Qualcomm Wlan Firmware Information Disclosure Vulnerability

Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Wlan Firmware that allows RTT frames to be attached to non-randomized MAC addresses by comparing the sequence numbers can lead to information disclosure...

GNU C Library 安全漏洞

The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. A denial of service vulnerability exists in GNU C Library version 2.32 and earlier. The vulnerability stems from the iconv function in the GNU C Library failing to assert and aborting a...

Medialize urijs input validation error vulnerability

urijs is a Javascript URL mutation library. An input validation error vulnerability exists in urijs that stems from allowing hostname spoofing through the use of a backslash character followed by an at @ character. If a hostname is used in a security decision, the decision may be incorrect...

EulerOS 2.0 SP5 : nss (EulerOS-SA-2020-2572)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages,...

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

Depix - Recovers Passwords From Pixelized Screenshots

Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with a linear box filter. In this article I cover background information on pixelization and similar research. Example python depix.py -p...

Foxit Reader Javascript Field fileSelect Use After Free Vulnerability

Summary A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

Ksix Zigbee Devices - Playback Protection Bypass (PoC)

Exploit Title: Ksix Zigbee Devices - Playback Protection Bypass PoC Date: 2020-11-15 Exploit Author: Alejandro Vazquez Vazquez Vendor Homepage: https://www.ksixmobile.com/ Firmware Version: Gateway Zigbee Module - v1.0.3, Gateway Main Module - v1.1.2, Door Sensor - v1.0.7, PIR Motion Sensor -...

Ksix Zigbee Devices Playback Protection Bypass Exploit

Exploit Title: Ksix Zigbee Devices - Playback Protection Bypass PoC Exploit Author: Alejandro Vazquez Vazquez Vendor Homepage: https://www.ksixmobile.com/ Firmware Version: Gateway Zigbee Module - v1.0.3, Gateway Main Module - v1.1.2, Door Sensor - v1.0.7, PIR Motion Sensor - v1.0.12 Tested on:...

EulerOS 2.0 SP9 : nss (EulerOS-SA-2020-2487)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability...

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2020-2500)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2020-0440 Updated jruby packages fix security vulnerabilities

Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...

EulerOS 2.0 SP8 : nss (EulerOS-SA-2020-2478)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages,...

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2020-2478)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5947

In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 200...

CVE-2020-5947

In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 200...

Design/Logic Flaw

In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 200...

CVE-2020-5947

This CVE affects BIG-IP platforms (2000, 4000, i2000, i4000, and VE). The vulnerable component is TCP sequence handling in BIG-IP virtual server code, with root cause described as a design/logic flaw that allows attackers to obtain and reuse TCP sequence numbers. Affected versions include 16.0.0–...

CVE-2020-5947

In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 200...

The vulnerability of the Clientless SSL VPN (WebVPN) implementation of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows a attacker to inject arbitrary HTTP headers.

The vulnerability of the Clientless SSL VPN WebVPN implementation of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA is related to the failure to implement measures to neutralize CRLF sequences. Exploiting this vulnerability allows a malicious actor to inject arbitrar...