PDFAdd 1.2 DLL Hijacking
PDFAdd version 1.2 suffers from a dll hijacking vulnerability.
View ArticleMy Click Counter 1.0 SQL Injection
My Click Counter version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
View ArticleNetgear DGN2200 / DGND3700 / WNDR4500 Information Disclosure
Netgear models DGN2200, DGND3700, and WNDR4500 suffer from multiple information disclosure vulnerabilities, one of which leaks the admin password.
View ArticleInternet Download Accelerator 6.10.1.1527 Buffer Overflow
Internet Download Accelerator version 6.10.1.1527 SEH FTP buffer overflow exploit.
View ArticleDebian Security Advisory 3750-2
Debian Linux Security Advisory 3750-2 - A functionally regression was discovered in some specific usage scenarios of PHPMailer following the security update of DSA-3750. New packages have been released...
View ArticleRed Hat Security Advisory 2017-0003-01
Red Hat Security Advisory 2017-0003-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism...
View ArticleRed Hat Security Advisory 2017-0004-01
Red Hat Security Advisory 2017-0004-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel's networking...
View ArticleSamsung OTP OTP_GET_CRYPTO_DERIVED_KEY Buffer Overflow
Stack buffer overflow and information disclosure vulnerabilities exist in the Samsung OTP TrustZone trustlet via OTP_GET_CRYPTO_DERIVED_KEY.
View ArticleKaspersky Local CA Root Protected Incorrectly
Kaspersky fails to adequately protect its local CA root.
View ArticleSamsung OTP Service Heap Overflow
As a part of the KNOX extensions available on Samsung devices, Samsung provides a new service which allows the generation of OTP tokens and suffers from a heap overflow vulnerability.
View ArticleRed Hat Security Advisory 2017-0002-01
Red Hat Security Advisory 2017-0002-01 - Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking...
View ArticleGentoo Linux Security Advisory 201701-15
Gentoo Linux Security Advisory 201701-15 - Multiple vulnerabilities have been found in Mozilla Firefox, SeaMonkey, and Thunderbird the worst of which could lead to the execution of arbitrary code....
View ArticleTIMA Arbitrary Kernel Module Verification Bypass
Samsung's lkmauth feature suffers from a kernel module verification bypass vulnerability.
View ArticlePHPMailer / Zend-mail / SwiftMailer Remote Code Execution
This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.
View ArticleSamsung OTP TrustZone Buffer Overflow
As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The OTP TrustZone trustlet suffers from a stack buffer...
View ArticleKaspersky SSL Interception Differentiation
In order to inspect encrypted data streams using SSL/TLS, Kaspersky installs a WFP driver to intercept all outgoing HTTPS connections. They effectively proxy SSL connections, inserting their own...
View Article