Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2026-40369: Defensive Analysis of the 12-Byte Windows Kern...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in the .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the “startupxen” entry point. This information is used before booting...

Exploit for CVE-2026-42945

CVE-2026-42945 NGINX Rift — defensive scanner Organizations...

CVE-2025-60887

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

PT-2026-35743

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

Cista 代码问题漏洞

Cista is a C++ data serialization and reflection tool developed by Felix Gündling. Versions of Cista prior to 0.15 contained code vulnerabilities. These vulnerabilities stemmed from unsafe deserialization of untrusted inputs, which could lead to stack address leaks and bypassing ASLR protection...

Buffer-Overflow-PoC

Buffer Overflow PoC — ret2libc on x86-64 Linux Overview D...

CVE-2026-24640

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection a...

CVE-2020-37119 Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a...

CVE-2026-23569

The CVE-2026-23569 entry describes an out-of-bounds read in TeamViewer DEX Client’s Content Distribution Service (NomadBranch.exe) for Windows prior to version 26.1. The vulnerability allows a remote attacker to leak stack memory and cause a denial of service, with the leaked memory potentially e...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000939 advisory. The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001607 advisory. In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showflopp...

MiracleLinux 3 : kernel-2.6.18-348.2.AXS3 (AXSA:2013-124:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-124:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003752 advisory. The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, i...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003515 advisory. In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showflopp...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002116)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002116 advisory. The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive...

Advisory ROSA-SA-2025-3103

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: rsync-3.1.3-20.rv3 CVE-ID: CVE-2022-37434 BDU-ID: 2022-05325 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory...

Siemens SIMATIC S7-1500 Improper Initialization (CVE-2019-19126)

On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for...

EUVD-2018-17604

Malware in sbrugna...

EUVD-2016-4697

Malware in sbrugna...