OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/.
CVE-2017-7589
In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the “anonymous” user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in bin/defaults/script/info/login.js.
Vuln: Google Nexus Qualcomm TrustZone CVE-2016-5349 Information Disclosure Vulnerability
Google Nexus Qualcomm TrustZone CVE-2016-5349 Information Disclosure Vulnerability
Vuln: Google Nexus Qualcomm Qualcomm CP Access Driver CVE-2017-0583 Privilege Escalation Vulnerability
Google Nexus Qualcomm Qualcomm CP Access Driver CVE-2017-0583 Privilege Escalation Vulnerability
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits
Remember The Shadow Brokers? They are back.
A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back.
Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to “Equation
ming-0.4.8-1.fc25
Release 0.4.8 (no ABI or API changes)
* Add PHP7 compatibility
* Fix C++ output of disassembler
* Fix heap overflows in parser.c (CVE-2017-7578)
* Avoid division by zero in listmp3 when no valid frame was found (CVE-2016-9265)
* Don’t try printing unknown block (CVE-2016-9828)
* Parse Protect tag’s Password as string (CVE-2016-9827)
* Check values before deriving malloc parameters from them in parser.c (CVE-2016-9829)
* Make readString() stop reading string past buffer’s end
* Return EOF when reading unsigned values hits end of memory backed buffer
* Exit immediately when unexpected EOF is by fgetc() in utility programs (CVE-2016-9831)
* Fix using EOF marker -1 value as a valid flag byte (CVE-2016-9266)
* Fix division by zero sample rate due to global buffer overflow (CVE-2016-9264, CVE-2016-9265)
ming-0.4.8-1.fc26
Release 0.4.8 (no ABI or API changes)
* Add PHP7 compatibility
* Fix C++ output of disassembler
* Fix heap overflows in parser.c (CVE-2017-7578)
* Avoid division by zero in listmp3 when no valid frame was found (CVE-2016-9265)
* Don’t try printing unknown block (CVE-2016-9828)
* Parse Protect tag’s Password as string (CVE-2016-9827)
* Check values before deriving malloc parameters from them in parser.c (CVE-2016-9829)
* Make readString() stop reading string past buffer’s end
* Return EOF when reading unsigned values hits end of memory backed buffer
* Exit immediately when unexpected EOF is by fgetc() in utility programs (CVE-2016-9831)
* Fix using EOF marker -1 value as a valid flag byte (CVE-2016-9266)
* Fix division by zero sample rate due to global buffer overflow (CVE-2016-9264, CVE-2016-9265)
ming-0.4.8-1.fc24
Release 0.4.8 (no ABI or API changes)
* Add PHP7 compatibility
* Fix C++ output of disassembler
* Fix heap overflows in parser.c (CVE-2017-7578)
* Avoid division by zero in listmp3 when no valid frame was found (CVE-2016-9265)
* Don’t try printing unknown block (CVE-2016-9828)
* Parse Protect tag’s Password as string (CVE-2016-9827)
* Check values before deriving malloc parameters from them in parser.c (CVE-2016-9829)
* Make readString() stop reading string past buffer’s end
* Return EOF when reading unsigned values hits end of memory backed buffer
* Exit immediately when unexpected EOF is by fgetc() in utility programs (CVE-2016-9831)
* Fix using EOF marker -1 value as a valid flag byte (CVE-2016-9266)
* Fix division by zero sample rate due to global buffer overflow (CVE-2016-9264, CVE-2016-9265)
Bugtraq: SEC Consult SA-20170407-0 :: Server-Side Request Forgery in MyBB forum
SEC Consult SA-20170407-0 :: Server-Side Request Forgery in MyBB forum
Vuln: Google Android Qualcomm Wi-Fi Driver CVE-2016-10235 Denial of Service Vulnerability
Google Android Qualcomm Wi-Fi Driver CVE-2016-10235 Denial of Service Vulnerability