7874 matches found
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
CVE-2020-3390
A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of...
MikroTik RouterOS Resource Management Error Vulnerability (CNVD-2020-52205)
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A resource management error vulnerability exists in MikroTik RouterOS versions 6.41.3 through 6.46.5 and 7, which...
CVE-2020-11881
An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...
CVE-2020-11881
An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...
Design/Logic Flaw
An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...
CVE-2020-11881
An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964...
Basecamp: DNS Setup allows sending mail on behalf of other customers
Sent on your behalf I knew basecamp themselves had used helpscout for support, so I was curious to see if hey was doing the same. A quick DNS lookup gave me the answer I was looking for: dig hey.com txt ; DiG 9.10.6 hey.com txt ;; global options: +cmd ;; Got answer: ;; -HEADER DiG 9.10.6...
CVE-2020-7807
A vulnerability that can hijack a DLL file that is loaded during productsLGPCSuiteSetup, IPSFULLHD, LGULTRAWIDE, ULTRAHDDriver Setup installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics LGPCSuiteSetup, IPSFULLHD,...
Design/Logic Flaw
A vulnerability that can hijack a DLL file that is loaded during productsLGPCSuiteSetup, IPSFULLHD, LGULTRAWIDE, ULTRAHDDriver Setup installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics LGPCSuiteSetup, IPSFULLHD,...
CVE-2020-7807 DLL Hijacking Vulnerabilities During Installation of LG Electronics Software
A vulnerability that can hijack a DLL file that is loaded during productsLGPCSuiteSetup, IPSFULLHD, LGULTRAWIDE, ULTRAHDDriver Setup installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics LGPCSuiteSetup, IPSFULLHD,...
CVE-2020-7807
CVE-2020-7807 maps to a DLL hijacking vulnerability during installation of LG Electronics software. Affected components are LGPCSuite_Setup (Windows x86/x64) 1.0.0.3 and related installers IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup (Windows x86/x64) 1.0.0.9. The root cause is “Missing Support...
Some-Tools - Install And Keep Up To Date Some Pentesting Tools
Some-Tools Why I was looking for a way to manage and keep up to date some tools that are not include in Kali-Linux. For exemple, I was looking for an easy way to manage privilege escalation scripts. One day I saw sec-tools from eugenekolo which you can see at the bottom of the page and it gave me...
CVE-2020-25279
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 September 2020...
CVE-2020-25279
CVE-2020-25279 describes a buffer overflow in the baseband on Samsung mobile devices (Exynos) running O(8.x), P(9.0), and Q(10.0) via an abnormal SETUP message, enabling arbitrary code execution. Affected component: baseband firmware; root cause: buffer overflow. Impact: high across confidentiali...