DEBIAN-CVE-2018-19407

The vcpuscanioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service NULL pointer dereference and BUG via crafted system calls that reach a situation where ioapic is uninitialized...

Linux kernel denial of service vulnerability (CNVD-2018-26910)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the vcpuscanioapic function in arch/x86/kvm/x86.c in the Linux kernel. A...

PT-2018-14898 · Phpoffice · Phpoffice Phpspreadsheet

Name of the Vulnerable Software and Affected Versions: PHPOffice PhpSpreadsheet versions prior to 1.5.1 Description: The issue allows a bypass of protection mechanisms for XML External Entity XXE attacks via UTF-7 encoding in a .xlsx file. This is achieved through the securityScan function in...

Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service

/ + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CISCO-IMMUNET-AND-CISCO-AMP-FOR-ENDPOINTS-SYSTEM-SCAN-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. Vendor www.cisco.com Multiple Products Cisc...

PostAuth EPA scan is not initiated with Advance session policies, however works with Classic policies

If the session profile is bound to the session profile with classic expression the EPA scan is initiated the client machine is checked for the EPA checks. If you use advance expression to bind session profile to the session policy, the EPA check will not be initiated and the users will be...

D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability

The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are...

CVE-2018-15437 Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...

CVE-2018-15437 Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...

Reconnaissance Swiss Army Knife: ReconDog

Main Features Wizard + CLA interface Can extracts targets from STDIN piped input and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys : Uses censys.io to gather massive amount of information about an IP address. NS Lookup : Does na...

Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...

Robber - Tool For Finding Executables Prone To DLL Hijacking

Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies. What is DLL hijacking ?! Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path triggering this search...

PT-2018-16291 · Yi · Yi Home Camera

Name of the Vulnerable Software and Affected Versions: Yi Home Camera 27US version 1.8.7.0D Description: An exploitable code execution issue exists in the QR code scanning functionality. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans info call can...

Buffer overflow

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU,...

CVE-2018-11849

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU,...

Mozilla Firefox ESR < 60.3 Multiple Vulnerabilities (macOS)

The version of Mozilla Firefox ESR installed on the remote macOS host is prior to 60.3. It is, therefore, affected by multiple vulnerabilities : - During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the...

Infog - Information Gathering Tool

InfoG is a Shellscript to perform Information Gathering. Features Check Website info Check Phone info IP Tracker Check Valid E-mail Check if site is Up/Down Check internet speed Check Personal info Find IP behind Cloudflare Find Subdomains Port Scan Multi-threaded Check CMS Check DNS leaking Usag...

ReconDog v2.0 - Reconnaissance Swiss Army Knife

Reconnaissance Swiss Army Knife Main Features Wizard + CLA interface Can extracts targets from STDIN piped input and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys: Uses censys.io to gather massive amount of information about an ...

Command Injection

libnmap is vulnerable to command injection. An attacker is able to inject arbitrary OS commands via the IP range field for the network scan...

Scientific Linux Security Update : spamassassin on SL7.x x86_64 (20181011)

Security Fixes : - spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service CVE-2017-15705 - spamassassin: Local user code injection in the meta rule syntax CVE-2018-11781 C Tenable Network Security, Inc. The descriptive text is C Scientific...

spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service

A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing...