PT-2023-14945 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev505-gb9577e6ad-master Description: A memory leak was discovered in GPAC via the gf isom box parse ex function at box funcs.c. This issue may allow for unauthorized access or other malicious activities. Recommendations:...

PT-2021-10989 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions prior to 1.0.1 Description: An issue was discovered in the abst box read function in box code adobe.c, which has a heap-based buffer over-read. Recommendations: For versions prior to 1.0.1, update to version 1.0.1 or later to...

PT-2022-26723 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev368-gfd054169b-master Description: A heap buffer overflow issue was discovered in GPAC via the gf isom box dump start ex function at /isomedia/box funcs.c. Recommendations: For GPAC version...

PT-2023-1542 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev505-gb9577e6ad-master Description: The issue is related to a memory leak via the afrt box read function at box code adobe.c. This can be exploited by a remote attacker to cause a denial of service. The memory leak is d...

PT-2020-6634 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions through 20200801 Description: An issue exists in the function ilst item box dump located in box dump.c, which allows an attacker to cause Denial of Service due to a NULL pointer dereference. This issue can be exploited by a remo...

PT-2021-10987 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions prior to 1.0.1 Description: An issue was discovered in the abst box read function in box code adobe.c, which has a heap-based buffer over-read. Recommendations: For versions prior to 1.0.1, update to version 1.0.1 or later to...

Stack overflow

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

CVE-2018-16596

CVE-2018-16596 concerns a stack-based buffer overflow in the LAN UPnP service of Swisscom Internet-Box devices (2/Standard/Plus) on UDP port 1900. The flaw allows remote code execution if the attacker is inside the LAN and can send a UDP packet to port 1900; ASLR reduces reliability, making succe...

CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

CVE-2018-18346

Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page...

CVE-2018-18346

Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page...

DEBIAN-CVE-2018-18346

Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page...

UBUNTU-CVE-2018-18346

Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page...

SEMCMS cross-site scripting vulnerability (CNVD-2019-05836)

SemCms is a set of open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox, google, 360 and other mainstream browsers. SEMCMS 3.5 cross-site scripting vulnerability , attackers can use the vulnerability through the...

chromium-browser: Incorrect security UI in Blink

Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page...

KoffeyMaker: notebook vs. ATM

Despite CCTV and the risk of being caught by security staff, attacks on ATMs using a direct connection — so-called black box attacks — are still popular with cybercriminals. The main reason is the low "entry requirements" for would-be cyber-robbers: specialized sites offer both the necessary tool...

LightBulb Framework - Tools For Auditing WAFS

LightBulb is an open source python framework for auditing web application firewalls and filters. Synopsis The framework consists of two main algorithms: GOFA : An active learning algorithm that infers symbolic representations of automata in the standard membership/equivalence query model. Active...

DVWA Pro-test CSRF vulnerability-vulnerability warning-the black bar safety net

CSRF is a cross-site request forgery, i.e., a user at A site after login in the same client of the Site B using the vulnerability to get A site's Cookie and other authentication information, and forgery as legitimate identity request to A site. This article in the local environment, carry out the...

Red Team’s SIEM: RedELK

Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. When performing multi-month, multi-C2teamserver and multi-scenario red team operations, you are working with an...