB-557432 Description| Value ---|--- Affected Website:| sewing.patternreview.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Fixed in Apache Tomcat 9.0.5

Important: Security constraint annotations applied too late CVE-2018-1305 Security constraints defined by annotations of Servlets were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was...

PT-2018-2767 · Apache +5 · Apache Tomcat +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 9.0.0.M1 through 9.0.4 Apache Tomcat versions 8.5.0 through 8.5.27 Apache Tomcat versions 8.0.0.RC1 through 8.0.49 Apache Tomcat versions 7.0.0 through 7.0.84 Description: The issue arises from the incorrect handling of...

FuzzerLocal

This is yet a simple fuzzer written in Python that bruteforce a local binary using a De Bruijn pattern and xRand to trigger Segmentation faults, also it tries to guess the arguments using an Alphabet and Random list. Fuzzer Author: Juan Sacco Date and time: 18 Jan 2018 import argparse import os...

Fedora 27 : LibRaw (2017-f04296e37e)

Patch for CVE-2017-14348 ---- Fix for possible heap overrun in Canon makernotes parser Fix for CVE-2017-13735 CVE-2017-14265: Additional check for X-Trans CFA pattern data ---- LibRaw 0.18.3 Fix for CVE-2017-13735 Additional checks for X-Trans CFA pattern data ---- Patch for CVE-2017-13735. Note...

CVE-2018-5667

An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnuusernamevalidationpattern parameter...

Multiple CPUs - Information Leak Using Speculative Execution

Multiple CPUs - Information Leak Using Speculative Execution == INTRODUCTION == This is a bug report about a CPU security issue that affects processors by Intel, AMD and to some extent ARM. I have written a PoC for this issue that, when executed in userspace on an Intel Xeon CPU E5-1650 v3 machin...

Multiple CPUs - Information Leak Using Speculative Execution Exploit

Exploit for hardware platform in category dos / poc == INTRODUCTION == This is a bug report about a CPU security issue that affects processors by Intel, AMD and to some extent ARM. I have written a PoC for this issue that, when executed in userspace on an Intel Xeon CPU E5-1650 v3 machine with a...

DEBIAN-CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

UBUNTU-CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c...

CVE-2018-5210

On Samsung mobile devices with N7.x software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information PIN, password, or pattern. The Samsung ID is SVE-2017-10733...

Security Advisory - Arbitrary Lock Pattern Change Vulnerability in Huawei HiWallet APP

Huawei HiWallet App has an arbitrary lock pattern change vulnerability. It needs to verify the user's Huawei ID during lock pattern change. An attacker with root privilege who gets a user's smart phone may bypass Huawei ID verification by special operation. Successful exploit of this vulnerabilit...