UBUNTU-CVE-2019-15695

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values...

UBUNTU-CVE-2019-19905

NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files...

CVE-2019-11400

An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the getset.ccp ccpact parameter...

CVE-2019-10536

Potential double free scenario if driver receives another DIAGEVENTLOGSUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

OpenBSD 6.x - Dynamic Loader Privilege Escalation Exploit

Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration Acknowledgments...

CVE-2019-10773

In Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. Existing files could be overwritten depending on the current user permission set...

OpenBSD 6.x - Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...

Qualys Security Advisory - OpenBSD Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...

CVE-2013-0163

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...

CVE-2013-0163

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...

Design/Logic Flaw

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...

The vulnerability of the gssetresolution and gsgetresolution components of the Ghostscript software suite for document processing, conversion, and generation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gssetresolution and gsgetresolution components in the Ghostscript software for document processing, conversion, and generation is related to the presence of unused code. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...

Unspecified vulnerability in grub2 grub2-set-bootflag utility

runc is a CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability in the grub2-set-bootflag utility in grub2 can be exploited by a local attacker to truncate the grub2 configuration file and prevent the device from booting...

Dokuwiki 2018-04-22b - Username Enumeration

Dokuwiki 2018-04-22b - Username Enumeration Exploit Title: Dokuwiki 2018-04-22b - Username Enumeration Date: 2019-12-01 Exploit Author: Talha ŞEN Vendor Homepage: https://www.dokuwiki.org/dokuwiki Software Link: https://download.dokuwiki.org/ Version: 2018-04-22b "Greebo" Tested on: Alpine Linux...

Dokuwiki 2018-04-22b - Username Enumeration

Exploit Title: Dokuwiki 2018-04-22b - Username Enumeration Date: 2019-12-01 Exploit Author: Talha ŞEN Vendor Homepage: https://www.dokuwiki.org/dokuwiki Software Link: https://download.dokuwiki.org/ Version: 2018-04-22b "Greebo" Tested on: Alpine Linux 3.5 docker image PHP 5.6.30 Apache/2.4.25 Un...

CVE-2019-14865

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots...

Default configuration

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots...

Xiaomi Mi Box Memory Corruption Vulnerability

Xiaomi Mi Box is a Xiaomi set-top box application. Xiaomi Mi Box suffers from a memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the currently logged in user, potentially resulting in a denial of service condition...

UBUNTU-CVE-2019-18276

An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems th...

CVE-2019-14865

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots. Mitigation Remove the...