Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a combination of problems with jit blinding and pointers to bpf subroutines...

Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore

Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1065)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1092)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1110)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ghostscript security, bug fix, and enhancement update

9.25-2 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel 9.25-1 - Rebase to latest upstream version bug 1636115 - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...

EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2019-1110)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: access bypass in psi/zdevice2.c 700153 CVE-2018-19475 - ghostscript: access bypass in psi/zicc.c 700169 CVE-2018-19476 -...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-1065)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: access bypass in psi/zdevice2.c 700153 CVE-2018-19475 - ghostscript: access bypass in psi/zicc.c 700169 CVE-2018-19476 -...

ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators (700317)

It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system outside of the SAFER...

Oracle Database Server MDSYS.SDO_CS缓冲区溢出漏洞

Oracle Database Server是一款商业性质的功能强大的数据库服务程序。 Oracle Database Server处理MDSYS.SDOCS.TRANSFORM函数存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Oracle Database Server提供的MDSYS.SDOCS包包含子程序用于与协作系统工作。此包TRANSFORM过程处理存在缓冲区溢出，任何对MDSYS.SDOCS有执行权限的Oracle数据库用户可利用此漏洞。 Oracle Oracle9i Standard Edition 9.2 .6 Oracle Oracle9i...

xine-cddb-server.pl.txt

!/usr/bin/perl -- xine-cddb-server by Ulf Harnhammar in 2005 I hereby place this program in the public domain. use strict; use IO::Socket; $main::port = 8880; $main::timeout = 5; SUBROUTINES sub mysend$$ my $file = shift; my $str = shift; print $file "$str\n"; print "SENT: $str\n"; sub mysend sub...