Lucene search
+L

654 matches found

0day.today
0day.today
added 2017/09/26 12:0 a.m.132 views

Broadcom 802.11r (FT) Reassociation Response Overflows Vulnerability

Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r FT Reassociation Response. Broadcom: Multiple overflows when handling 802.11r FT Reassociation Response CVE-2017-11121 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. Thes...

10CVSS9.6AI score0.02794EPSS
Exploits3
android
android
added 2017/09/01 12:0 a.m.39 views

CVE-2017-11121

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205...

10CVSS2.5AI score0.02794EPSS
Exploits3References2
rapid7community
rapid7community
added 2017/08/24 4:14 p.m.45 views

The Next Generation of the Rapid7 Community

Rapid7s community is evolving! For the past several years, community.rapid7.com has been our platform for news and knowledge spanning blogs, questions, discussion, and documentation. We have tried to ensure that our community site has been a source of pragmatic, down-to-earth information and...

6.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/08/17 6:31 p.m.45 views

Access and Delivery different sides of the same coin

We are often so caught up in our own realities that we miss obvious similarities or synergies. Luckily when various people look at the same situation, different perspectives emerge. I was reminded of that recently during a conversation with one of our large pharma customers. Akamai helps our...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/07 10:59 a.m.11 views

ncset.org XSS vulnerability

Vulnerable URL: http://www.ncset.org/topics/ieptransition/default.asp?topic=1"...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/06/15 12:0 a.m.66 views

Debian DSA-3881-1 : firefox-esr - security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing. Debian follows the extended support...

9.8CVSS7AI score0.05216EPSS
Exploits11References20
NVD
NVD
added 2017/06/05 2:29 p.m.21 views

CVE-2017-8438

Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the runas functionality. This bug prevents transitioning into the specified user specified in a runas request. If a role has been created using a template that contains the user properties, the behavior of runas...

8.8CVSS8.8AI score0.01025EPSS
Exploits0References3
OSV
OSV
added 2017/05/24 3:29 p.m.5 views

ALPINE-CVE-2017-9228

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

9.8CVSS7.2AI score0.06261EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2017/05/24 3:0 p.m.41 views

CVE-2017-9228

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

9.8CVSS8.1AI score0.06261EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/04/19 12:0 a.m.253 views

Debian DLA-896-1 : icedove/thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. With version 45.8 Debian drops it's custom branding from the Icedove package an...

10CVSS8.2AI score0.33199EPSS
Exploits23References20
OSV
OSV
added 2017/04/05 2:59 p.m.6 views

CVE-2017-6956

On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...

8.8CVSS6.5AI score0.01984EPSS
Exploits0References2
NVD
NVD
added 2017/04/05 2:59 p.m.31 views

CVE-2017-6956

On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...

8.8CVSS7.5AI score0.01984EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/04/05 2:0 p.m.35 views

CVE-2017-6956

On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...

7.7AI score0.01984EPSS
Exploits0References2
seebug.org
seebug.org
added 2017/04/05 12:0 a.m.101 views

Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE (CVE-2017-0561)

详细分析:https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Posted by Gal Beniamini, Project Zero It's a well understood fact that platform security is an integral part of the security of complex systems. For mobile devices, this statement rings even truer; modern...

10CVSS10AI score0.30032EPSS
Exploits4
seebug.org
seebug.org
added 2017/04/05 12:0 a.m.69 views

Broadcom: Stack buffer overflow when handling 802.11r (FT) authentication response (CVE-2017-6975)

Detailed analysis of reference : the https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html the first part https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi11.html Part II Broadcom produces the Wi-Fi HardMAC SoCs which are used to...

7.2CVSS7.3AI score0.00537EPSS
Exploits3
MSRC
MSRC
added 2017/03/14 7:0 a.m.14 views

March 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Security bulletins were also...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2017/03/02 8:17 p.m.18 views

HackerOne: Transitioning a Private Program to Public Does Not Clear Previously Private Updates to Hackers

Summary: Transitioning a private program to public does not clear the previously private updates to hackers Description Include Impact: If you are managing a private bug bounty program and choose to message hackers in the program with a targeted bounty campaign or other limited / private messagin...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/02/28 10:21 a.m.16 views

Torvalds Downplays SHA-1 Threat to Git

When researchers demonstrated the first practical collision attack for the cryptographic hash function SHA-1 last week, they also identified related vulnerabilities impacted by the now-compromised algorithm. According to the SHAttered research post, co-authored by Google and a host of cryptograph...

Exploits0References3
NVD
NVD
added 2017/01/26 5:59 p.m.14 views

CVE-2016-8227

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges...

7.8CVSS7.9AI score0.00349EPSS
Exploits0References2
Prion
Prion
added 2017/01/26 5:59 p.m.11 views

Privilege escalation

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges...

7.2CVSS7.6AI score0.00349EPSS
Exploits0References2
Rows per page
Query Builder