CVE-2017-7758

An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

CVE-2017-7758

CVE-2017-7758 describes an out-of-bounds read in the Opus encoder when the number of channels in an audio stream changes during encoding. Affected products include Firefox < 54, Firefox ESR < 52.2, and Thunderbird

imagemagick/encoder_mvg_fuzzer: Crash in TracePath

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5349958956875776 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

Teradek Cube 7.3.6 - Cross-Site Request Forgery

Teradek Cube 7.3.6 - Cross-Site Request Forgery input type="submit...

imagemagick/encoder_mvg_fuzzer: Heap-buffer-overflow in TracePoint

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4883041250967552 Project: imagemagick Fuzzer: aflimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

UBUNTU-CVE-2018-11230

jbig2addpage in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted file...

The Axer - Tool To Automate The Procedure Of Creating Your Payloads With Msfvenom

The axer will replace the manual procedure of creating your payloads with msfvenom , making it easier and a lot quicker. THE AXER WILL LET YOU CHOOSE THE PLATFORM , FORMAT, ENCODER, Bind with another file and a lot of other features: Download The-Axer...

Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit

Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon3', 'Description' = %q CVE-2018-7602 / SA-CORE-2018-004 A remote code execution...

Linux/x86 execve /bin/sh Encoded Shellcode (44 bytes)

/ ; Title : Execve /bin/sh Shellcode encoded with ROT-13 + RShift-2 + XOR ; Date : April, 2018 ; Author : Nuno Freitas ; Blog Post : https://bufferoverflowed.wordpress.com/slae32/slae-32-shellcode-encoder/ ; Twitter : @nunof11 ; SLAE ID : SLAE-1112 ; Size : 44 bytes ; Tested on : i686 GNU/Linux...

Ruby Base64 Encoder

This encoder returns a base64 string encapsulated in eval%base64 encoded string.unpack%m0.first. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby Base64 Encoder', 'Description' = %q This...

imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::panasonic_load_raw

Detailed report: https://oss-fuzz.com/testcase?key=5147834853621760 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

imagemagick/encoder_dng_fuzzer: Stack-buffer-overflow in LibRaw::kodak_radc_load_raw

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5965403386806272 Project: imagemagick Fuzzer: aflimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_ptif_fuzzer: Use-of-uninitialized-value in ReadTIFFImage

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6258253836058624 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderptiffuzzer Fuzz target binary: encoderptiffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

Arista Networks EOS ASN.1 Encoder RCE (SA0020)

The version of Arista Networks EOS running on the remote device is affected by a remote code execution vulnerability in the ASN.1 encoder due to an underflow condition that occurs when attempting to encode the value zero represented as a negative integer. An unauthenticated, remote attacker can...

CVE-2017-17767

In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer...

CVE-2017-17767

In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer...

CVE-2017-17767

CVE-2017-17767 affects Qualcomm Media framework on Android CAF builds using the Linux kernel. The underlying issue is a use-after-free in the IL client where an OMX Video Encoder Component buffer is freed and then subsequently accessed, enabling Elevation of Privilege by a local attacker. Affecte...

imagemagick/encoder_mvg_fuzzer: Heap-buffer-overflow in TracePoint

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5650434216689664 Project: imagemagick Fuzzer: aflimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in QueryColorCompliance

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5538926652555264 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

Meterpreter Paranoid Mode - Meterpreter over SSL/TLS connections

MeterpreterParanoidMode.sh allows users to secure your staged/stageless connection for Meterpreter by having it check the certificate of the handler it is connecting to. We start by generating a certificate in PEM format, once the certs have been created we can create a HTTP or HTTPS or EXE paylo...