Browser push notifications: a feature asking to be abused

“I’m seeing a lot of ads popping up in the corner of my screen, and the Malwarebytes scan does not show there is anything wrong. It says my computer is clean. So what's happening?” Our support team runs into questions like this regularly, but the volume seems to be increasing lately. In most of...

Fedora 28 : singularity (2018-da87b1e643)

This rebases singularity from 2.2.1 to 2.5.1, which should include all corresponding updates n.b. a request for rebase permission has been put into FESCo; hence auto-push has been disabled until they approve. Please test for functionality and backward compatibility issues, particularly around the...

CVE-2018-20579

Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '' or '' character...

Mail.ru: Cross application scripting via account.mail.ru

Crossapplication scripting via User-Agent on push login confirmation functionality in mobile application in the context of account.mail.ru domain allowed session hijacking with minimal user interaction...

GitLab CE/EE Unauthorized Access Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. An unauthorized acces...

SAP Fiori Client Denial of Service Vulnerability

SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A denial of service vulnerability exists in SAP Fiori Client, which can be exploited by an attacker with a malicious application to send local push notifications with null messages to Fior...

CVE-2018-2488

It is possible for a malware application installed on an Android device to send local push notifications with an empty message to SAP Fiori Client and cause the application to crash. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...

CVE-2018-2488

Summary (CVE-2018-2488): On Android, a malware app can trigger SAP Fiori Client to crash by sending local push notifications with an empty message. The issue is mitigated by updating to SAP Fiori Client v1.11.5 (Google Play). The provided documents describe the vulnerability as a crash condition ...

DEBIAN-CVE-2018-12387

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

July 24, 2018—KB4340917 (OS Build 17134.191)

July 24, 2018—KB4340917 OS Build 17134.191 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Important changes include the following: Addresses an issue that causes devices within Active Directory or Hybrid AADJ...

Mozilla: stack out-of-bounds read in Array.prototype.push

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

Mozilla: stack out-of-bounds read in Array.prototype.push

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

USN-3778-1 firefox vulnerabilities

A crash was discovered in TransportSecurityInfo used for SSL, which could be triggered by data stored in the local cache directory. An attacker could potentially exploit this in combination with another vulnerability that allowed them to write data to the cache, to execute arbitrary code...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-10500

This CVE affects Samsung Galaxy Apps. The vulnerability lies in handling push messages, enabling a local attacker who already has low-privilege code execution to start an activity with controlled arguments and escalate privileges to protected resources. Affected component: Samsung Galaxy Apps (An...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

[SECURITY] Fedora 27 Update: gitolite3-3.6.9-1.fc27

Gitolite allows a server to host many git repositories and provide access to many developers, without having to give them real userids on the server. The essential magic in doing this is ssh's pubkey access and the authorized keys file, and the inspiration was an older program called gitosis...

Linux/x86 - echo "Hello World" + Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)

Linux/x86 - echo "Hello World" + Random Bytewise XOR + Insertion Encoder Shellcode 54 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode 54 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Teste...