3164 matches found
SGN - Encoder Ported Into Go With Several Improvements
SGN is a polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop to encode given binary instructions similar to LSFR. This project is the reimplementation of the original Shikata ga nai in golang with...
SmarterMail 16 Arbitrary File Upload
Exploit Title: SmarterMail 16 - Arbitrary File Upload Google Dork: inurl:/interface/root Date: 2020-06-10 Exploit Author: vvhack.org Vendor Homepage: https://www.smartertools.com Software Link: https://www.smartertools.com Version: 16.x Tested on: Windows CVE : N/A !/usr/bin/python3 import...
SmarterMail 16 - Arbitrary File Upload Exploit
Exploit for multiple platform in category web applications Exploit Title: SmarterMail 16 - Arbitrary File Upload Google Dork: inurl:/interface/root Exploit Author: vvhack.org Vendor Homepage: https://www.smartertools.com Software Link: https://www.smartertools.com Version: 16.x Tested on: Windows...
PT-2020-6915 · Flac +7 · Flac +7
Name of the Vulnerable Software and Affected Versions: flac versions prior to 1.4.0 Description: The issue is related to a buffer overflow in the bitwriter grow function of the FLAC audio codec, which can allow an attacker to execute arbitrary code. This can be achieved by providing crafted input...
ffjpeg buffer overflow vulnerability (CNVD-2020-31580)
ffjpeg is a JPEG encoder/decoder. A security vulnerability exists in the jfifencode of the jfif.c file in ffjpeg version 2020-02-24 and earlier. An attacker can exploit this vulnerability to cause a denial of service...
DalFox (Finder Of XSS) - Parameter Analysis And XSS Scanning Tool Based On Golang
Finder Of XSS, and Dal is the Korean pronunciation of moon. What is DalFox Just, XSS Scanning and Parameter Analysis tool. I previously developed XSpear, a ruby-based XSS tool, and this time, a full change occurred during the process of porting with golang!!! and created it as a new project. The...
imagemagick:encoder_tiff64_fuzzer: Heap-buffer-overflow in PushLongPixel
Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5737439391121408 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encodertiff64fuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...
Unauthorized Access Vulnerability in PowerSmart Encoder
PowerSmart encoder is a specialized hardware video encoding device launched by Beijing Century Dingdot Software Co., Ltd. with its professional video compression technology, which has the advantages of supporting international standards, high performance, flexible configuration and strong...
spring-security-core: mishandling of user passwords allows logging in with a password of NULL
A flaw was found in Spring Security in several versions, in the use of plain text passwords using the PlaintextPasswordEncoder. If an application is using an affected version of Spring Security with the PlaintextPasswordEncoder and a user has a null encoded password, an attacker can use this flaw...
Adobe Media Encoder CC MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Media Encoder CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Media Encoder 3GP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Media Encoder CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
imagemagick:encoder_tiff_fuzzer: Heap-buffer-overflow in TIFFSwabArrayOfLong
Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5753841704501248 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encodertifffuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...
YouPHPTube Encoder Command Injection (CVE-2019-5127; CVE-2019-5128; CVE-2019-5129)
A command injection vulnerability exists in YouPHPTube Encoder. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
Adobe Media Encoder Out-of-Bounds Write Vulnerability (CNVD-2020-13490)
Adobe Media Encoder is a video and audio encoding application. An out-of-bounds write vulnerability exists in Adobe Media Encoder 14.0 and earlier versions. An attacker can exploit this vulnerability to achieve arbitrary code execution...
CVE-2020-3764
Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2020-3764
Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...
Out-of-bounds
Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2020-3764
Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2020-3764
CVE-2020-3764 affects Adobe Media Encoder versions 14.0 and earlier. The issue is an out-of-bounds write in the encoder, which could allow arbitrary code execution when exploiting the vulnerability. Publicly referenced materials in connected docs indicate the fix was delivered in the APSB20-10 ad...
Adobe Patches Critical Bugs Affecting Media Encoder and After Effects
Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. Both critical vulnerabilities exist due to out-of-bounds write memory corruption issues and can be exploited to execute arbitrary code on...