Linux Kernel (x86) - Memory Sinkhole Privilege Escalation

; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is determined by which register will be read out of the APIC ; fo...

Linux/x86 Memory Sinkhole Proof Of Concept

; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is determined by which register will be read out of the APIC ; fo...

Linux Kernel (x86) - Memory Sinkhole Privilege Escalation

Linux Kernel x86 - Memory Sinkhole Privilege Escalation ; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is...

libreoffice: HWP file filter vulnerability

A flaw was found in the way the LibreOffice HWP Hangul Word Processor file filter processed certain HWP documents. An attacker able to trick a user into opening a specially crafted HWP document could possibly use this flaw to execute arbitrary code with the privileges of the user opening that...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

PYSEC-2015-21

validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...

[SECURITY] Fedora 21 Update: qemu-2.1.3-8.fc21

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

CentOS Update for abrt CESA-2015:1083 centos7

Check the version of abrt SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882200";...

abrt, libreport security update

CentOS Errata and Security Advisory CESA-2015:1083 Updated abrt packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score,...

[SECURITY] [DSA 3284-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3284-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 13, 2015 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3284-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: qemu-2.3.0-5.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability

A vulnerability in the IP version 6 IPv6 processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit NPU and a reload of the line card processing an IPv6 packet. The...

Important: Red Hat Security Advisory: abrt security update

Updated abrt packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

PT-2017-6631 · Red Hat +1 · Abrt +2

Name of the Vulnerable Software and Affected Versions: ABRT affected versions not specified Description: The issue concerns the kernel-invoked coredump processor in ABRT, which fails to properly check file ownership before writing core dumps. This allows local users with write permissions to the...

Unspecified Cross-Site Scripting Vulnerability in Zenphoto

Zenphoto is a free photo gallery content management system developed by the Zenphoto team. The system manages images and supports multimedia such as audio and video. A cross-site scripting vulnerability exists in the image processor of Zenphoto versions prior to 1.4.7. A remote attacker can explo...

Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: website contact form with file upload 1.5 Exploit Local File Inclusion Google Dork: inurl:"/plugins//website-contact-form-with-file-upload/" Date: 07.05.2015 Exploit Author: T3N38R15 Software Link:...