UBUNTU-CVE-2018-18445

In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...

The US National Cyber Strategy

Last month, the White House released the "National Cyber Strategy of the United States of America. I generally don't have much to say about these sorts of documents. They're filled with broad generalities. Who can argue with: Defend the homeland by protecting networks, systems, functions, and dat...

Linux/x86 - execve(/bin/sh) + NOT/SHIFT-N/XOR-N Encoded Shellcode (50 byes)

Linux/x86 - execve/bin/sh + NOT/SHIFT-N/XOR-N Encoded Shellcode 50 byes. Shellcode exploit for Linuxx86 platform / Title: Linux\x86 NOT +SHIFT-N+ XOR-N + encoded /bin/sh Shellcode 50 byes Author: Pedro Cabral Purpose: spawn /bin/sh shell Tested On: Ubuntu 16.04.01 LTS Arch: x86 Size: 50 bytes...

Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)

/ Title: Linux\x86 NOT +SHIFT-N+ XOR-N + encoded /bin/sh Shellcode 50 byes Author: Pedro Cabral Purpose: spawn /bin/sh shell Tested On: Ubuntu 16.04.01 LTS Arch: x86 Size: 50 bytes sh.asm global start section .text start: xor eax, eax ; reseting the register push eax ; pushing null terminator pus...

Contiki-NG buffer overflow vulnerability (CNVD-2019-09779)

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. A buffer overflow vulnerability exists in lvmshiftforoperator in os/storage/antelope/lvm.c in Contiki-NG 4.1 and earlier versions when parsing AQL, which can be exploited by an attacker to cause a denial...

CVE-2018-16665

An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow while parsing AQL in lvmshiftforoperator in os/storage/antelope/lvm.c...

CVE-2017-16346

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the smac key is copied using strcpy to the buffer at 0xa000170c. This buffer is 25 bytes large, sending anything longer will cause a buffer...

P = NP: Cloud data protection in vulnerable non-production environments

Data is the holy grail of your cloud workloads for attackers. Data breaches are the kind of breaches that make the news. With the recent European Union General Data Protection Regulations GDPR, they will make even bigger headlines. From an enterprise point of view, the most challenging aspect of...

Security Bulletin: Mutiple vulnerabilities in zlib affect IBM ILOG CPLEX Optimization Studio

Summary The gz feature, provided by the open source zlib, is used to decompress files automatically. A denial of service may be caused by four potential vulnerabilities. Vulnerability Details CVEID: CVE-2016-9840 DESCRIPTION: zlib is vulnerable to a denial of service, caused by an out-of-bounds...

CVE-2018-9975

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-9975

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

January 31, 2018—KB4058258 (OS Build 16299.214)

January 31, 2018—KB4058258 OS Build 16299.214 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue that causes Hyper-V VMs that are replicated using Hyper-V Replica or Azure Sit...

Foxit Reader shift event remote code execution vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in shift event handling, which can be exploited by an attacker to execute arbitrary code in the context of the current process due to a lack of validation before performing an operation on ...

Foxit Reader shift event Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of shi...

CVE-2018-8882

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...

CVE-2018-8882

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...

CVE-2018-8882

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...

Stack overflow

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...

DEBIAN-CVE-2018-8882

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...