The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or response).
6313a8193a04a7546984327f36401b3e595cd897bef3968ddef00a3d7d80f2c5A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.
6ed18788c9d0b689b962cf0717c7f1295a605925baa43166ab82599970c79913KVM suffers from a use-after-free vulnerability after using the emulated VMX preemption timer.
6128c94e53f07c17d60e06af6b3765bb461919eaaf1675c8911ad9a188e4a045KVM suffers from an uninitialized memory leak vulnerability in kvm_inject_page_fault.
37dc7ba8615294d9fc43ecd68259d32a25cc5c8838fffbdc609d3dfd89196566This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book `.cbt` files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload.
be7441cb5d0ca4f4495067990292385a52fbdd586a1d34cad46036dcc7576c4cThis is a small tutorial write up that provides a DynoRoot exploit proof of concept.
05bd61cb8ce0024fe6348ca11ae1d9aa32b087a7faf6df353ddc2aface0c11ebXen suffers from an integer overflow vulnerability in xen-netback xenvif_set_hash_mapping.
a57c9bdaee536be75c911cbc36bfde9628b265d45ec11186e3c633aa95fb102cWhen KVM (on Intel) virtualizes another hypervisor as L1 VM it does not verify that VMX instructions from the L1 VM (which trigger a VM exit and are emulated by L0 KVM) are coming from ring 0.
e4f92891c53308037346815989f93e355401e22ad52a077945971a06a625d400This Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
6b992abd6eb4488b1451744ac9a29b8cfc36bb9a4b8e764995041383204e8229EMC Replication Manager (RM) is affected by a remote code execution vulnerability that may be exploited by an attacker to compromise an affected system. A remote unauthenticated attacker may execute arbitrary commands on an RM Client, with high privileges, by starting a rogue RM Server that connects to the RM Client and executes the malicious script/payload that is placed in an SMB share, by the attacker, that is accessible to the RM Client. Affected include EMC Replication Manager versions prior to 5.5.3 on all supported OS, EMC Network Module for Microsoft version 3.x, and EMC Networker Module for Microsoft version 8.2.x.
8059f29d7b62d602762d9929ab5df11e813ed3be3cd31bfb824fd17aef285ae2There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a denial of service attack on a Rails application.
e6b7d9e5b6b28e3c08ebdbbf557326661b4a8bf5291d91b70d108f5ac0ec4be1CakePHP is a popular PHP framework for building web applications. The Security component of CakePHP is vulnerable to an unserialize attack which could be abused to allow unauthenticated attackers to execute arbitrary code with the permissions of the webserver. Versions less than and equal to 1.3.5 and 1.2.8 are affected.
dea34a0c2801eeab996b4917a68c1df259d3d1d8e08d971dace6ac256f486273
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed