Sojobo - A Binary Analysis Framework

Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don't need to install or compile any other external libraries the project is self contained. With Sojobo you can: Emulate a 32 bit PE binary...

Snare - Super Next Generation Advanced Reactive honEypot

snare - Super Next generation Advanced Reactive honEypot Super Next generation Advanced Reactive honEypot About SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation The documentation can be found here. Basic Concepts Surface first. Focus...

CVE-2019-2889

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Sample apps. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server...

Design/Logic Flaw

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Sample apps. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server...

CVE-2019-2889

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Sample apps. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server...

Oracle WebLogic Server CVE-2019-2889 Remote Security Vulnerability

Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Sample apps' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected Oracle Weblogic Serve...

Bento4 'AP4_TfhdAtom::SetDefaultSampleSize' function buffer overflow vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A buffer overflow vulnerability exists in the 'AP4TfhdAtom::SetDefaultSampleSize' function in the Core/Ap4TfhdAtom.h file in Bento4 version 1.5.1.0. The vulnerability stems from a networked system or product performing...

CVE-2019-17529

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4Atom::Inspect in Core/Ap4Atom.cpp...

CVE-2019-17493

Jiangnan Online Judge aka jnoj 0.8.0 has XSS via the Problemsampleinput parameter to web/admin/problem/create or web/polygon/problem/update...

CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...

UBUNTU-CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...

DEBIAN-CVE-2019-17113

In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlugInstrumentName and ModPlugSampleName in libopenmptmodplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow...

UBUNTU-CVE-2019-17113

In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlugInstrumentName and ModPlugSampleName in libopenmptmodplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow...

GandCrab Operators Resurface with REvil Malware

The malware that hit 22 Texas municipalities and various dentist offices around the country recently is likely the work of the crew behind the GandCrab ransomware – indicating that the group didn’t really retire after all. In late May, the GandCrab operators said they decided to ride off into the...

GPAC Buffer Overflow Vulnerability (CNVD-2019-40502)

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A heap buffer overflow vulnerability exists in audiosampleentryAddBox in isomedia/boxcodebase.c in GPAC 0.7.1. An attacker could exploit this vulnerability via specially crafted files to cause a denial of servic...

DEBIAN-CVE-2018-21016

audiosampleentryAddBox at isomedia/boxcodebase.c in GPAC 0.7.1 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

UBUNTU-CVE-2018-21016

audiosampleentryAddBox at isomedia/boxcodebase.c in GPAC 0.7.1 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

PT-2019-10441 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 0.7.1 Description: The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted file. This is related to the audio sample entry AddBox function at...

EulerOS 2.0 SP2 : wavpack (EulerOS-SA-2019-1874)

According to the version of the wavpack package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource...

EulerOS 2.0 SP5 : wavpack (EulerOS-SA-2019-1901)

According to the version of the wavpack package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource...