CVE-2015-7242

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

Microsoft Windows 10 is now Installed on over 200 Million Devices

Windows 10 here, Windows 10 there, and it is everywhere. This is exactly what Microsoft dreamed of, and it seems like the company is actively working to reach its One Billion goal by the end of 2017 or mid-2018. Proudly announcing its first huge success, Microsoft reported that its newest Windows...

Microsoft Windows Win32k 特权提升漏洞( MS15-010)

来源链接：http://www.freebuf.com/vuls/90501.html FreeBuf黑客与极客（FreeBuf.COM） 原文地址：http://hdwsec.fr/blog/CVE-2015-0057.html，编译/FB小编鸢尾 概述 这是一个use-after-free内核漏洞，它能获取一个专属的write primitive操作，之后侵染临近的一个对象。这个yields语句可以在内核空间或者用户空间随意写入。...

libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information...

CVE-2015-8242

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service stack-based buffer over-read and application crash or obtain sensitive information via crafted XML data...

linux/x86-64 - Execve /bin/sh Shellcode Via Push - 23 bytes

/ Execve /bin/sh Shellcode Via Push Linux x8664 23 bytes Dying to be the shortest. Copyright C 2015 Gu Zhengxiong email protected 27 April 2015 GPL .global start start: char const argv xorl %esi, %esi 'h' 's' '/' '/' 'n' 'i' 'b' '/' movq $0x68732f2f6e69622f, %rbx for '\x00' pushq %rsi pushq %rbx...

linux/x86 - Execve /bin/sh Shellcode Via Push - 21 bytes

/ Execve /bin/sh Shellcode Via Push Linux x86 21 bytes Dying to be the shortest. Copyright C 2015 Gu Zhengxiong email protected 18 February 2015 GPL .global start start: char const argv xorl %ecx, %ecx 2 bytes, and both %eax and %edx were zeroed mull %ecx NRexecve 11 movb $11, %al for '\x00' push...

Linux x86 - Execve /bin/sh Shellcode Via Push 21 bytes

Linux x86 - Execve /bin/sh Shellcode Via Push 21 bytes. Shellcode exploit for linx86 platform / Execve /bin/sh Shellcode Via Push Linux x86 21 bytes Dying to be the shortest. Copyright C 2015 Gu Zhengxiong [email protected] 18 February 2015 GPL .global start start: char const argv xorl %ecx, %ecx...

Linux x86-64 - Execve /bin/sh Shellcode Via Push 23 bytes

Linux x86-64 - Execve /bin/sh Shellcode Via Push 23 bytes. Shellcode exploit for linx86-64 platform / Execve /bin/sh Shellcode Via Push Linux x8664 23 bytes Dying to be the shortest. Copyright C 2015 Gu Zhengxiong [email protected] 27 April 2015 GPL .global start start: char const argv xorl %esi,...

Safari < 6.2.5 / 7.1.5 / 8.0.5 Multiple Vulnerabilities

Binary data 8696.prm...

Google Launches Chrome 42 with Push Notifications

Google has finally rolled out the latest version of its popular web browser, i.e. Chrome 42 for Windows, Mac, and Linux users that now lets websites send you alerts, no matter your browser is open or not. The release of the latest Chrome 42 version is a great deal as it costs Google more than...

CVE-2015-1128

The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests...

Information disclosure

The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests...

CVE-2015-1128

The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests...

Apple Safari Private Mode User Browsing History Leakage Vulnerability

Apple Safari is a popular WEB browser. A security vulnerability exists in Apple Safari, which can be exploited to disclose a user's browser history when responding to a push notification request in private browser mode. A remote attacker can exploit the vulnerability to obtain sensitive informati...

APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite...

Authentication fails on Push to Stash

When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...

Authentication fails on Push to Stash

When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...

CVE-2014-4417

Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service universal Push Notification outage via a web site that triggers an uncaught SafariNotificationAgent exception by providing a crafted Push Notification...

Design/Logic Flaw

Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service universal Push Notification outage via a web site that triggers an uncaught SafariNotificationAgent exception by providing a crafted Push Notification...