GTA 5 Online Game - Timeout Sync Money Vulnerability

Document Title: =============== GTA 5 Online Game - Timeout Sync Money Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2142 View Video: https://www.youtube.com/watch?v=Iz6xYtP-sYY Release Date: ============= 2018-08-21 Vulnerability Laboratory ID VL-ID:...

GTA 5 Online Game - Timeout Sync Money Vulnerability

Document Title: =============== GTA 5 Online Game - Timeout Sync Money Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2142 View Video: https://www.youtube.com/watch?v=Iz6xYtP-sYY Release Date: ============= 2018-08-20 Vulnerability Laboratory ID VL-ID:...

CloudMe Sync 1.10.9 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link:...

CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)

CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link:...

CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)

Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link: https://www.cloudme.com/downloads/CloudMe1109.exe Tested on: Windows 10 Home x...

Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability(CVE-2018-3918)

Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the "sync" operation, leading to arbitrary deleti...

GHSA-WXVM-FH75-MPGR Critical severity vulnerability that affects dns-sync

Withdrawn, accidental duplicate publish. The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function...

Critical severity vulnerability that affects dns-sync

Withdrawn, accidental duplicate publish. The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function...

Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability

Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings’ remote servers, which incorrectly handle camera IDs for the “sync” operation, leading to arbitrary deleti...

GHSA-JCW8-R9XM-32C6 Command Injection in dns-sync

Affected versions of dns-sync have an arbitrary command execution vulnerability in the resolve method. Recommendation - Use an alternative dns resolver - Do not allow untrusted input into dns-sync.resolve...

Command Injection in dns-sync

Affected versions of dns-sync have an arbitrary command execution vulnerability in the resolve method. Recommendation - Use an alternative dns resolver - Do not allow untrusted input into dns-sync.resolve...

RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2177 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update

An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

dns-sync Command Injection Vulnerability

dns-sync is a library used in Node.js that allows to resolve hostnames in a synchronized way. A security vulnerability exists in dns-sync. An attacker can exploit this vulnerability to inject commands with untrusted user input...

CVE-2018-12907

In Rclone 1.42, use of "rclone sync" to migrate data between two Google Cloud Storage buckets might allow attackers to trigger the transmission of any URL's content to Google, because there is no validation of a URL field received from the Google Cloud Storage API server, aka a "RESTLESS" issue...

Fedora 27 : 1:epiphany (2018-de5457b0a2)

Ensure search engine migration does not fail 794645 - Do not open adblock filters when automatic open downloads is enabled 794646 - Fix crash destroying sync service 794728 - Fix CVE-2018-11396/CVE-2018-12016 795740 - Do not use Fanboy's Annoyance adblock list by default 796245 - Fix a couple...

Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability (CVE-2016-8610)

Summary Aspera Applications has addressed the following OpenSSL vulnerability. Vulnerability Details CVEID:CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets during a SSL handshake. By sending specially-crafted packet...

sync-exec information disclosure vulnerability

sync-exec is a synchronized executable with status code support. A security vulnerability exists in sync-exec versions prior to 0.11.9, which stems from another user on the server having read access to the tmp directory. An attacker can use this vulnerability to obtain sensitive file information ...

Sync Breeze HTTP POST Request Handling Remote Stack Buffer Overflow

Sync Breeze product contains an overflow condition that is triggered when handling overly large HTTP POST requests e.g. sent to /login. This may allow a remote attacker to cause a stack-based buffer overflow and execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if...

Multiple Calendars Secure Mail

Question: Can I synchronize multiple calendar or contacts folders using Secure Mail? Answer: You can only synchronize your default calendar folder, contact folder, and tasks folder. There is a third party limitation related to how Active Sync works, on the Microsoft website you can find the...