CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

0day.today•added 2019/10/30 12:0 a.m.•125 views

JavaScriptCore - GetterSetter Type Confusion During DFG Compilation Exploit

The following JavaScript program, found by Fuzzilli and slightly modified, crashes JavaScriptCore built from HEAD and the current stable release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: let notAGetterSetter = whatever: 42; function v2v5 const v10 = Object; if v5 const v1...

8.8CVSS8.2AI score0.08158EPSS

Exploits2

Packet Storm•added 2019/10/30 12:0 a.m.•236 views

JavaScriptCore GetterSetter Type Confusion

JSC: GetterSetter type confusion during DFG compilation The following JavaScript program, found by Fuzzilli and slightly modified, crashes JavaScriptCore built from HEAD and the current stable release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: let notAGetterSetter =...

8.2AI score0.08158EPSS

Exploits2

exploitpack•added 2019/10/30 12:0 a.m.•18 views

JavaScriptCore - GetterSetter Type Confusion During DFG Compilation

JavaScriptCore - GetterSetter Type Confusion During DFG Compilation The following JavaScript program, found by Fuzzilli and slightly modified, crashes JavaScriptCore built from HEAD and the current stable release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: let...

Exploit DB•added 2019/10/30 12:0 a.m.•493 views

JavaScriptCore - GetterSetter Type Confusion During DFG Compilation

Kitploit•added 2019/10/29 9:30 p.m.•55 views

LinPwn - Interactive Post Exploitation Tool

LinPwn is a interactive tool created to assist you in post exploitation enumeration and privilege escalation. Connection Set your IP and port you want it to connect to in the Connection class. Place the LinPwn binary on the target machine. Run nc -lvp PORT on your machine and then run LinPwn on t...

7.5AI score

OSV•added 2019/10/12 1:15 p.m.•0 views

UBUNTU-CVE-2019-17514

library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that...

7.5CVSS6.8AI score0.02221EPSS

Exploits1References16

Kitploit•added 2019/10/12 12:22 p.m.•238 views

Fsmon - Monitor Filesystem On iOS / OS X / Android / FirefoxOS / Linux

FileSystem Monitor utility that runs on Linux, Android, iOS and OSX. Brought to you by Sergi Àlvarez at Nowsecure and distributed under the MIT license. Contact: [email protected] Usage The tool retrieves file system events from a specific directory and shows them in colorful format or in...

6.7AI score

Oracle linux•added 2019/10/11 12:0 a.m.•139 views

Unbreakable Enterprise kernel security update

4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...

8.8CVSS7.6AI score0.04575EPSS

Exploits3

0day.today•added 2019/10/07 12:0 a.m.•144 views

Linux/ARM - Fork Bomb Shellcode (20 bytes)

Title: Linux/ARM - Fork Bomb Shellcode 20 bytes Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: CJHackerz Description: This shellcode creates new processes in infinite loop to exhaust CPU resources leading to crash / Compilation instruction...

OPENSUSE Linux•added 2019/10/07 12:0 a.m.•80 views

Security update for singularity (moderate)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2019:2288-1 Rating: moderate References: 1125369 1128598 Cross-References: CVE-2019-11328 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that solves one vulnerability and h...

9CVSS7.3AI score0.00606EPSS

Exploits1References2

Kitploit•added 2019/08/23 9:45 p.m.•142 views

Covenant - A .NET Command And Control Framework For Red Teamers

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a...

7.8AI score

Exploits0References3

OSV•added 2019/08/20 8:15 p.m.•1 views

CVE-2019-2130

In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...

9.8CVSS7.8AI score0.01098EPSS

Positive Technologies•added 2019/07/28 12:0 a.m.•2 views

PT-2019-6339 · Pcre +7 · Pcre +7

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 10.34 Description: An out-of-bounds read was discovered in PCRE when the pattern X is JIT compiled and used to match specially crafted subjects in non-UTF mode. This issue affects applications that use PCRE to parse...

9.8CVSS6.4AI score0.41483EPSS

Exploits19References207

0day.today•added 2019/07/26 12:0 a.m.•29 views

ASAN / SUID - Local Privilege Escalation Exploit

Exploit for multiple platform in category local exploits !/bin/bash unsanitary.sh - ASAN/SUID Local Root Exploit Exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. Uses an overwrite of /etc/ld.so.preload ...

0.4AI score

0day.today•added 2019/07/23 12:0 a.m.•39 views

Linux/x86_64 - Wget Linux Enumeration Script Shellcode (155 Bytes)

/ LinEnum Linux Enumeration Wget & CHMOD & Run Shellcode Language C & ASM - Linux/x8664 author : Kağan Çapar contact: email protected shellcode len : 155 bytes compilation: gcc -o shellcode shellcode.c test: run ./shellcode description: First, the linenum script is via github with wget command...

Veracode•added 2019/07/12 10:39 a.m.•13 views

Timing Attack

cryptopp is vulnerable to timing attack. The attack exists because the countermeasure against the timing attack in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock is ineffective after compilation...

7.5CVSS7.3AI score0.01025EPSS

Exploits0References6Affected Software1

0day.today•added 2019/07/02 12:0 a.m.•634 views

Linux/ARM64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (128 bytes)

/ Title: Linux/ARM64 - Reverse 127.0.0.1:4444/TCP Shell /bin/sh + Null-Free Shellcode 128 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu...

7.1AI score