EUVD-2016-9893

Malware in sbrugna...

EUVD-2011-2660

Malware in sbrugna...

EUVD-2025-23645

Malicious code in bioql PyPI...

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analys...

curl: Remote memory disclosure vulnerability in libcurl on 64 Bit Windows

Remote memory disclosure vulnerability in libcurl on 64 Bit Windows Summary: libcurl latest contains a vulnerability that enables attackers to remotely read memory beyond the bounds of a buffer in the style of the infamous "heartbleed" vulnerability. Luckily, however, this is only possible when...

The Basics of Exploit Development 5: x86-64 Buffer Overflows

In this article we will be covering a technique similar to the one in the first installment of this series, however, with the twist in that this exploit will be of a 64-bit process running on Windows 10. Due to the nature of modern operating systems and the exploit mitigation techniques they...

EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation

Title: EE 4GEE Mini EE400002.0044 - Privilege Escalation Date: 2018-09-22 Software Version: EE400002.0044 Tested on: Windows 10 64-bit and Windows 7 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original Advisory:...

Security Bulletin: Vulnerability in IBM Java Runtime affects the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by the Enterprise Common Collector a component of IBM Tivoli zEnterprise Monitoring Agent, a component of IBM Tivoli...

Security Bulletin: A component of IBM Tivoli zEnterpise Monitoring Agent is potentially affected by multiple vulnerabilities that have been identified in IBM Runtime Environment, Java™ Technology Edition, Version 6 (CVE-2014-4263 and CVE-2014-4244)

Summary Vulnerabilities have been identified in IBM Runtime Environment, Java™ Technology Edition, Version 6, utilized by the Enterprise Common Collector a component of IBM Tivoli zEnterpise Monitoring Agent, a component of IBM Tivoli Monitoring. Vulnerability Details CVEID: CVE-2014-4263...

CVE-2016-9072

When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox 50...

Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disc

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows...

Microsoft Windows - 'nt!NtQueryVirtualMemory (MemoryImageInformation)' Kernel 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 8 to 10. The layout of the corresponding output...

Microsoft Windows - jscript!JsArraySlice Uninitialized Variable

Microsoft Windows - jscript!JsArraySlice Uninitialized Variable var x = new URIErrornew Array, undefined, undefined; String.prototype.localeCompare.callx, new Date0, 0, 0, 0, 0, 0, undefined; Array.prototype.slice.call1; !-- ============================================ Technical details: The issu...

Code injection

The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Adobe Flash - Use-After-Free When Setting Stage

Adobe Flash - Use-After-Free When Setting Stage Source: https://code.google.com/p/google-security-research/issues/detail?id=629 The attached file causes a use-after-free when calling the stage setter. The PoC works most consistently in Firefox for 64-bit Windows. Proof of Concept:...

Adobe Flash - Use-After-Free When Setting Stage

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=629 The attached file causes a use-after-free when calling the stage setter. The PoC works most consistently in Firefox for 64-bit Windows. Proof of Concept:...

Latest EMET Bypass Targets WoW64 Windows Subsystem

Backwards compatibility, a necessary evil for Microsoft in its need to support so many legacy applications on Windows, may be its undoing as researchers have found a way to exploit this layer in the operating system to bypass existing mitigations against memory-based exploits. Specifically in thi...