IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [vulnerability]

A weakness or flaw in computer software and hardware which allows an attacker to take advantage of (exploit) a targeted system.

1032 questions
62
votes
1 answer

Who "brands" vulnerabilities?

It appears that every time there's a vulnerability discovered major enough to hit the news, its been assigned a brand name and often even a logo. Heartbleed, Spectre, Meltdown, Foreshadow, etc. Who decides and produces these? Is it typically the…
Kai
  • 645
  • 5
  • 6
28
votes
1 answer

How does CVE-2014-9390 affect me?

On 18th December, a vulnerability in git and mecurial was announced.  What are the details of the vulnerability?  Does it affect me?  What should I do?
user10211
10
votes
5 answers

How to find out what vulnerabilities X product has had/has?

Canonical question regarding the best way of obtaining information on what vulnerabilities X product has had/has. Other identical or significantly similar questions should be closed as a duplicate of this one. This is as per Schroeders suggestion…
user173641
7
votes
1 answer

Cleartext data in a session cookie: which kind of vulnerability?

I was running Wireshark while using a website, when I noticed a session cookie storing in cleartext the email address, my first name, my gender and the date of birth I set during the signup process. In my opinion, it is a vulnerability because it…
A. Darwin
  • 3,602
  • 2
  • 17
  • 27
5
votes
2 answers

How does arbitary code execution work?

I'm unable to understand how arbitrary code execution vulnerabilities are supposed to work. Wikipedia mentions: Arbitrary code execution is commonly achieved through control over the instruction pointer of a running process. Say, the vulnerability…
user22260
4
votes
1 answer

Is it risky to report a security issue to a company or organization via non-dedicated channels?

I recently visited the website for a large, reputable company which serves a malicious script (it's a knockoff of one of the major analytics apps, with an inconspicuous, intentional typo in the source URL). Additionally, the company serves a niche…
Jules
  • 1,260
  • 1
  • 10
  • 20
4
votes
3 answers

What vulnerabilities do distros categorize as causing a program to "crash, resulting in a denial of service, or possibly execute arbitrary code"?

When reading distro security list mails, I frequently see that a discovered vulnerability could cause foo to "crash, resulting in a denial of service, or possibly execute arbitrary code". This exact phrasing is used verbatim across quite…
Xiong Chiamiov
  • 9,432
  • 2
  • 34
  • 81
4
votes
1 answer

What happened to US-CERT Weekly Vulnerability Bulletins?

What happened to US-CERT weekly bulletins about new vulnerabilities? It was one of my sources to get updates about new vulnerabilities and I received nothing since January 25. On the website, also nothing since January,…
Mikheil
  • 43
  • 4
3
votes
1 answer

Do memory-level vulnerabilities in x86 applications also affect ARM?

I am currently fuzzing various open-source libraries and programs in order to find buffer overflows, underruns, memory leaks, crashes, etc. I am using an ARM system to perform this fuzzing. The programs are compiled from source using my local…
rubberband876
  • 193
  • 5
3
votes
2 answers

Can a KVM switch be vulnerable through a VGA port?

I have one KVM switch that has a VGA port to connect monitor. I want to know how to test that the KVM switch has no vulnerabilities by this port (using DDC)?
Juliet
  • 187
  • 1
  • 1
  • 7
3
votes
3 answers

Reporting vulnerability in school computer system

While at school I stumbled upon a folder that holds a program that can control the schools computers, such as shutting them down, logging everybody off, controlling what files they can access. How should I approach my School Board / School about the…
jon k
  • 33
  • 3
2
votes
2 answers

Is this a serious vulnerability? Semi Information Disclosure

I was registering on an e-commerce website (no, I'm not gonna name it), when, due to my pentest nature, I captured the GET request for resending a confirmation email. Kinda like: http://www.example.com/resend?email=someguy%40domain.com What I…
poiasd
  • 63
  • 4
2
votes
0 answers

How is CVE-2016-6787 a UAF bug in Linux kernel?

From the explanation video of the Linux kernel vulnerability CVE-2016-6787, I don't understand is though put_ctx isn't inside a mutex, there's an atomic_dec_and_test inside put_ctx at the very beginning. kfree_rcu is only invoked if…
sherlock
  • 569
  • 4
  • 7
2
votes
1 answer

Flash and Software based vulnerabilities

Assuming an attacker does not have access to your LAN\Router etc... How could they take control of your web cam\system peripherals\other resources via a flash vulnerability. That's what I hear on the news, and I would like to be made familiar of the…
Johnnie
  • 63
  • 1
  • 5
1
vote
0 answers

Struts2 + action prefix vulnerability + CVE-2013-4310

CVE-2013-4310 indicates the action prefix (action:) feature of struts2 framework is vulnerable. Hence the vendor released the patch(?) by disabling this feature. However, there is an option to enable this feature back. Question: What are the…
param83
  • 111
  • 2
1
2 3