MacOS suffers from a kernel memory corruption due to an off-by-one in audit_pipe_open.
Category Archives: Security
Security
MacOS/iOS bpf Kernel Heap Overflow
The MacOS/iOS kernel suffers from a heap overflow in bpf.
WebKit Synchronous Page Load UXSS
WebKit suffers from a cross site scripting vulnerability via a synchronous page load.
WebKit Focus Event UXSS
WebKit suffers from a cross site scripting vulnerability via a focus event and a link element.
MacOS/iOS necp_open Use-After-Free
The MacOS/iOS kernel suffers from a use-after-free vulnerability due to bad locking in necp_open.
WebKit WebCore::toJS Use-After-Free
WebKit suffers from a use-after-free vulnerability in WebCore::toJS.
Vuln: ImageWorsener 'iwgif_record_pixel()' Function Denial of Service Vulnerability
ImageWorsener ‘iwgif_record_pixel()’ Function Denial of Service Vulnerability
DSA-3828 dovecot – security update
It was discovered that the Dovecot email server is vulnerable to a
denial of service attack. When the dict
passdb and userdb are used
for user authentication, the username sent by the IMAP/POP3 client is
sent through var_expand() to perform %variable expansion. Sending
specially crafted %variable fields could result in excessive memory
usage causing the process to crash (and restart).
Vuln: WebsiteBaker CVE-2017-7410 Multiple SQL Injection Vulnerabilities
WebsiteBaker CVE-2017-7410 Multiple SQL Injection Vulnerabilities
Vuln: ImageWorsener 'iwbmp_read_info_header()' Function Denial of Service Vulnerability
ImageWorsener ‘iwbmp_read_info_header()’ Function Denial of Service Vulnerability