md4c buffer overflow vulnerability

md4c is a C-based Markdown a markup language parser . A buffer overflow vulnerability exists in the 'mdsplitsimplepairingmark' function in versions of md4c prior to 0.2.5. An attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code...

CVE-2018-0247

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

CVE-2018-0247

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

January 31, 2018—KB4058258 (OS Build 16299.214)

January 31, 2018—KB4058258 OS Build 16299.214 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue that causes Hyper-V VMs that are replicated using Hyper-V Replica or Azure Sit...

QEMU: VGA: reachable assert failure during display update

An assert failure issue was found in the VGA display emulator built into the Quick emulator QEMU. It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QE...

QEMU: VGA: reachable assert failure during display update

An assert failure issue was found in the VGA display emulator built into the Quick emulator QEMU. It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QE...

Denial Of Service (DoS) Through Null Pointer Access

libarchive.so is susceptible to Denial of Service DoS through null pointer access. The vulnerability is possible when the header is a split file in multivolume RAR, it does not properly check the file name and flag for multivolume, allowing the attacker to parse malicious .rar files...

Ruby: HTTP header can split /[\r\n]/ instead of /\r\n/

https://www.ruby-lang.org/ja/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/...

Reverse Split Tunnel Use Case in XenMobile Server and NetScaler Integration

This article describes Reverse Split Tunnel use case in XenMobile Server and NetScaler, and its configuration steps...

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check...

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation

Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check impersonation token’s security level leading to impersonating a non-AC anonymous token...

Cross site scripting

IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as We...

CVE-2017-1262

IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as We...

CVE-2017-1262

IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as We...

Description of the security update for Microsoft Exchange: December 12, 2017

Description of the security update for Microsoft Exchange: December 12, 2017 Summary This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access OWA. The vulnerability could allow elevation of privilege or spoofing in Microsoft Exchange Server if an attacker sends an...

TestTrack Server Denial of Service Vulnerability

TestTrack is an open source feature switching system written in Ruby. server is one of the servers. A denial of service vulnerability exists in the split disablement feature in TestTrack Server 1.0 and earlier versions. A remote attacker could use this to cause a denial of service...

Denial Of Service (DoS)

github.com/moby/moby formerly known as github.com/docker/docker is vulnerable to denial of service DoS attacks. These attacks are possible because the NewInputTarStream function in tar-split does not limit the number of \0's at the end of an archive, filling the RAM...

CVE-2017-1503

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perfor...

Cross site scripting

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perfor...

m.split-airport.hr XSS vulnerability

Vulnerable URL: http://m.split-airport.hr/detalji.php?type=departure=13'"141〈=hr Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...