This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 - wkupccpu debugfs driver.
d40d38e0a9f14578c574f26fe0869def5ba0555d6b646ec1c96d3aea5c4ed0ceB-Sides Ljubljana will be held March 10th, 2018 in Ljubljana, Slovenia.
75dbe608b259f7af46e607005c25a461191ae85ac18fc61d3d7cca58690f0231Microsoft Windows 10 offers a biometric authentication mechanism using "near infrared" face recognition technology with specific Windows Hello compatible cameras. Due to an insecure implementation of the biometric face recognition in some Windows 10 versions, it is possible to bypass the Windows Hello face authentication via a simple spoofing attack using a modified printed photo of an authorized person.
a28797336445a321ee3b9f535cf1f6527d20a26299595c9bcfc659a304c665cdPalo Alto Networks PAN-OS versions before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
7be48f21d06d8e8fb84d281ea3b5bbbd64537ad06a4e2cece5e4add5ee476653Joomla! NextGen Editor component version 2.1.0 suffers from a remote SQL injection vulnerability.
52af61736d740de8c66194d01206bf54c6c6ef4d9a32676a8ae038bc8e9120a3BrightSign Digital Signage suffers from cross site scripting, directory traversal, and file upload vulnerabilities.
678a401a7541d4d0addd1eeaee281beaed46829a9f840998ee351e02911c92ddThe Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges.
d649e78ec90ab2bb58cabd020a0732e51ddfd767b2218861290b8350505c13e9Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.
b19febc2e65ff51a5e7e50e13c140bf754767a3fbfaae851f26d0fc137086b0bWordPress Itinerary plugin version 1.0.0 suffers from a cross site scripting vulnerability.
d7b3333fd0d887d35ddf459bc14c8687a77f87b251544d2303feba0514813b16This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap <= 9.6 which could be abused by authenticated users to execute arbitrary PHP code with the permissions of the webserver. The vulnerability exists because of the User::getRecentElements() method is using the unserialize() function with data that can be arbitrarily manipulated by a user through the REST API interface. The exploit's POP chain abuses the __toString() method from the Mustache class to reach a call to eval() in the Transition_PostActionSubFactory::fetchPostActions() method.
b7ed3767d2e556f3c32b4d333b7a61ed02e66ba71ca064fedea6edb456ce4664This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default installations. Authentication is not required to exploit the vulnerability.
52a40982d2eed44b68632a3f6deca119172cfb8a682bb8fd52169cc4b2182bbaJoomla! JB Visa component version 1.0 suffers from a remote SQL injection vulnerability.
bc4a4802db9f11d7940f1cf557d637e48781d4599af0630166c45ad7ff9e8933This is a brief whitepaper discussing how to perform man-in-the-middle attacks as an exit node on TOR.
0f52accc93bc9d4f2ed2e7393a4bc7289bcd92489c25dd669cea0e8b074a2063There is an out-of-bounds read in jscript.dll library (used in IE, WPAD and other places).
515090618f71572b31595b0c710c2e74b500c7981760cbca93b60481466fa253There is an heap overflow vulnerability in jscript.dll library (used in IE, WPAD and other places). The bug affects 2 functions, JsArrayStringHeapSort and JsArrayFunctionHeapSort.
deac9cd1e6753834b079b602c10a506a085746a6093d25bcb66aa97015e0c366
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed