Linux/x86_64 - AVX2 XOR Decoder + execve(/bin/sh) Shellcode (62 bytes)

/ ; Title : Linux/x8664 - AVX2 XOR Decoder + execve"/bin/sh" 62 bytes ; Author : Gonçalo Ribeiro @goncalor ; Website : goncalor.com ; SLAE64-ID : 1635 ; this only works on machines with a CPU that supports AVX2 instructions global start start: jmp calldecoder decoder: pop rsi lea rdi, rsi+1 ;...

CVE-2019-15133

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height field of the ImageSize data structure is equal to zero...

UBUNTU-CVE-2019-15133

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height field of the ImageSize data structure is equal to zero...

CVE-2019-15133

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height field of the ImageSize data structure is equal to zero...

CVE-2019-15133

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height field of the ImageSize data structure is equal to zero...

DEBIAN-CVE-2019-13217

A heap buffer overflow in the startdecoder function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

PT-2019-13184 · No Company · Stb Vorbis

Name of the Vulnerable Software and Affected Versions: stb vorbis versions through 2019-03-04 Description: A heap buffer overflow in the start decoder function allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. Recommendations: For stb...

Sean Barrett stb_vorbis code issue vulnerability

Sean Barrett stbvorbis is an open source audio codec for decoding ogg vorbis files. Sean Barrett stbvorbis A code issue vulnerability exists in the 'getwindow' function in versions 2019-03-04 and earlier. The vulnerability stems from an improperly designed or implemented code development process...

PT-2019-13187 · Nothinq · Stb Vorbis

Name of the Vulnerable Software and Affected Versions: stb vorbis versions through 2019-03-04 Description: The issue is related to the use of uninitialized stack variables in the start decoder function, which can be exploited by opening a crafted Ogg Vorbis file. This can lead to a denial of...

Unspecified vulnerability in Sean Barrett stb_vorbis (CNVD-2019-41487)

Sean Barrett stbvorbis is an open source audio codec for decoding ogg vorbis files. A security vulnerability exists in the 'startdecoder' function in Sean Barrett stbvorbis 2019-03-04 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service or disclose sensiti...

libarchive security update

3.1.2-12 - fixed use after free in RAR decoder 1700749 - fixed double free in RAR decoder 1700748 3.1.2-11 - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 - fix infinite loop in ISO9660 CVE-2019-1000020...

Denial Of Service (DoS)

libarchive is vulnerable to denial of service DoS. It is possible due to use after free in RAR decoder...

libarchive: Double free in RAR decoder resulting in a denial of service

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...

Exploit for Out-of-bounds Write in Google Android

CVE-2019-2107 CVE-2019-2107 CVE-2019-2107 - looks scary. Stil...

OFFIS.de DCMTK Buffer Overflow Vulnerability

OFFIS.de DCMTK is a toolkit that implements the DICOM standard to inspect, build and convert DICOM image files, send and receive images over a network connection. A buffer overflow vulnerability exists in DcmRLEDecoder::decompress in OFFIS.de DCMTK 3.6.3 and earlier versions. The vulnerability...

OPENSUSE-SU-2019:1770-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: kernel-firmware was updated to version 20190618: cavium: Add firmware for CNN55XX crypto driver. linux-firmware: Update firmware file for Intel Bluetooth 22161 linux-firmware: Update firmware file for Intel Bluetooth 9560 linux-firmware:...

EthereumJ Code Issues Vulnerabilities

EthereumJ is a Java language implementation of the Ethernet protocol. A code issue vulnerability exists in the crypto/ECKey.java file's decoder.readObject and the mine/Ethash.java file's ois.readObject in EthereumJ version 1.8.2. An attacker could exploit this vulnerability to execute arbitrary...

PT-2019-2512 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0.0 through 12.2.1.3.0 Description: The issue is related to the XMLDecoder component of the Oracle WebLogic Server, which has weaknesses in its deserialization mechanism. This can be exploited by a remot...

CVE-2019-2094

In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...

Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1463)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denia...