CVE-2016-4852

YoruFukurou NightOwl before 2.85 relies on support for emoji skin-tone modifiers even though this support is missing from the CoreText CTFramesetter API on OS X 10.9, which allows remote attackers to cause a denial of service application crash via a crafted emoji character sequence...

CVE-2016-4852

CVE-2016-4852 affects YoruFukurou (NightOwl) for OS X, where emoji skin-tone modifiers are mishandled because CTFramesetter API support is missing on OS X 10.9. The vulnerability allows a crafted emoji sequence to crash the application (DoS). Affected versions include 2.84 and earlier (pre-2.85)....

Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow

Exploit for Android platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=840 There's an inconsistency between the way that the two functions in libutils/Unicode.cpp handle invalid surrogate pairs in UTF16, resulting in a mismatch between the size...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the drivers/video/msm/vidc/common/enc/venc.c file in Qualcomm’s Android operating system is related to the lack of checking for the ioctl VENIOCTLGETSEQUENCEHDR call. Exploiting this vulnerability allows a remote attacker to increase their privileges through a specially creat...

YoruFukurou (NightOwl) vulnerable to denial-of-service (DoS)

Overview YoruFukurou NightOwl is a Twitter client application for OS X. YoruFukurou uses OS X API CTFramesetter to render text contents. CTFramesetter has a problem in processing a certain emoji character sequence, which may cause YoruFukurou to crash. This problem was verified on OS X v10.9...

UBUNTU-CVE-2014-9880

drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 2013 devices does not validate VENIOCTLGETSEQUENCEHDR ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769352 and Qualcomm intern...

UBUNTU-CVE-2016-3828

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28835995...

qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set could use this flaw to crash qpidd...

CVE-2016-5127

Removed by vendor...

Jenkins RCE 2(CVE-2 0 1 6-0 7 8 8)analysis and use-vulnerability and early warning-the black bar safety net

Foreign security researchers Moritz Bechler in 2 months found a Jenkins remote command execution vulnerability the vulnerability without having to login you can use, that is, the CVE-2 0 1 6-0 7 8 8 is. The official announcement is such description of this vulnerability: A vulnerability in the...

The vulnerability of the Flash Player software allows a malicious attacker to execute arbitrary code or cause a service failure.

The Flash Player software contains a vulnerability in the “PCRE” component, which stems from insufficient data validation when processing the “\c” control sequence followed by a character in UTF-8 encoding. This vulnerability can be exploited by malicious actors using a specially crafted swf file...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The automation system of the enterprise 1C:Enterprise contains a vulnerability in the Fast Infoset decoder library for working with XML documents xml2.dll. A malicious individual, by manipulating input data, can set the Fast Infoset decoder to the DOCUMENTCHARACTERENCODINGSCHEME state processing...

Generate TCP/UDP Outbound Traffic On Multiple Ports

This module generates TCP or UDP traffic across a sequence of ports, and is useful for finding firewall holes and egress filtering. It only generates traffic on the port range you specify. It is up to you to run a responder or packet capture tool on a remote endpoint to determine which ports are...

Juniper Networks Junos OS TCP Timestamp DoS Vulnerability

Junos OS is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...

DEBIAN-CVE-2016-2544

Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...

DEBIAN-CVE-2016-2543

The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...

ALEOS Sensitive Information Disclosure Vulnerability in Multiple Sierra Wireless Devices

Sierra Wireless ALEOS on ES440, ES450, GX400, GX440, GX450, and LS300 is a set of application frameworks that run in the ES440, ES450, GX400, GX440, GX450, and LS300 Smart Gateway devices. A security vulnerability in ACEmanager for Sierra Wireless ALEOS in multiple Sierra Wireless devices allows...

CVE-2015-6479

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors...

Information disclosure

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors...

CVE-2015-6479

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors...