Toshiba VFS15S-2002PL-W1 ASD Drive Detection

Binary data 757970.prm...

Toshiba VFS15S-2004PL-W1 ASD Drive Detection

Binary data 757971.prm...

CVE-2018-11803

Subversion's moddavsvn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation...

[SECURITY] Fedora 28 Update: beep-1.3-26.fc28

Beep allows the user to control the PC speaker with precision, allowing different sounds to indicate different events. While it can be run quite happily on the command line, its intended place of residence is within shell/Perl scripts, notifying the user when something interesting occurs. Of...

CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

CVE-2017-18013

In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tifprint.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash...

CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...

CVE-2017-10688

In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tifdirwrite.c. A crafted input will lead to a remote denial of service attack...

CVE-2017-9404

In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tifojpeg.c, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9403

In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tifdirread.c, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

Terror Exploit Kit Evolves Into Larger Threat

The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...

CVE-2017-7597

tifdirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

CVE-2017-7595

The JPEGSetupEncode function in tiffjpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image...

Verizon to pre-install a 'Spyware' app on its Android phones to collect user data

If the death of online privacy rules wasn't enough for Internet Service Providers and advertisers to celebrate, Verizon has planned to pre-install spyware on customers' Android devices in order to collect their personal data. The telecom giant has partnered with Evie Launcher to bring a new...

CVE-2016-10269

LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted TIFF image, related to "READ of...

Sounds fun

I played with the web audio API for the first time recently, so I thought I'd write up what I learned. I think that's my job or something. Playing a sound The simplest demonstrable thing we can do with web audio is "play a sound". But to do that, we first we need to load & decode something: // Th...

CVE-2016-3658

The TIFFWriteDirectoryTagLongLong8Array function in tifdirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors involving the ma variable...

Google Plans to End Chrome for 32-bit Linux, Releases Chrome 47

Google announced this week it will end Chrome support for older, 32-bit Linux distributions early next year and will maintain the browser on more popular distributions of the software. Specifically Google plans to stop pushing updates and security fixes to those running Chrome on 32-bit Linux,...

Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpess Simple Photo Gallery Blind SQL Injection Date: 12-05-2015 Exploit Author: woodspeed Vendor Homepage: https://wordpress.org/plugins/simple-photo-gallery/ Version: 1.7.8 Tested on: Apache 2.2.22, PHP 5.3.10 OSVDB ID :...