CVE-2017-17512

sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

UBUNTU-CVE-2017-17512

sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

PT-2017-3532

Name of the Vulnerable Software and Affected Versions: glibc version 2.1.1 Description: The issue is related to a memory leak in glibc that can be triggered and amplified through the LD HWCAP MASK environment variable. It is associated with errors in resource management in the dynamic loader ld.s...

global -- gozilla vulnerability

MITRE reports: gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

Fedora 25 : mrbs (2017-b5bcfedf10)

Changes since MRBS 1.6.1 : - Fixed a number of security issues in MRBS that were disclosed to the project by SySS GmbH, including XSS, CSRF protection and session fixation. - Improved behaviour of browser caching in MRBS. - Improved localisation, especially the use of colons in labels. - Added ne...

Design/Logic Flaw

In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service Segmentation Fault, because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value...

CVE-2017-17497

In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service Segmentation Fault, because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value...

CVE-2017-17497

In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service Segmentation Fault, because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value...

Arbitrary Code Execution

squizlabs/PHPCodeSniffer is vulnerable to remote code execution RCE attacks. The library does not properly escape the filepath variable for the generateDiff function, allowing a malicious user to inject and execute arbitrary shell commands...

Multiple Huawei Product Type Confusion Vulnerability

Huawei Agassi-L09HN and others are smartphone products from Huawei, a Chinese company. A type confusion vulnerability exists in multiple Huawei products, where the vulnerability stems from a program initializing a variable during a registration and later using the variable with a different data...

CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...

Octopus Deploy XSS Vulnerability

Cross-site scripting XSS vulnerability in the All Variables tab in Octopus Deploy allows remote attackers to inject arbitrary web script or HTML via the Variable Set Name parameter. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...

CVE-2017-1000172

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravitylexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free conditio...

Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3 Let's start with a switch statement and its IR code for JIT. JS: for let i = 0; i ; 100; i++ switch i case 2: case 4: case 6: case 8: case 10: case 12: case 14: case...

Microsoft Edge Chakra JIT - Type Confusion with switch Statements

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3 Let's start with a switch statement and its IR code for JIT. JS: for let i = 0; i ; 100; i++ switch i case 2: case 4: case 6: case 8: case 10: case 12: case 14: case 16: case 18: case 20: case 22: case 24: case 26: ca...

[SECURITY] Fedora 25 Update: lame-3.100-1.fc25

LAME is an open source MP3 encoder whose quality and speed matches commercial encoders. LAME handles MPEG1,2 and 2.5 layer III encoding with both constant and variable bitrates...

CVE-2017-16810

Cross-site scripting XSS vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 fixed in 3.13.7 allows remote attackers to inject arbitrary web script or HTML via the Variable Set Name parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 fixed in 3.13.7 allows remote attackers to inject arbitrary web script or HTML via the Variable Set Name parameter...

CVE-2017-16810

Cross-site scripting XSS vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 fixed in 3.13.7 allows remote attackers to inject arbitrary web script or HTML via the Variable Set Name parameter...

Octopus Deploy 'Variable Set Name' Parameter Cross-Site Scripting Vulnerability

Octopus Deploy is an automation tool from Octopus Deploy Australia for development and deployment of . A cross-site scripting vulnerability exists in the All Variables tag in Octopus Deploy versions 3.4.0-3.13.6. A remote attacker can exploit this vulnerability to inject arbitrary web script or...