Null pointer dereference

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Un-trusted pointer de-reference issue by accessing a variable which is already freed...

CVE-2018-11988

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Un-trusted pointer de-reference issue by accessing a variable which is already freed...

CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

Information Disclosure

managesieve is vulnerable to information disclosure attacks. The vulnerability exists as the environment variable SIEVEPASSWORD is disclosed when displaying usage help...

PT-2019-10725 · Intel +4 · Udk2018 +7

Name of the Vulnerable Software and Affected Versions: EDK II affected versions not specified UDK2018 affected versions not specified UDK2017 affected versions not specified UDK2015 affected versions not specified Description: The issue is related to a logic problem in the variable service module...

GNU inetutils 1.9.4 telnet.c Overflows

GNU inetutils = 1.9.4 telnet.c multiple overflows ================================================== GNU inetutils is vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. Most modern...

CVE-2018-8627

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus,...

CVE-2018-8627

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus,...

Microsoft Excel Information Disclosure Vulnerability (CNVD-2019-02779)

Microsoft Excel is one of the components of Microsoft's office software Microsoft office, a spreadsheet software written and run by Microsoft for computers with Windows and Apple Macintosh operating systems. An information disclosure vulnerability exists in Microsoft Excel. The vulnerability...

Cross site scripting

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable...

Unauthorized operation vulnerability in NA300 PLC (CNVD-2018-26208)

The NA300 PLC is a mid-size programmable controller. An unauthorized operation vulnerability exists in the NA300 PLC. An attacker can exploit the vulnerability to remotely tamper with system inputs and outputs, variable values, etc...

Buffer Overflow Vulnerability in NA300 PLCs

The NA300 PLC is a mid-size programmable controller. A buffer overflow vulnerability exists in the NA300 PLC. The vulnerability stems from et failing to properly handle functions. An attacker can overwrite the return address by constructing a variable length that exceeds variable v30...

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the ForInContext Object

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the ForInContext Object / This is simillar to issue 1263 . When hoisting a function onto the outer scope, if it overwrites the iteration variable for a for-in loop it should invalidate the corresponding...

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Exploit

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the ForInContext Object / This is simillar to issue 1263 . When hoisting a function onto the outer scope, if it overwrites the iteration variable for a for-in loop it should invalidate the corresponding...

Information Disclosure

ShowDoc/ShowDoc is vulnerable to information disclosure. The library does not properly configure it's access controls by default, allowing a malicious user to use the pageid variable in the URL to gain access to sensitive information...

MariaDB Client 10.1.26 - Denial of Service Exploit

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

MariaDB Client 10.1.26 Denial Of Service

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

MariaDB Client 10.1.26 - Denial of Service (PoC)

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

[SECURITY] Fedora 27 Update: libconfuse-3.2.2-1.fc27

libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and lists of values strings, integers, floats, booleans or other sections, as well as some other features such as single/double-quoted strings, environment variab...

Cmd and Conquer: De-DOSfuscation with flare-qdb

When Daniel Bohannon released his excellent DOSfuscation paper, I was fascinated to see how tricks I used as a systems engineer could help attackers evade detection. I didn’t have much to contribute to this conversation until I had to analyze a hideously obfuscated batch file as part of my job on...