1090 matches found
CVE-2020-24613
wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAITCERTCR state, within SanityCheckTls13MsgReceived in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers...
Linux kernel out-of-bounds read vulnerability (CNVD-2020-14290)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in setfdc in drivers/block/floppy.c in Linux kernel 5.5.6 and earlier. An attacker can exploit this vulnerability to cause...
DEBIAN-CVE-2020-9383
An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2...
UBUNTU-CVE-2020-9383
An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2...
SUSE-SU-2020:0353-1 Security update for systemd
This update for systemd provides the following fixes: - CVE-2020-1712 bscbsc1162108 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or...
UBUNTU-CVE-2020-1700
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by...
UBUNTU-CVE-2019-19073
Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering waitforcompletiontimeout failures. This affects the htcconfigpipecredits function, the htcsetupcomplete function, and the...
ScanQLi - Scanner To Detect SQL Injection Vulnerabilities
ScanQLi is a simple SQL injection scanner with somes additionals features. This tool can't exploit the SQLi, it just detect them. Tested onDebian 9 Features Classic Blind Time based GBK soon Recursive scan follow all hrefs of the scanned web site Cookies integration Adjustable wait delay between...
PT-2019-12079 · Salicru · Slc-20-Cube3
Name of the Vulnerable Software and Affected Versions: Salicru SLC-20-cube35 devices running firmware version cs121-SNMP v4.54.82.130611 Description: A reflected HTML injection issue allows remote attackers to inject arbitrary HTML elements via specific API endpoints, including /DataLog.csv?log=,...
CVE-2018-1786
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSEWAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871...
kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c
A flaw was found in the Linux kernel's handling of fork failure when dealing with event messages in the userfaultfd code. Failure to fork correctly can create a fork event that will be removed from an already freed list of events...
UBUNTU-CVE-2017-18200
The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fswaitdiscardbios calls, which allows local users to cause a denial of service BUG, as demonstrated by fstrim...
ICMPExfil - Exfiltrate data with ICMP
ICMP Exfil allows you to transmit data via valid ICMP packets. You use the client script to pass in data you wish to exfiltrate, then on the device you're transmitting to you run the server. Anyone watching-- human or security system-- will just see valid ICMP packets, there's nothing malicious...
await vs return vs return await
When writing async functions, there are differences between await vs return vs return await, and picking the right one is important. Let's start with this async function: async function waitAndMaybeReject // Wait one second await new Promiser = setTimeoutr, 1000; // Toss a coin const isHeads =...
kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf
It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUGON in sctpwaitforsndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread...
Reliability and scalability improvements in TCP/IP for Windows 8.1 and Windows Server 2012 R2
Reliability and scalability improvements in TCP/IP for Windows 8.1 and Windows Server 2012 R2 Summary This article describes various network and computer issues that occur when TCP ephemeral ports are exhausted in Windows 8.1 or Windows Server 2012 R2. An update is available to fix these issues...
Linux kernel local denial of service vulnerability (CNVD-2017-02604)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in Linux kernel prior to version 4.10.1, where a local attacker can cause a denial of service invalid unlock and double release...
UBUNTU-CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service invalid unlock and double free via a multithreaded application. NOTE: this vulnerability exists because...
UBUNTU-CVE-2017-5986
Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...
The vulnerability of the NX-OS network operating system allows a hacker to induce a maintenance failure.
The vulnerability of the NX-OS network operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure TCP stack reboot by sending TCP packets to the device during the TIMEWAIT TCP session...