SUSE: Security Advisory (SUSE-SU-2019:13991-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

`mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

Predictable SIF UUID Identifiers in github.com/sylabs/sif

Impact The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. Patches A patch is available in version = v1.2.3 of the module. Users are encouraged to upgrade. The pat...

CVE-2021-29499

SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version...

CVE-2021-29499

SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version...

Command injection

SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version...

CVE-2021-29499 Predictable SIF UUID Identifiers

SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version...

Google Android 代码问题漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. A denial of service vulnerability exists in Google Android 11. The vulnerability is caused due to a denial of service due to a missing null check in the RenderStruct of...

CVE-2021-31919

An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct...

Archives may contain uninitialized memory

rkyv is a serialization framework that writes struct-compatible memory to be stored or transmitted. During serialization, struct padding bytes and unused enum bytes may not be initialized. These bytes may be written to disk or sent over unsecured channels...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a Python-based exploit for the CVE-2021-3156 vulnerability in sudo. The exploit targets Linux systems with glibc and nscd service not running. It overwrites the struct serviceuser to gain root privileges. The exploit has several variants, including: 1. exploitnss.py: This is the main...

OSV-2021-389 Bad-cast to tt_cmap_t' (aka 'struct _tt_cmap')_cairo_truetype_index_to_ucs4

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30823 Crash type: Bad-cast Crash state: Bad-cast to ttcmapt' aka 'struct ttcmap'cairotruetypeindextoucs4 cairosubfontglyphlookupunicode cairosubfontmapglyph...

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations...

Sudo Heap-Based Buffer Overflow

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations...

Linux TIOCSPGRP Broken Locking Exploit

Linux: Broken locking in TIOCSPGRP leads to corrupted tty-pgrp refcount tiocspgrp, the handler for the TIOCSPGRP ioctl, has the following signature: static int tiocspgrpstruct ttystruct tty, struct ttystruct realtty, pidt user p It receives two ttystruct pointers because, for PTY pairs, userspace...

10-Strike Network Inventory Explorer Pro 9.05 Buffer Overflow

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow SEH Date: 2020-12-22 Exploit Author: Florian Gassner Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.05 Tested on...

Dup Scout Enterprise 10.0.18 Buffer Overflow

Exploit Title: Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow SEH Date: 2020-12-08 Exploit Author: Andrés Roldán Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/downloads.html Version: 10.0.18 Tested on: Windows 10 Pro x64 !/usr/bin/env python3 import...

RUSTSEC-2020-0073 Mutable reference with immutable provenance

A mutable reference to a struct was constructed by dereferencing a pointer obtained from slice::asptr. Instead, slice::asmutptr should have been called on the mutable slice argument. The former performs an implicit reborrow as an immutable shared reference which does not allow writing through the...

curl security update

7.29.0-59.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...

CVE-2020-25221

A flaw was found in the getgatepage in mm/gup.c in the Linux kernel, where it allows privilege escalation due to incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This flaw is triggered by any 64-bit...