Author: Cyberthreat Blog

A flaw exists in NetBSD’s implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier...

The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()’ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE...

Exim supports the use of multiple “-p” command line arguments which are malloc()’ed and never free()’ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This...

SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account.

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to...