REST API - Improved HTTP Authentication

h4. Suggestion Description Confluence Server REST API|https://developer.atlassian.com/confdev/confluence-server-rest-api is a simple resource that help administrators to perform operations that would take some time of their day to day activities in a couple seconds, instead of a couple minutes. I...

Threat Outbreak Alert RuleID31347: Email Messages Distributing Malicious Software on November 16, 2017

Medium Alert ID: 55961 First Published: 2017 November 16 14:54 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31347 may contain the following files: Name |...

Telnet IoT Honeypot - Python Telnet Honeypot For Catching Botnet Binaries

This project implements a python telnet server trying to act as a honeypot for IoT Malware which spreads over horribly insecure default passwords on telnet servers on the internet. Other than https://github.com/stamparm/hontel or https://github.com/micheloosterhof/cowrie examples, which provides...

Infogram: Report Design Critical Stored DOM XSS Vulnerability

Hi Team, Another XSS vulnerability in report designer but this one is critical. Problem Point Report's Overview Table Report Creation Url https://infogram.com/app/edit/e7b161f1-f708-48e5-bab7-de9887ae202a Sample Data Click for Detail Sample URL https://infogram.com/report-classic-1g57pr0g3xdvp01...

GNU Libextractor Denial of Service Vulnerability

GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A denial of service vulnerability exists in the 'EXTRACTORwavextractmethod' method of the wavextractor.c file in GNU Libextractor version 1.4, which stems from the program failing to detect the...

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

Code injection

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

DEBIAN-CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

UBUNTU-CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

CVE-2017-15266

CVE-2017-15266 affects GNU Libextractor 1.4, where a Divide-By-Zero can occur in wav_extractor.c when a zero sample rate is encountered. Public sources in connected docs confirm this as a Libextractor vulnerability with potential denial-of-service implications. Affected advisories reference multi...

PT-2017-13832 · Lame +2 · Lame +2

Name of the Vulnerable Software and Affected Versions: LAME versions 3.98 through 3.99.5 Description: The issue is a heap-based buffer over-read in the fill buffer function in libmp3lame/util.c, related to lame encode buffer sample t in libmp3lame/lame.c. Recommendations: For LAME versions 3.98...

Bento4 'AP4_VisualSampleEntry::ReadFields' Stack Buffer Overflow Vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability in AP4VisualSampleEntry::ReadFields in the Core/Ap4SampleEntry.cpp file in Bento4 version 1.5.0-617 stems from the program using the wrong character data type. An attacker could exploit this...

Bento4 Core/Ap4AtomSampleTable.cpp File Null Pointer Reference Vulnerability Vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in the AP4AtomSampleTable::GetSample in the Core/Ap4AtomSampleTable.cpp file in Bento4 version 1.5.0-617. A remote attacker can exploit this vulnerability to cause a denial of service null...

UBUNTU-CVE-2017-14647

A heap-based buffer overflow was discovered in AP4VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution...

UBUNTU-CVE-2017-14640

A NULL pointer dereference was discovered in AP4AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service...

MP3Gain mpglibDBL Buffer Overflow Vulnerability

MP3Gain is a MP3 file volume adjustment application. mpglibDBL is one of the MPEG file decoders. A buffer overflow vulnerability exists in the IIIdequantizesample of the layer3.c file of mpglibDBL in MP3Gain. A remote attacker could exploit this vulnerability to cause a denial of service or...