IT Security Tools
News Kategorien unterhalb von IT Security Tools: 0x
News RSS Feeds dieser IT Security Tools Kategorie: IT Security Tools
Benutze Feedly zum Abonieren.
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).
Eigene IT Security Webseite / Blog / Quelle hinzufügen
Chrome blink::PresentationAvailabilityState::UpdateAvailability Heap Use-After-Free
Chrome suffers from a heap use-after-free condition in blink::PresentationAvailabilityState::UpdateAvailability.
FreeBSD Security Advisory - FreeBSD-SA-19:21.bhyve
FreeBSD Security Advisory - The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When TCP segmentation offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to determine the size of the on-stack buffer without validation. The subsequent header generation could overflow an incorrectly sized buffer or indirect a pointer composed of stack garbage. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host.
FreeBSD Security Advisory - FreeBSD-SA-19:20.bsnmp
FreeBSD Security Advisory - A function extracting the length from type-length-value encoding is not properly validating the submitted length. A remote user could cause, for example, an out-of-bounds read, decoding of unrelated data, or trigger a crash of the software such as bsnmpd resulting in a denial of service.
FreeBSD Security Advisory - FreeBSD-SA-19:19.mldv2
FreeBSD Security Advisory - The ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic.
FreeBSD Security Advisory - FreeBSD-SA-19:18.bzip2
FreeBSD Security Advisory - The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip2(1) file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip2(1) file. An attacker who can cause maliciously crafted input to be processed may trigger either of these bugs. The bzip2recover bug may cause a crash, permitting a denial-of-service. The bzip2 decompressor bug could potentially be exploited to execute arbitrary code. Note that some utilities, including the tar(1) archiver and the bspatch(1) binary patching utility (used in portsnap(8) and freebsd-update(8)) decompress bzip2(1)-compressed data internally; system administrators should assume that their systems will at some point decompress bzip2(1)-compressed data even if they never explicitly invoke the bunzip2(1) utility.
Ubuntu Security Notice USN-4087-1
Ubuntu Security Notice 4087-1 - It was discovered that Burrows-Wheeler Aligner mishandled certain crafted .alt files. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice USN-4086-1
Ubuntu Security Notice 4086-1 - It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this vulnerability to write arbitrary files to the target's filesystem.
Red Hat Security Advisory 2019-2053-01
Red Hat Security Advisory 2019-2053-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, code execution, denial of service, and null pointer vulnerabilities.
Red Hat Security Advisory 2019-2101-01
Red Hat Security Advisory 2019-2101-01 - The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. Issues addressed include denial of service, heap overflow, and null pointer vulnerabilities.
Red Hat Security Advisory 2019-2078-01
Red Hat Security Advisory 2019-2078-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2019-2281-01
Red Hat Security Advisory 2019-2281-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
Red Hat Security Advisory 2019-2166-01
Red Hat Security Advisory 2019-2166-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds access vulnerability was addressed.
Red Hat Security Advisory 2019-2130-01
Red Hat Security Advisory 2019-2130-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.
Red Hat Security Advisory 2019-2308-01
Red Hat Security Advisory 2019-2308-01 - The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine disk images. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2019-2060-01
Red Hat Security Advisory 2019-2060-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2019-2169-01
Red Hat Security Advisory 2019-2169-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. An insufficient validation vulnerability was addressed.
Red Hat Security Advisory 2019-2110-01
Red Hat Security Advisory 2019-2110-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2019-2112-01
Red Hat Security Advisory 2019-2112-01 - mod_auth_openidc enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
Red Hat Security Advisory 2019-2057-01
Red Hat Security Advisory 2019-2057-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
Red Hat Security Advisory 2019-2332-01
Red Hat Security Advisory 2019-2332-01 - AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Issues addressed include denial of service and null pointer vulnerabilities.
Red Hat Security Advisory 2019-2022-01
Red Hat Security Advisory 2019-2022-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Issues addressed include buffer overflow and null pointer vulnerabilities.
Red Hat Security Advisory 2019-2290-01
Red Hat Security Advisory 2019-2290-01 - The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Issues addressed include a null pointer vulnerability.
Red Hat Security Advisory 2019-2097-01
Red Hat Security Advisory 2019-2097-01 - The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files. Issues addressed include a traversal vulnerability.
Red Hat Security Advisory 2019-2043-01
Red Hat Security Advisory 2019-2043-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
Red Hat Security Advisory 2019-2035-01
Red Hat Security Advisory 2019-2035-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.
ARMBot Botnet Arbitrary Code Execution
ARMBot Botnet arbitrary code execution exploit.
SQLMAP - Automatic SQL Injection Tool 1.3.8
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
Clam AntiVirus Toolkit 0.101.3
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
Active PHP Bookmarks 1.3 SQL Injection
Active PHP Bookmarks version 1.3 suffer from a cookie_auth error-based remote SQL injection vulnerability.
Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment (without any actual setup - no domain, no infrastructure, no actual email address) to assess people's action on any given situation and gives ability to understand what is the current awareness posture. A presentation for Phishing Simulation will be at Defcon 27.
CentOS Control Web Panel 0.9.8.846 Cross Site Scripting
CentOS Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability.
CentOS Control Web Panel 0.9.8.840 User Enumeration
CentOS Control Web Panel (CWP) versions 0.9.8.836 through 0.9.8.840 suffer from a user enumeration vulnerability.
CentOS Control Web Panel 0.9.8.836 Remote Command Execution
CentOS Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability.
iMessage URL Deserializing Heap Overflow
iMessage suffers from a heap overflow vulnerability when deserializing a URL. This affects Macs only.
KDE 4/5 KDesktopFile Command Injection
KDE 4/5 is vulnerable to a command injection vulnerability in the KDesktopFile class. When a .desktop or .directory file is instantiated, it unsafely evaluates environment variables and shell expansions using KConfigPrivate::expandString() via the KConfigGroup::readEntry() function. Using a specially crafted .desktop file a remote user could be compromised by simply downloading and viewing the file in their file manager, or by drag and dropping a link of it into their documents or desktop. Versions 5.60.0 and below are affected.
SeitennavigationSeite 7 von 269 Seiten (Bei Beitrag 210 - 245)
9.407x Beiträge in dieser Kategorie
Auf Seite 6 zurück | Nächste 8 Seite | Letzte Seite
[ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ]  [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ]