CVE-2017-9493

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey devices allows remote attackers to conduct successful forced-pairing attacks between an RF4CE remote and a set-top box by repeatedly transmitting the same pairing code...

CVE-2017-9492

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; Cisco DPC3939B firmware version dpc3939b-v303r204217-150321a-CMCST; Cisco DPC3941T firmware version DPC39412.5s3PRODsey; an...

CVE-2017-9492

The CVE-2017-9492 issue affects Comcast firmware on Cisco DPC3939 (several builds), Cisco DPC3939B, Cisco DPC3941T, and Arris TG1682G devices, where the Set-Cookie header in administration applications omits the HTTPOnly flag. This omissions enables script access to cookies, potentially exposing ...

CVE-2017-9493

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey devices allows remote attackers to conduct successful forced-pairing attacks between an RF4CE remote and a set-top box by repeatedly transmitting the same pairing code...

libming 'OpCode' Function Denial of Service Vulnerability

libming is a Flash SWF output library for PHP, Perl, Ruby, Python, C, C ++, Java, and more. A security vulnerability exists in the OpCode function called from decompileSETMEMBER in util/decompile.c in Libming, which can be exploited to cause a denial of service heap-based buffer out-of-bounds rea...

gdal: Heap-buffer-overflow in SDTSModId::Set

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5119922457804800 Project: gdal Fuzzer: libFuzzergdalogrsdtsfuzzer Fuzz target binary: ogrsdtsfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...

DEBIAN-CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

UBUNTU-CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

Sql injection

In install/pagedbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses...

Windows Performance Monitor Information Disclosure Vulnerability

An information disclosure vulnerability exists in the Windows Performance Monitor Console when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity XXE...

NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Local Privilege Escalation

Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...

WakaTime: Sensitive Cookie Without 'HttpOnly' Flag

hello wakatime security team i found security vulnerability:Sensitive Cookie Without 'HttpOnly' Flag when i was testing your website then i notice that there is some csrftoken cookie appare in responce but the cookie have not httponly flag.you must should set httponly flag for some following...

CVE-2017-1000372

A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions...

CVE-2017-1000379

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...

ImageMagick Denial of Service Vulnerability (CNVD-2017-09693)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'SetPixelChannelAttributes' function in ImageMagick version 7.0.5-7 Q1...

Foscam camera ONVIF SetDNS Unauthenticated Remote Command Injection Vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera ONVIF SetDNS has an unauthenticated remote command injection vulnerability. An unauthenticated attacker can execute arbitrary remote commands as root via th...

Foscam camera ONVIF SetHostname Stored Cross-Site Scripting Vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly via WIFI. A stored cross-site scripting vulnerability exists in Foscam camera ONVIF SetHostname. An unauthenticated attacker is able to trigger a persistent cross-site scripting attack...

Snapchat: CRLF Injection at vpn.bitstrips.com

HI I found that the site https://vpn.bitstrips.com/ is vulnerable to a CRLF Injection. By injecting a Carriage Return and Line Feed character, we are able to make the server issue a set-cookie header. GET Request : https://vpn.bitstrips.com/sessionstart/%0aSet-Cookie:maliciouscookie1 Host:...

QEMU virtio_gpu_set_scanout function denial of service vulnerability

QEMU aka Quick Emulator is a suite of analog processor software developed by French programmer Fabrice Bellard. QEMU suffers from a denial of service vulnerability in the virtiogpusetscanout function in hw/display/virtio-gpu.c. The vulnerability allows a local OS user to pass a large number of...

DEBIAN-CVE-2017-9060

Memory leak in the virtiogpusetscanout function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service memory consumption via a large number of "VIRTIOGPUCMDSETSCANOUT:" commands...