Sql injection

In Progress MOVEit Transfer before 2021.0 13.0, a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server...

ruby -- XML round-trip vulnerability in REXML

Juho Nurminen reports: When parsing and serializing a crafted XML document, REXML gem including the one bundled with Ruby can create a wrong XML document whose structure is different from the original one. The impact of this issue highly depends on context, but it may lead to a vulnerability in...

[SECURITY] Fedora 33 Update: golang-github-buger-jsonparser-1.1.1-1.fc33

Alternative JSON parser for Go. It does not require you to know the structure of the payload eg. create structs, and allows accessing fields by providing the path to them. It is up to 10 times faster than standard encoding/json package depending on payload s ize and usage, allocates no memory...

CVE-2020-24409 Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Vulnerability

Adobe Illustrator version 24.2 and earlier is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This...

CVE-2020-24411 Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Vulnerability

Adobe Illustrator version 24.2 and earlier is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This...

BadBlood - Fills A Microsoft Active Directory Domain With A Structure And Thousands Of Objects

BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding...

ATFuzzer - Dynamic Analysis Of AT Interface For Android Smartphones

"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" is accepted to the 35th Annual Computer Security Applications Conference ACSAC 2019. https://relentless-warrior.github.io/wp-content/uploads/2019/11/atfuzz.pdf Abstract This paper focuses on checkin...

Input validation

Due to missing input validation, SAP Financial Consolidation, before versions 10.0 and 10.1, enables an attacker to use crafted input to interfere with the structure of the surrounding query leading to XPath Injection...

Microsoft Windows Remote Desktop - BlueKeep Denial of Service Exploit

import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...

Microsoft Windows Remote Desktop - BlueKeep Denial of Service

Microsoft Windows Remote Desktop - BlueKeep Denial of Service import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even...

Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service

import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...

Code Injection

Mozilla Thunderbird is vulnerable to remote code execution vulnerability. RSS fields can inject new lines into the created email structure, modifying the message body...

Code injection

The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...

Debian DSA-4106-1 : libtasn1-6 - security update

Two vulnerabilities were discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Hancom Hangul Office HShow!NXDeleteLineObj+0x53692 Code Execution Vulnerability(CVE-2016-4291)

Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul HShow Document .hpt and...

Microsoft Windows - 'IOCTL_MOUNTMGR_QUERY_POINTS' Kernel Mountmgr Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1150&desc=2 We have discovered that the handler of the IOCTLMOUNTMGRQUERYPOINTS IOCTL in mountmgr.sys discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes. On our test...

Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructure' Universal Cross-Site Scripting

jsCallee // newTarget may be an InternalFunction if we were called from Reflect.construct. JSFunction targetFunction = jsDynamicCastnewTarget; if LIKELYtargetFunction ... return targetFunction-rareDatavm-createInternalFunctionAllocationStructureFromBasevm, prototype, baseClass; ... else ... retur...

CVE-2016-5732

Consolidated detail: CVE-2016-5732 affects phpMyAdmin 4.6.x prior to 4.6.3. The vulnerability is a cross-site scripting (XSS) flaw in the partition-range handling implemented in templates/table/structure/display_partitions.phtml, allowing remote attackers to inject arbitrary web script or HTML vi...

Mageia: Security Advisory (MGASA-2016-0114)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQLite fts3_tokenizer Untrusted Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...