Weaponize GhostWriting Injection - Code Injection Series Part 5
Whitepaper called Weaponize GhostWriting Injection. This is part 5 of a 5 part series of papers.
View ArticleUbuntu Security Notice USN-4649-1
Ubuntu Security Notice 4649-1 - Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information.
View ArticleUbuntu Security Notice USN-4646-2
Ubuntu Security Notice 4646-2 - USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update...
View Articlenfstream 6.2.5
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental...
View ArticleApache NiFi API Remote Code Execution
This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must...
View ArticleYATinyWinFTP Denial Of Service
YATinyWinFTP denial of service proof of concept exploit.
View ArticleRejetto HttpFileServer 2.3.x Remote Command Execution
Rejetto HttpFileServer version 2.3.x remote command execution exploit.
View ArticleDebian Security Advisory 4800-1
Debian Linux Security Advisory 4800-1 - Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could result in denial of service, or possibly,...
View ArticleDebian Security Advisory 4799-1
Debian Linux Security Advisory 4799-1 - Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote access to an existing X session. x11vnc creates shared memory segments with 0777 mode. A...
View ArticleDebian Security Advisory 4798-1
Debian Linux Security Advisory 4798-1 - It was discovered that SPIP, a website engine for publishing, did not correctly validate its input. This would allow authenticated users to execute arbitrary code.
View ArticleDebian Security Advisory 4797-1
Debian Linux Security Advisory 4797-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.
View ArticleDebian Security Advisory 4796-1
Debian Linux Security Advisory 4796-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
View ArticleDebian Security Advisory 4795-1
Debian Linux Security Advisory 4795-1 - Demi Obeneour discovered that unbounded recursion in the ASN1 parser of libkrb5 could result in denial of service.
View ArticleDebian Security Advisory 4794-1
Debian Linux Security Advisory 4794-1 - A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight PDF viewer, which may result in denial of service or the execution of arbitrary code if...
View ArticleDebian Security Advisory 4793-1
Debian Linux Security Advisory 4793-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information...
View ArticleDebian Security Advisory 4792-1
Debian Linux Security Advisory 4792-1 - Two vulnerabilities in the certificate list syntax verification and in the handling of CSN normalization were discovered in OpenLDAP, a free implementation of...
View ArticleDebian Security Advisory 4791-1
Debian Linux Security Advisory 4791-1 - Ken Gaillot discovered a vulnerability in the Pacemaker cluster group, the ACL restrictions could be bypassed via unrestricted IPC communication, resulting in...
View ArticleDebian Security Advisory 4790-1
Debian Linux Security Advisory 4790-1 - A use-after-free was found in Thunderbird, which could potentially result in the execution of arbitrary code.
View ArticleDebian Security Advisory 4789-1
Debian Linux Security Advisory 4789-1 - It was discovered that codemirror, a browser-based text editor implemented in JavaScript, was vulnerable to regular expression denial-of-service.
View ArticleDebian Security Advisory 4788-1
Debian Linux Security Advisory 4788-1 - A use-after-free was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
View ArticleDebian Security Advisory 4787-1
Debian Linux Security Advisory 4787-1 - Two vulnerabilities were discovered in moin, a Python clone of WikiWiki.
View ArticleDebian Security Advisory 4786-1
Debian Linux Security Advisory 4786-1 - It was discovered that a boundary check in libexif, a library to parse EXIF files, could be optimised away by the compiler, resulting in a potential buffer...
View ArticleDebian Security Advisory 4785-1
Debian Linux Security Advisory 4785-1 - It was discovered that raptor2, an RDF parser library, is prone to heap-based buffer overflow flaws, which could result in denial of service, or potentially the...
View ArticleDebian Security Advisory 4784-1
Debian Linux Security Advisory 4784-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to run insecure deserialization, embed spam, perform...
View ArticleDebian Security Advisory 4783-1
Debian Linux Security Advisory 4783-1 - Fabian Vogt discovered a flaw in sddm, a modern display manager for X11. A local attacker can take advantage of a race condition when creating the Xauthority...
View Article
