Subscribe via feed.
Archive for May, 2016

TRN Threaded Reader 3.6-23 Stack Buffer Overflow

Posted by deepcore under exploit (No Respond)

Threaded USENET news reader version 3.6-23 suffers from a stack buffer overflow vulnerability.

IPFire XSS / CSRF / Command Execution

Posted by deepcore under exploit (No Respond)

IPFire versions prior to 2.19 Update Core 101 suffer from cross site request forgery, cross site scripting, and remote command execution vulnerabilities.

http://www.samkohos.moph.go.th

Posted by deepcore under Security (No Respond)

http://www.samkohos.moph.go.th notified by DeadsOul

Tags:

http://www.ato.moph.go.th

Posted by deepcore under Security (No Respond)

http://www.ato.moph.go.th notified by DeadsOul

Tags:

[dos] – Baidu Spark Browser 43.23.1000.476 – Address Bar URL Spoofing

Posted by deepcore under Security (No Respond)

Baidu Spark Browser 43.23.1000.476 – Address Bar URL Spoofing

Tags: ,

CMS Made Simple Cache Poisoning

Posted by deepcore under exploit (No Respond)

CMS Made Simple versions prior to 2.1.3 and 1.12.2 suffer from a web server cache poisoning vulnerability.

Linux perf_event_open() / execve() Race Condition

Posted by deepcore under exploit (No Respond)

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs.

Linux BPF Maps Reference Count Overflow

Posted by deepcore under exploit (No Respond)

Linux suffers from a reference count overflow using BPF maps.

McAfee Relocation Processing Memory Corruption

Posted by deepcore under exploit (No Respond)

Fuzzing packed executables with McAfee’s LiveSafe version 14.0 on Windows found a signedness error parsing sections and relocations.

Linux double-fdput() Use-After-Free

Posted by deepcore under exploit (No Respond)

Linux 4.4 suffers from a use-after-free vulnerability in double-fdput().