Microsoft Edge browser vulnerability, which allows a hacker to gain access to processes in privileged context

The vulnerability of Microsoft Edge relates to improper access to objects in memory. Exploiting this vulnerability can allow a local attacker to gain control over processes from a privileged context...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of NVIDIA’s I2C HID driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

MGASA-2017-0189 Updated docker packages fix security vulnerability

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Microsoft Windows - win32k!NtGdiExtGetObjectW Kernel Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1178 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory in Windows 7-10 through the win32k!NtGdiExtGetObjectW system call accessible...

The vulnerability of the Qualcomm GPU operating system driver for Android allows a hacker to execute arbitrary code.

The vulnerability of the Qualcomm GPU operating system for Android is related to deficiencies in access control. It is necessary to gain access to privileged processes and modify the current platform configuration. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Microsoft Windows - win32k!NtGdiExtGetObjectW Kernel Stack Memory Disclosure

Microsoft Windows - win32k!NtGdiExtGetObjectW Kernel Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1178 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory in Windows 7-10 through the...

pymultitor - Python Multi Threaded Tor Proxy

Did you ever want to be at two different places at the same time? While performing penetration tests there are often problems caused by security devices that block the "attacking" IP. With a large number of IP addresses performing the attacks, better results are guaranteed - especially when...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Android operating system’s audio driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Android operating system’s audio driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of MediaTek’s Android operating system driver-related code is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the kernel context. This issue is considered “high” because it requires compromising...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of MediaTek’s system interrupt driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it...

httpd: DoS vulnerability in mod_auth_digest

It was discovered that the modauthdigest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication...

Samba remote code execution vulnerability(CVE-2017-7494)analysis-vulnerability warning-the black bar safety net

Author: cyg07 && redrain Overview 2017 5 May 24, Samba released a 4. 6. 4 version, in the middle fix a serious remote code execution vulnerability, the vulnerability number CVE-2017-7494, the vulnerability affects Samba 3.5.0 and including 4. 6. 4/4. 5. 10/4. 4. 14 the intermediate version. 360...

The vulnerability of Synaptics’ sensor screen driver in the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Synaptics’ touchscreen display driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious applications on the touchscreen chipset. This issue is considered “highly...

The vulnerability of the Qualcomm Wi-Fi driver for the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Qualcomm Wi-Fi driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the audio driver of Qualcomm’s Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the Qualcomm Android operating system’s audio driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the Qualcomm Wi-Fi driver for the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Qualcomm Wi-Fi driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

Heroku Dynos Explained

What are Heroku Dynos? If youve ever hosted an application on Heroku, the popular platform as a service, youre likely at least aware of the existence of "Dynos". But what exactly are Heroku Dynos and why are they important? As explained in Herokus docs, Dynos are simply lightweight Linux containe...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe,...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL ...