UBUNTU-CVE-2016-8623

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure...

openSUSE Security Update : guile (openSUSE-2016-1235)

This update for guile fixes the following issues : - CVE-2016-8606: REPL server vulnerable to HTTP inter-protocol attacks bsc1004226. - CVE-2016-8605: Thread-unsafe umask modification bsc1004221. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

DirtyCow Local Root Proof Of Concept Exploit

Exploit for linux platform in category local exploits / uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot -pthread $ ./cowroot DirtyCow root privilege escalation Backing up /usr/bin/passwd.. to /tmp/bak Size of binary: 57048 Racing, this may take a while.. /usr/bin/passwd...

Linux Kernel 2.6.22 3.9 (x86x64) - Dirty COW procselfmem Race Condition Privilege Escalation (SUID Method)

Linux Kernel 2.6.22 3.9 x86x64 - Dirty COW procselfmem Race Condition Privilege Escalation SUID Method / EDB-Note: After getting a shell, doing "echo 0 /proc/sys/vm/dirtywritebackcentisecs" may make the system more stable. uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot...

Tunnel TCP connections over HTTP: Tunna

Tunnel TCP connections over HTTP Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. In a fully firewalled inbound and outbound connections restricted – except the webserver port. The...

Oracle MySQL 5.7.x < 5.7.13 Multiple Vulnerabilities

Binary data 9616.prm...

Multiple Denial of Service Vulnerabilities in GNU Libosip

GNU Libosip is a standard library written in C for multi-threaded safety. GNU Libosip suffers from multiple denial of service vulnerabilities. An attacker could exploit this vulnerability to cause a denial of service...

Android debuggerd.cpp elevation of privilege vulnerability

Android is a mobile operating system based on the Linux open kernel, and Debuggerd is one of the system startup process components. An elevation of privilege vulnerability exists in the debuggerd/debuggerd.cpp file in Android Debuggerd, which stems from the program's failure to properly handle th...

CVE-2016-3885

debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACEATTACH operations and thread exits, which allows attackers to gain privileges via a crafted application, aka internal b...

UBUNTU-CVE-2016-3885

debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACEATTACH operations and thread exits, which allows attackers to gain privileges via a crafted application, aka internal b...

glibc - getaddrinfo Remote Stack Buffer Overflow

glibc - getaddrinfo Remote Stack Buffer Overflow / add by SpeeDr00t@Blackfalcon jang kyoung chip This is a published vulnerability by google in the past. Please refer to the link below. Reference: - https://googleonlinesecurity.blogspot.kr/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html -...

Adobe Flash - Use-After-Free When Returning Rectangle

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=842 Several methods in flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a MovieClip...

Teamspeak 3 Use-After-Free / Information Disclosure / DoS

Teamspeak 3 RCE advisory by: ff214370685e536b9ee021c7ff6b7680bfbe6008bc29f87511b6b90256043536 August 10, 2016 While auditing the Teamspeak 3 server I've discovered several 0-day vulnerabilities which I'll describe in detail in this advisory. They exist in the newest version of the server, version...

CoolPlayer+ Portable 2.19.6 Stack Overflow

Exploit Title: CoolPlayer+ Portable build 2.19.6 - .m3u Stack Overflow Egghunter+ASLR bypass Exploit Author: Karn Ganeshen Download link: https://sourceforge.net/projects/portableapps/files/CoolPlayer%2B%20Portable/CoolPlayerPlusPortable2.19.6.paf.exe/download?usemirror=liquidtelecom Version:...

[SECURITY] Fedora 23 Update: kf5-threadweaver-5.24.0-1.fc23

KDE Frameworks 5 Tier 1 addon for advanced thread management...

[SECURITY] Fedora 24 Update: kf5-threadweaver-5.24.0-1.fc24

KDE Frameworks 5 Tier 1 addon for advanced thread management...

OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...

PHP < 5.5.28, 5.6.x < 5.6.12 DoS Vulnerability (Jul 2016) - Windows

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Fedora 22 : webkitgtk4 (2016-f5107c318e)

This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...

PHP 5.5.x < 5.5.37 / 5.6.x < 5.6.23 / 7.0.x < 7.0.8 Multiple Vulnerabilities

Binary data 9393.prm...