There is an out-of-bounds access that comes because of a difference between parsing the huffman tables vs using the huffman tables.While parsing the table, the function ensures that each identifier can only be between 0 and 3…
I want to say the root of this issue is from trying to determine by name whether an identifier is a commit hash or a branch name.While git allows the creation of branches consisting of 40 hex characters, GitHub will reject the branch…
We touched on a similar issue last week in Zabbix where the ability to access the setup process after it was complete could lead to compromising the system. In this situation no extra trickery was necessary as it appears to have been a bad conditional allowing reentry to the setup functionality.
Multiple bugs in Carbon Black and vRealize Operations Manager, authentication bypassing through proxy trickery, server-side request forgery, credential leaking, and ultimately RCE.
A secure boot bypass by finding an issue before the boot image has been verified.
The lesson here is just don’t store session data on the client and if you must, don’t take shortcuts, its tough to get right in the first place.Effectively here Zabbix stored session data in the user cookies…
A few vulnerabilities here, inconsisently enforced permissions, server side request forgery with an extension blocklist, and password reset link poisoning.
This just comes down to overly verbose error message.The Coindesk website has an API endpoint that normally serves a list of published articles…
There are two bugs here, one that allows an attacker to reset the password of any account, another to bypass 2FA.
A remotely reachable stack-based buffer overflow in the Linux Kernel’s TIPC module due to a not performing a bounds check in an edge case.