October 5, 2021, update for Access 2016 (KB5001978)

October 5, 2021, update for Access 2016 KB5001978 This article describes update 5001978 for Microsoft Access 2016 that was released on October 5, 2021.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply t...

Afian AB FileRun 跨站脚本漏洞

Afian Ab Afian AB FileRun is an extensible file manager from Afian AB Afian Ab, Sweden, that features file sharing, cloud file storage, and more. Afian AB FileRun 2021.03.26 A cross-site scripting vulnerability exists that allows attackers to store cross-site scripts via HTTP X-Forwarded-For...

The vulnerability of the ccp_run_aes_gcm_cmd() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ccprunaesgcmcmd function in the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

CVE-2021-29361

A buffer overflow vulnerability in FORMATS!ReadUtahRLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

CVE-2021-29362

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

CVE-2021-29363

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74...

CVE-2021-29360

A buffer overflow vulnerability in FORMATS!ReadUtahRLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview is vulnerable to a buffer error that can be exploited by attackers to execute arbitrary code via a crafted RLE file...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

TinyFileManager cross-site request forgery vulnerability

TinyFileManager is a web-based file manager. A cross-site request forgery vulnerability exists in TinyFileManager 2.4.6 and all versions below, which can be exploited by attackers to upload files and run operating system commands by tricking Administrator users into browsing an attacker-controlle...

Vulnerability fixed in Artifex Ghostscript

Artifex has fixed a vulnerability in Ghostscript. The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code under the privileges of Ghostscript. To do this, the malicious party must trick the victim into to open a malicious document. Artifex has release...

UBUNTU-CVE-2021-3744

A memory leak flaw was found in the Linux kernel in the ccprunaesgcmcmd function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service memory consumption. This vulnerability is similar with the older CVE-2019-18808...

addr2line (=0.6.0), backtrace (>=0.3.6 <=0.3.9) +11 more potentially affected by CVE-2021-25901 via lazy-init (>=0.1.1 <=0.3.0)

lazy-init CARGO version =0.1.1, =0.3.6, =0.1.0, =0.1.0, =0.1.0, =0.7.0, =0.4.0, =0.4.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.3.0 Source cves: CVE-2021-25901 Source advisory: OSV:GHSA-W47J-HQPF-QW9W...

Rewards squatting - setting rewards in different ERC20 tokens opens various economic attacks.

Handle moose-code Vulnerability details Impact Users have essentially have an option to either claim currently earned reward amounts on future rewards tokens, or the current rewards token. Although stated on line 84, it does not take into account the implications and lock in this contract will ha...

Microsoft Office 365 (2016 Click-to-Run) Multiple RCE Vulnerabilities (Aug 2021)

This host is missing a critical security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Cerbrutus - Network Brute Force Tool, Written In Python

Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services. COMING SOON: SMB, HTTPs POST, HTTPs GET, HTTP BASIC AUTH Thanks to @0dayctf, Rondons, Enigma, and 001 fortesting and contributing Installation: cd /opt git clone...

Possible DoS attack in creating new DAO proposals

Handle shw Vulnerability details Impact The functions of creating new DAO proposals e.g., newActionProposal are permissionless. Anyone can create a new proposal by paying some fees in SPARTA, as long as the previous proposal is closed. Thus, an attacker could then front-run proposals of benign...

AZL-9180 CVE-2021-36230 affecting package terraform for versions less than 1.3.2-1

HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1...