unbound -- Non-Responsive Delegation Attack

A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for...

RLSA-2022:2043 Moderate: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...

[SECURITY] Fedora 35 Update: libsolv-0.7.21-1.fc35

A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: - Using a dictionary approach to store and retrieve package and dependency information. - Using satisfiability, a well known and researched topic, for resolving package...

UDP-Hunter - Network Assessment Tool For Various UDP Services Covering Both IPv4 And IPv6 Protocols

UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP Hunter is a python based open source network assessment tool focused on UDP Service Scanning. With UDP Hunter, we have focused on providing auditing of widely know...

Code injection

A vulnerability has been identified in Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2013.08, Nucleus Source Code Versions including affected DNS modules. The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS...

CVE-2021-27393

A vulnerability has been identified in Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2013.08, Nucleus Source Code Versions including affected DNS modules. The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS...

CVE-2020-35693

On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy BLE device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offer...

Vhosts-Sieve - Searching For Virtual Hosts Among Non-Resolvable Domains

Searching for virtual hosts among non-resolvable domains. Installation git clone https://github.com/dariusztytko/vhosts-sieve.git pip3 install -r vhosts-sieve/requirements.txt Usage Get a list of subdomains e.g. using Amass $ amass enum -v -passive -o domains.txt -d example.com -d...

[SECURITY] [DSA 4691-1] pdns-recursor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4691-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 21, 2020 https://www.debian.org/security/faq -...

Design/Logic Flaw

JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection...

SUSE-SU-2019:2461-1 Security update for mariadb

This update for mariadb fixes the following issues: Updated to MariaDB 10.0.40-1. Security issues fixed: - CVE-2019-2805, CVE-2019-2740, CVE-2019-2739, CVE-2019-2737, CVE-2019-2614, CVE-2019-2627. bsc1132826 bsc1141798. Non-security issues fixed: - Adjusted mysql-systemd-helper 'shutdown protecte...

2019-03 Dynamic Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4489899)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

Lazygit - Simple Terminal UI For Git Commands

A simple terminal UI for git commands, written in Go with the gocui library. Are YOU tired of typing every git command directly into the terminal, but you're too stubborn to use Sourcetree because you'll never forgive Atlassian for making Jira? This is the app for you! Installation Homebrew brew...

Dynamic Data Resolver (DDR) - IDA Plugin

This blog post was authored by Holger Unterbrink Executive Summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. But, if you try to perform dynamic analysis by...

[SECURITY] Fedora 27 Update: nodejs-uri-js-4.2.2-2.fc27

URI.js is an RFC 3986 compliant, scheme extendable URI parsing/validating/resolving library for all JavaScript environments browsers, Node.js, etc...

Path Traversal

Overview Versions of resolve-path before 1.4.0 are vulnerable to path traversal. resolve-path relative path resolving suffers from a lack of file path sanitization for windows based paths. Recommendation Update to version 1.4.0 or later. References - HackerOne Report - GitHub Advisory...

CVE-2014-3626

The CVE-2014-3626 vulnerability affects the Grails Resource Plugin (pre-1.2.13). A directory-traversal protection bug caused the plugin to return the decoded URI after the traversal check instead of the normalized URI, enabling a double-decoding issue. The fixed behavior repeatedly decodes the UR...

Sony Playstation 4 4.05 FW - Local Kernel Exploit

Exploit for bsd platform in category local exploits PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level...

[SECURITY] Fedora 25 Update: c-ares-1.13.0-1.fc25

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

gstreamer-plugins-bad-free security update

0.10.23-22 - h264parse: Ensure codecdata has the required size when reading number of SPS Resolves: rhbz1400838 0.10.23-21 - Remove insecure NSF plugin - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400838...