Code injection

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated with a debug probe via the Instruction Tightly Coupled Memory ITCM bus...

CVE-2019-14238

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated with a debug probe via the Instruction Tightly Coupled Memory ITCM bus...

CVE-2019-14238

On STMicroelectronics STM32F7 devices, the Proprietary Code Read Out Protection (PCROP) can be defeated by a debug probe through the ITCM bus, exposing the software IP protection mechanism. Affected component: PCROP in STM32F7. Root cause: PCROP can be bypassed via a debug interface to the ITCM p...

SKA - Simple Karma Attack

SKA allows you to implement a very simple and fast karma attack. You can sniff probe requests to choice the fake AP name or, if you want, you could insert manually the name of the AP evil twin attack. When the target has connected to your WLAN you could active the HTTP redirection and perform a...

Security Bulletin: A vulnerability has been identified in Apache Camel shipped with IBM Tivoli Netcool/OMNIbus Probe DSL Factory Framework (CVE-2019-0194)

Summary Apache Camel is shipped as a component of IBM Tivoli Netcool/OMNIbus Probe DSL Factory Framework. Information about security vulnerabilities affecting Apache Camel has been published. The Netcool/OMNIbus Probe DSL Factory Framework is a dependency of the following Netcool/OMNIbus...

Sudomy - Subdomain Enumeration & Analysis

Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way. Features For recent time,Sudomy has these 9 features: Easy, light, fast and powerful. Bash script is available by default in almost all Linux distributions...

Linux kernel null pointer dereference vulnerability (CNVD-2019-32359)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A null pointer dereference vulnerability exists in the flexcopusbprobe function in the...

DEBIAN-CVE-2019-15291

An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...

UBUNTU-CVE-2019-15291

An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...

ALPINE-CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use...

CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use...

The vulnerabilities of Cisco FindIT Network Management and Cisco FindIT Network Probe, which are used for configuring and controlling wired and wireless networks, allow attackers to increase their privileges.

The vulnerability of virtual machine systems for Cisco FindIT Network Management and Cisco FindIT Network Probe involves the use of pre-installed credentials. Exploiting this vulnerability can allow attackers to gain increased privileges...

ZZZCMS V1.7.2 version of the background of the existence of arbitrary file reading vulnerability

zzcms is a free and open source building system, mainly facing the majority of webmasters to use. ZZZCMS V1.7.2 there are arbitrary file reading vulnerabilities in the background. An attacker can exploit the vulnerability to read arbitrary files and conduct intranet probes...

CVE-2019-1919

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

Design/Logic Flaw

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

Semrush: SSRF In Get Video Contents

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: A SSRF In Get...

Facebook to Pay $5 Billion Fine to Settle FTC Privacy Investigation

After months of negotiations, the United States Federal Trade Commission FTC has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal. The settlement will put an end to a wide-ranging probe that began more than a year ago and...

libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API

It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of...

libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an...

EulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1676)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of 'Just in...