FDA Recalls Nearly Half a Million Pacemakers Over Hacking Fears

Almost half a million people in the United States are highly recommended to get their pacemakers updated, as they are vulnerable to hacking. The Food and Drug Administration FDA has recalled 465,000 pacemakers after discovering security flaws that could allow hackers to reprogram the devices to r...

phpMyAdmin Global Variable Scope Injection Vulnerability (PMASA-2013-7) - Windows

phpMyAdmin is prone to a global variable scope injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin Global Variable Scope Injection Vulnerability (PMASA-2013-7) - Linux

phpMyAdmin is prone to a global variable scope injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

USN-3380-1 freerdp vulnerabilities

It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-0250 It was discovered...

Legal Robot: Code injection

A security researcher discovered that they were able to inject potentially malicious code into Legal Robot's newly created Roadmap page through improper input sanitization when submitting a new Idea for consideration by the community. A limited-scope attack was possible since the input sanitizati...

CVE-2017-1500

A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. The vulnerable parameter is "scope"; if you set as its value a "realm" not defined in authenticationConfig.xml, you get a...

WebKit: JSC: Incorrect scope register handling in DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry)

Here's a snippet of DFG::ByteCodeParser::flushInlineStackEntry inlineStackEntry. void flushInlineStackEntry inlineStackEntry ... if mgraph.needsScopeRegister flushmcodeBlock-scopeRegister; mcodeBlock| instead of |mcodeBlock|. But it doesn't. As a result, the scope register of...

WebKit JSC Incorrect Scope Register Handling Vulnerability

WebKit suffers from a JSC incorrect scope register handling in DFG::ByteCodeParser::flushInlineStackEntry inlineStackEntry. WebKit: JSC: Incorrect scope register handling in DFG::ByteCodeParser::flushInlineStackEntry inlineStackEntry CVE-2017-7018 Here's a snippet of...

WebKit JSC - DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry) Incorrect Scope Register Handling

WebKit JSC - DFG::ByteCodeParser::flushInlineStackEntry inlineStackEntry Incorrect Scope Register Handling scopeRegister; mcodeBlock| instead of |mcodeBlock|. But it doesn't. As a result, the scope register of |inlineStackEntry-mcodeBlock| may have an incorrect offset in the stack layout phase...

WebKit JSC Incorrect Scope Register Handling

WebKit: JSC: Incorrect scope register handling in DFG::ByteCodeParser::flushInlineStackEntry inlineStackEntry CVE-2017-7018 Here's a snippet of DFG::ByteCodeParser::flushInlineStackEntry inlineStackEntry. void flushInlineStackEntry inlineStackEntry ... if mgraph.needsScopeRegister...

WebKit JSC - 'DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry)' Incorrect Scope Register Handling

scopeRegister; mcodeBlock| instead of |mcodeBlock|. But it doesn't. As a result, the scope register of |inlineStackEntry-mcodeBlock| may have an incorrect offset in the stack layout phase. PoC: -- function f function eval'1'; f; ; throw 1; f;...

scopeofpain.com XSS vulnerability

Vulnerable URL: https://www.scopeofpain.com/login/index.php?certificate=1"...

Mozilla: Use-after-free and use-after-scope logging XHR header errors (MFSA 2017-16)

A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests XHR. This could result in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

Mozilla: Use-after-free and use-after-scope logging XHR header errors (MFSA 2017-16)

A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests XHR. This could result in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

WebKit JSC emitPutDerivedConstructorToArrowFunctionContextScope Incorrect Check(CVE-2017-2531)

WebKit: JSC: incorrect check in emitPutDerivedConstructorToArrowFunctionContextScope When a super expression is used in an arrow function, the following code, which generates bytecode, is called. if needsToUpdateArrowFunctionContext && !codeBlock-isArrowFunction bool canReuseLexicalEnvironment =...

Over 8,600 Vulnerabilities Found in Pacemakers

"If you want to keep living, Pay a ransom, or die." This could happen, as researchers have found thousands of vulnerabilities in Pacemakers that hackers could exploit. Millions of people that rely on pacemakers to keep their hearts beating are at risk of software glitches and hackers, which could...

WebKit JSC BindingNode::bindValue Failed Reference Count Increase

WebKit: JSC: BindingNode::bindValue doesn't increase the scope's reference count CVE-2017-2505 Here's a snippet of BindingNode::bindValue. void BindingNode::bindValueBytecodeGenerator& generator, RegisterID value const ... RegisterID scope = generator.emitResolveScopenullptr, var;...

NVIDIA Linux GPU Display Driver contains missing permissions check and improper validation vulnerabilities - us

Lenovo Security Advisory: LEN-10962 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-7382, CVE-2016-7389 Summary Description: The NVIDIA GPU Display Driver for Linux contains two privilege escalation vulnerabilities. CVE-2016-7382...

Oracle E-Business Suite 12.2.3 - 'IESFOOTPRINT' SQL Injection

Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Dmitry Chastuhin ERPScan Description 1. ADVISORY...

Chrome Universal XSS by polluting private scripts with named properties (CVE-2017-5008)

VULNERABILITY DETAILS When a private script method is invoked, a ScriptForbiddenScope::AllowUserAgentScript scope is set up to allow running the internal script. It is possible to exploit this scope to execute user code here: static v8::Local compileAndRunPrivateScriptScriptState scriptState,...