UFONet 1.4
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
View ArticleUbuntu Security Notice USN-4272-1
Ubuntu Security Notice 4272-1 - It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that Pillow...
View ArticleUbuntu Security Notice USN-4273-1
Ubuntu Security Notice 4273-1 - It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a...
View ArticleUbuntu Security Notice USN-4250-2
Ubuntu Security Notice 4250-2 - It was discovered that an unspecified vulnerability existed in the C API component of MariaDB. An attacker could use this to cause a denial of service for MariaDB...
View ArticleBsides Brussels 2020 Call For Papers
BSides Brussels is a security conference in Brussels, Belgium, with talks, workshops and villages. The goal is to strengthen the exchange of knowledge, cooperation, communication, and integration...
View ArticleOpenSMTPD MAIL FROM Remote Code Execution
This Metasploit module exploits a command injection in the MAIL FROM field during SMTP interaction with OpenSMTPD to execute code as the root user.
View ArticleD-Link ssdpcgi Unauthenticated Remote Command Execution
This Metasploit module exploits an ssdpcgi remote command execution vulnerability in D-Link devices.
View ArticleRicoh Driver Privilege Escalation
This Metasploit module leverages the prnmngr.vbs script to add and delete printers. Multiple runs of this module may be required given successful exploitation is time-sensitive.
View ArticlemacOS/iOS ImageIO DDS Image Out-Of-Bounds Read
macOS and iOS suffer from an out-of-bounds read when processing DDS images with ImageIO.
View ArticlemacOS/iOS kern_stack_snapshot_internal() Userspace Share Issue
macOS and iOS suffer from an issue where kern_stack_snapshot_internal() shares non-zeroed kernel pages with userspace.
View ArticlemacOS ImageIO JPEG Out-Of-Bounds Write
ImageIO on macOS suffers from an issue where a heap out-of-bounds write occurs when processing JPEG images.
View Articlelibx264 H264 Conversion Out-Of-Bounds Write
libx264 suffers from an out-of-bounds write when converting to H264.
View ArticlemacOS/iOS XNU mk_timer_create_trap() Race Condition
macOS and iOS suffer from a race condition in XNU's mk_timer_create_trap() that can lead to type confusion.
View ArticleXNU OUserClient::_sendAsyncResult64() ipc_port Pointer Disclosure
The XNU function IOUserClient::_sendAsyncResult64() discloses the address of the ipc_port to which the notification is sent in the Mach message enqueued on the notification port.
View Articlesystemd-machined Incorrect Reference Decrement
systemd has an issue in systemd-machined where it decrements the reference count when references are still held.
View ArticlemacOS/iOS ImageIO PVR Image Processing Heap Corruption
macOS and iOS have an ImageIO heap corruption issue when processing malformed PVR images.
View ArticlemacOS/iOS ImageIO PVR Processing Out-Of-Bounds Read
macOS and iOS suffer from an ImageIO out-of-bounds read when processing PVR images.
View ArticlemacOS/iOS IOAccelCommandQueue2::processSegmentKernelCommand() Out-Of-Bounds...
macOS and iOS suffers from an out-of-bounds timestamp write in IOAccelCommandQueue2::processSegmentKernelCommand().
View Articleusersctp sctp_load_addresses_from_init Out-Of-Bounds Read
usersctp is SCTP library used by a variety of software including WebRTC. There is a vulnerability in the sctp_load_addresses_from_init function of usersctp that can lead to a number of out-of-bound...
View Article