Vulnerabilities (Page 57)

This one is just a silly issue.On PHP versions under 8 libxml_disable_entity_loader(true) is called to disable external entities…

Two vulnerabilities and a good deal of background.Vulns happen in the UEFI Request hypercalls…

Two vulnerabilities, both in ConnMann a root service for managing network connections, a stack-based overflow and a stack leak.

Composer will query Packagist to obtain metadata about the package to download.This includes where to fetch the code from (both source and pre-build archives)…

Base issue is that when handling a file upload (two locations do this) the buffer is allocated based on Content-Length, but the memcpy is based on the actual payload length. Creating a heap overflow.

Some meme worthy vulnerabilities like unauthenticated root ADB access, don’t worry its not enabled by default. But the request to enable it doesn’t require authentication.

Gatekeeper would misclassify certain types of applications allowing them to run without any restriction. Specifically you can cause a confusion in the policy engine regarding whether the app is bundled or not…

Brave when configuring its File Provider exposes all files form its public and private directory. This means an app could trigger a download a Brave’s cookie database by making a request to the content:// url for it and have it downloaded into the Downloads folder where any app could read it.

/proc/<pid>/syscall fills in a struct syscall_info using an architecture specific implementation.The structure has a u64[6] for argument registers to be put into…

Two stage attack to fully takeover a facebook account.