CVE-2018-3987

Rakuten Viber for Android 9.3.0.6 exposes an information-disclosure in the app’s Secret Chats: photos taken and shared within secret chats are not fully removed when a chat is deleted, leaving copies on the device filesystem that are accessible to other installed apps. The vulnerability stems fro...

Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability

Summary A use after free vulnerability exists in Windows 10, Version 10.0.19033.1, when a Win32k component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the kernel context and elevation of privileges. This...

RLSA-2020:0348 Important: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu CVE-2020-7039 For more details about the security issues, including the impact, a CVSS score,...

imagemagick:encoder_dxt1_fuzzer: Use-of-uninitialized-value in PerceptibleReciprocal

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5070329724796928 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encoderdxt1fuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value...

CVE-2019-20426

CVE-2019-20426 affects the Lustre file system before 2.12.3. The ptlrpc module suffers an out-of-bounds access and potential panic due to missing validation of specific client packet fields; specifically, in ldlm_cancel_hpreq_check there is no bounds check on the lock_count. The Red Hat advisory ...

sportsandchat.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1073064 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass) Exploit

Exploit Title: Microsoft Windows 10 - Local Privilege Escalation UAC Bypass Author: Nassim Asrir Exploit Author: Nassim Asrir CVE: N/A Tested On: Windows 10Pro 1809 Vendor : https://www.microsoft.com Technical Details I discovered a Local Privilege Escalation in Windows 10 UAC Bypass, via an...

CVE-2020-6750

GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays...

wavpack:fuzzer: Use-of-uninitialized-value in decimate_dsd_run

Project: https://github.com/dbry/WavPack.git Detailed Report: https://oss-fuzz.com/testcase?key=5103688150679552 Project: wavpack Fuzzing Engine: libFuzzer Fuzz Target: fuzzer Job Type: libfuzzermsanwavpack Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

ffmpeg:ffmpeg_AV_CODEC_ID_DIRAC_fuzzer: Crash in ff_dequant_subband_32_sse4

Project: https://git.ffmpeg.org/ffmpeg.git Detailed Report: https://oss-fuzz.com/testcase?key=5729372837511168 Project: ffmpeg Fuzzing Engine: libFuzzer Fuzz Target: ffmpegAVCODECIDDIRACfuzzer Job Type: libfuzzerubsanffmpeg Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x00000bba5000...

CVE-2010-3782

obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation...

CVE-2013-4532

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process...

CVE-2019-20089

Affected software: GoPro GPMF-parser 1.2.3. Issue: a heap-based buffer over-read in GPMF_SeekToSamples within GPMF_parse.c used for size calculation. Root cause per description: reading beyond allocated memory boundaries, enabling an out-of-bounds read. Impact described in the sources as a heap/b...

CVE-2019-20079

The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory...

GitHub Security Lab: Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET

This bug was reported directly to GitHub Security Lab...

kernel security and bug fix update

2.6.32-754.25.1.OL6 - Update genkey Orabug: 25599697 2.6.32-754.25.1 - kvm KVM: VMX: Set VMENTERL1DFLUSHNOTREQUIRED if !X86BUGL1TF Waiman Long 1733760 - virt KVM: coalescedmmio: add bounds checking Bandan Das 1746799 CVE-2019-14821 - virt KVM: MMIO: Lock coalesced device when checking for availab...

GitLab Doles Out Half a Million Bucks to White Hats

GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...

CVE-2019-19530

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef...

CVE-2019-19523

In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79...

CVE-2019-19526

In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098...