Lucene search
+L

123 matches found

Cvelist
Cvelist
added 2020/08/24 5:15 p.m.39 views

CVE-2020-7705 Malicious Package

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...

7.1CVSS8.1AI score0.0117EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2020/07/24 11:36 a.m.22 views

Update on NIST's Post-Quantum Cryptography Program

NIST has posted an update on their post-quantum cryptography program: After spending more than three years examining new approaches to encryption and data protection that could defeat an assault from a quantum computer, the National Institute of Standards and Technology NIST has winnowed the 69...

7.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/06/06 4:0 p.m.80 views

Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness

The “Lessons learned from the Microsoft SOC” blog series is designed to share our approach and experience with security operations center SOC operations, so you can use what we learned to improve your SOC. The learnings in the series come primarily from Microsoft’s corporate IT security operation...

7.3AI score
Exploits0
Node.js
Node.js
added 2019/05/06 2:3 p.m.12 views

Malicious Package

Overview All versions of asynnc typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

6.6AI score
Exploits0Affected Software1
Fedora
Fedora
added 2018/04/06 3:3 p.m.30 views

[SECURITY] Fedora 27 Update: bchunk-1.2.2-1.fc27

The bchunk package contains a UNIX/C rewrite of the BinChunker program. BinChunker converts a CD image in a .bin/.cue format sometimes .raw/.cue into a set of .iso and .cdr tracks. The .bin/.cue format is used by some non-UNIX CD-writing software, but is not supported on most other CD-writing...

5.5CVSS2.5AI score0.01EPSS
Exploits0
Fedora
Fedora
added 2018/04/06 2:38 p.m.25 views

[SECURITY] Fedora 26 Update: bchunk-1.2.2-1.fc26

The bchunk package contains a UNIX/C rewrite of the BinChunker program. BinChunker converts a CD image in a .bin/.cue format sometimes .raw/.cue into a set of .iso and .cdr tracks. The .bin/.cue format is used by some non-UNIX CD-writing software, but is not supported on most other CD-writing...

5.5CVSS2.5AI score0.01EPSS
Exploits0
Securelist
Securelist
added 2018/02/06 10:0 a.m.10 views

BSides NYC, a volunteer organized event put on by and for the community

Another edition of BSides NYC has passed, and as first time attendee and presenter, I was genuinely impressed with the impeccable organization, the content shared, and the interesting conversations that took place among enthusiasts and professionals from all over the world. I've been a long time...

6.8AI score
Exploits0
OSV
OSV
added 2017/08/10 3:29 p.m.1 views

DEBIAN-CVE-2014-0142

QEMU, possibly before 2.0.0, allows local users to cause a denial of service divide-by-zero error and crash via a zero value in the 1 tracks field to the seektosector function in block/parallels.c or 2 extentsize field in the bochs function in block/bochs.c...

5.5CVSS6.5AI score0.00382EPSS
Exploits0References1
rapid7community
rapid7community
added 2017/06/07 2:6 p.m.21 views

We want YOU...to speak at UNITED 2017!

Are you an IT or security professional who secretly dreams of speaking to a group of passionate people facing the same challenges and celebrating the same victories as you? Dream no more: For the next three weeks, were accepting submissions for presentations at UNITED 2017 September 13-14 in...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2017/05/09 12:0 a.m.17 views

LG G4 MRA58K - mkvparser::Tracks constructor Failure to Initialise Pointers

LG G4 MRA58K - mkvparser::Tracks constructor Failure to Initialise Pointers Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1117 Failure to initialise pointers in mkvparser::Tracks constructor The constructor mkvparser::Tracks::Tracks doesn't handle parsing failures correctly. I...

0.1AI score
Exploits0
0day.today
0day.today
added 2017/05/09 12:0 a.m.30 views

LG G4 MRA58K - mkvparser::Tracks constructor Failure to Initialise Pointers Exploit

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1117 Failure to initialise pointers in mkvparser::Tracks constructor The constructor mkvparser::Tracks::Tracks doesn't handle parsing failures correctly. If we look at the function...

0.2AI score
Exploits0
OSV
OSV
added 2017/03/12 1:59 a.m.14 views

UBUNTU-CVE-2017-6814

In WordPress before 4.7.3, there is authenticated Cross-Site Scripting XSS via Media File Metadata. This is demonstrated by both 1 mishandling of the playlist shortcode in the wpplaylistshortcode function in wp-includes/media.php and 2 mishandling of meta information in the renderTracks function ...

5.4CVSS6.4AI score0.0337EPSS
Exploits1References7
OSV
OSV
added 2017/03/12 1:59 a.m.5 views

DEBIAN-CVE-2017-6814

In WordPress before 4.7.3, there is authenticated Cross-Site Scripting XSS via Media File Metadata. This is demonstrated by both 1 mishandling of the playlist shortcode in the wpplaylistshortcode function in wp-includes/media.php and 2 mishandling of meta information in the renderTracks function ...

5.4CVSS5.2AI score0.0337EPSS
Exploits1References1
CNVD
CNVD
added 2017/02/10 12:0 a.m.2 views

GStreamer Multiple Function Denial of Service Vulnerability

GStreamer is an open source multimedia framework. GStreamer has a security vulnerability in the gstminiobjectunref/gsttaglistunref/gstmxfdemuxupdateessencetracks function. A remote attacker caused a denial of service...

7.5CVSS7.6AI score0.03804EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/01/31 12:0 a.m.230 views

Mozilla Firefox < 51 Multiple Vulnerabilities

Binary data 9927.prm...

9.8CVSS7.7AI score0.33199EPSS
Exploits24References26
hackapp
hackapp
added 2016/04/01 10:1 a.m.13 views

Racing 3D: Asphalt Real Tracks - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Racing 3D: Asphalt Real Tracks published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Talos
Talos
added 2016/01/28 12:0 a.m.33 views

Matroska Media Container libmatroska Multiple ElementList Double Free Vulnerabilities

Talos Vulnerability Report TALOS-2016-0037 Matroska Media Container libmatroska Multiple ElementList Double Free Vulnerabilities January 28, 2016 CVE Number CVE-2016-1515 Description A use after free/double free vulnerability can occur in libmatroska while parsing Track elements of the MKV...

9.2AI score
Exploits0
Hacker One
Hacker One
added 2015/03/11 8:40 a.m.17 views

Vimeo: A user can enhance their videos with paid tracks without buying the track

It is possible to enhance videos with paid tracks without buying the track. Steps to verify: 1. Log into vimeo.com and navigate to https://vimeo.com/enhancer. 2. Click on any paid music track and note down the track id from the URL ex:...

0.7AI score
Exploits0
NVD
NVD
added 2015/01/22 10:59 p.m.19 views

CVE-2014-7933

Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...

7.5CVSS7AI score0.02803EPSS
Exploits0References12
Prion
Prion
added 2015/01/22 10:59 p.m.25 views

Design/Logic Flaw

Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...

7.5CVSS7.5AI score0.02803EPSS
Exploits0References12Affected Software2
Rows per page
Query Builder