CVE-2024-26715 usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3gadgetsuspend In current scenario if Plug-out and Plug-In performed continuously there could be a chance while checking for dwc-gadgetdriver in dwc3gadgetsuspend, a NULL...

BIT-MATTERMOST-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

CVE-2021-47103

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2contextthreadfunc function, which may call pvr2contextdestroy and thus call kfree on the context object. However...

GHSA-27WG-99G8-2V4V Rust EVM erroneousle handles `record_external_operation` error return

Impact In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or CREATE2, in the case that the substack execution...

Rust EVM erroneousle handles `record_external_operation` error return

Impact In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or CREATE2, in the case that the substack execution...

CVE-2024-21629

Rust EVM is an Ethereum Virtual Machine interpreter. In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or...

Design/Logic Flaw

Rust EVM is an Ethereum Virtual Machine interpreter. In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or...

BestEdrOfTheMarket - Little AV/EDR Bypassing Lab For Training And Learning Purposes

Little AV/EDR Evasion Lab for training & learning purposes. ️ under construction..​ | | | | | | \ / \ / | | | | | \ / / | | | | | | | | | | | | | | | | | | ' \ / \ | | | /\ \ | | || || | | || | | | | | | | | / |/||/| ||/|| \ /|| || || ||| | / | | | | | | |/| |/ | '| |/ / \ | | | | | | | |...

SilentMoonwalk - PoC Implementation Of A Fully Dynamic Call Stack Spoofer

PoC Implementation of a fully dynamic call stack spoofer TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the...

An attacker can manipulate the call stack of the transaction to impersonate another address and set a different value for the origin variable.

Lines of code Vulnerability details Impact By changing the transaction's call stack, an attacker can use the origin variable to pretend to be another address, as a result, the attacker can be able to enter the system without authorization and carry out evil deeds. Proof of Concept The vulnerabili...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

Stack overflow

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

CVE-2022-0903

CVE-2022-0903 describes a call stack overflow bug in Mattermost Server’s SAML login feature. In versions up to and including 6.3.2, a maliciously crafted POST body can trigger a stack overflow, causing the server to crash (Denial of Service). Affected: Mattermost Server, SAML login handler; Impac...

PT-2022-13515 · Mattermost · Mattermost Server

Name of the Vulnerable Software and Affected Versions: Mattermost server versions up to and including 6.3.2 Description: A call stack overflow bug in the SAML login feature allows an attacker to crash the server by submitting a maliciously crafted POST body to the login endpoint. Recommendations:...

getRemainingRewards() Malfunction for unstarted promotions

Handle WatchPug Vulnerability details For unstarted promotions, cancelPromotion will revert at block.timestamp - promotion.startTimestamp in getCurrentEpochId. Call stack: getRemainingRewards - getRemainingRewards - getCurrentEpochId. function getCurrentEpochIdPromotion memory promotion internal...

ThreadStackSpoofer - PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode'S Memory Allocation From Scanners And Analysts

A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. Intro This is an example implementation for Thread Stack Spoofing technique...

VxWorks 6.9.x < 6.9.4.12 / 7 (SR540) / 7 (SR610) Multiple Vulnerabilities (URGENT/11)

Binary data 701083.prm...

dnSpy - .NET Debugger And Assembly Editor

dnSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing a...