Shadow Brokers Fix for IBM Lotus Domino Released

IBM has released a patch for Lotus Domino to plug a security flaw which was disclosed in the latest Shadow Broker revelations. Lotus Domino includes an IMAP server. IMAP or Internet Message Access Protocol is an Internet standard protocol used by e-mail clients to retrieve e-mail messages from th...

Microsoft Windows 'libjpeg' Information Disclosure Vulnerability (KB4015383)

This host is missing an important security update according to Microsoft Security update KB4015383 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

chicken -- multiple vulnerabilities

CHICKEN reports: CVE-2017-6949: Unchecked malloc call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault CVE-2017-9334: "length" crashes on improper lists CVE-2017-11343: The randomization factor of the symbol table was set before...

Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

UBUNTU-CVE-2017-5400

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

UBUNTU-CVE-2015-2877

DISPUTED Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection CAIN attack. NOTE: the vendor states...

The ASLR protection mechanism is a breakthrough attack technical analysis-vulnerability warning-the black bar safety net

Recently, hardware-based attacks have been started by Rowhammer memory leaks or bypass the address space layout randomization protection mechanisms to attack the system, these attacks are based on the processor's memory management unit MMU with a page table interactive interactive manner. These...

dirsearch - Brute Force Directories and Files in Websites

dirsearch is a simple command line tool designed to brute force directories and files in websites. Operating Systems supported Windows XP/7/8/10 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions -e|--extensions asp,php Reporting plain text, JSON...

Design/Logic Flaw

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

UBUNTU-CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...

Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities

Binary data 9928.prm...

PT-2017-1184 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.8.x through 4.9.x before 4.9.5 Linux kernel version 4.9.x before 4.9.5 Description: The freelist-randomization feature in the Linux kernel allows local users to cause a denial of service, resulting in duplicate freelis...

CVE-2016-8334

A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR...